There have been numerous attempts at improving at how medical and wellness care are delivered and managed here in the United States. HealthCare.gov (aka, ObamaCare) had some initial hiccups, but is now helping millions get access to quality and affordable care. Insurance companies are making attempts to simplify services and reporting, and are participating in healthcare exchanges to provide a wider array of insurance options. On the provider side, doctors and hospital are making it easier for patient to communicate with them through web, mobile apps etc. Data is at the core of these changes, and this data is now being used in cutting-edge ways, all because of APIs.
We are proud to be part of one of the most innovative initiatives for combining data and technology to improve the delivery of healthcare data. Today we announced our partnership with Healthdirect Australia. Healthdirect will be using our API management and SOA governance solutions to enable their organization to expose data services and deliver access to health data anywhere in Australia. Beyond being a revolutionary new way to help provide better health services, it also serves as an example of how change can be effectively created for healthcare globally. Our Healthdirect Australia case study provides more specific details, but let me explain the solution and the magnitude of what it offers:
Data is the asset and the problem
The problem being faced in Australia is similar to situations all over the world, and what Healthdirect has done serves as a great solution model. The issue at stake was finding a way to make health data available easily (but securely) in a national directory so that service providers like doctors, pharmacies, hospitals and emergency departments could access and make use of patient information. The goal was to make it available anytime, anywhere (via mobile or on-premise), and be able to cut through the numerous agencies that require health-related data. To make this happen, Healthdirect Australia uses the SOA Software API Management platform to republish its SOAP services as REST APIs for consumption by widgets and other applications. Also by making these services available as REST APIs, it is now possible for their affiliates and partner to embed this service in their channels, increasing exponentially the number of channels through which is data can now be accessed by citizens in Australia.
Healthdirect worked closely with us to develop what is now known as the National Health Services Directory (NHSD), which integrates and delivers this healthcare data to medical practitioners, pharmacies, hospitals, emergency care facilities, and a variety of other users. Prior to creating NHSD finding relevant patient and care information required long time periods and innumerable cycles of bureaucratic red-tape. As we have seen in the United States, without a central repository for data records management, patients have a reduced chance to be treated effectively because providers cannot see the details of their entire health history. Additionally, prior to NHSD, patients were missing opportunities to qualify for government and insurance-related benefits because of a lack of information.
A gateway for APIs and healthcare data
The challenge was data access, integration and delivery. This is where Healthdirect was able to use our API management and SOA governance solutions to create a foundation for their organization.
Securing and managing API data
The major advantage of these REST APIs is that they make availability so pervasive, but with that comes the issue of access and security. API Gateway ensures that the data being called and served goes through the proper mediation and authorization processes so that it is available only to apps that should have access to it, and to users with appropriate privileges.
The API Gateway supports JSON, JSONP (JSON Padding), and CORS for cross-domain requirements. It also has the capability to assign and manage API keys so that it can license and monitor the type of access the developer or app has. This means that NHSD services stay open to the right users and developers. Healthdirect has even gone so far as to integrate their LDAP server with SOA Software’s API Gateway so they can federate access credentials based to a single identity source.
Because security is of such great concern, Healthdirect’s version of our API Management platform is run through Amazon Web Services (AWS) as a private cloud deployment. SOA Software’s solutions can be deployed both in private and public cloud instances, but because Healthdirect demanded strict security guidelines, AWS provided the perfect solution for management and delivery. We capitalized on our PCI DSS certified PaaS to integrate with other Healthdirect infrastructure and security vendors to set up a secure API management solution in Healthdirect’s Amazon cloud infrastructure. With our flexible API management capabilities, we implemented detailed security elements like disabling weak cipher suites, disabling SSL renegotiation, and providing PII compliance. With this level of precautionary measures, Healthdirect was comfortable moving forward to make NHSD a reality.
I won’t pretend to be able to speak on the political or bureaucratic nature of healthcare in this country. It’s a hot topic, and we all come to the issue with our own stories and opinions. But I have the perspective of seeing healthcare improving, and it has nothing to do with doctors, insurance providers or the government. It is all about using technology to distribute data so that patients, caregivers and other stakeholders are better informed. The thing that is driving this innovation is the API, and because of how APIs work with data, there is a direct correlation to people getting better and more efficient care.