1 / 21

Combining Healthcare Standards with Other RESTful APIs

Learn how to combine healthcare standards with other RESTful APIs to innovate and drive change in the healthcare industry. Discover methods, risks, and mitigation strategies. Presented by Brad Genereaux, Product Manager at Agfa HealthCare.

baltz
Télécharger la présentation

Combining Healthcare Standards with Other RESTful APIs

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Combining Healthcare Standards with Other RESTful APIs Brad Genereaux Product Manager, Agfa HealthCare Co-chair, DICOM WG-27 Web Technologies Co-chair, HL7 Imaging Integration / DICOM WG-20 @IntegratorBrad

  2. Disclosures • Product Manager at Agfa HealthCare • Co-chair of DICOM WG-27 Web Technologies • Co-chair of HL7 Imaging Integration / DICOM WG-20

  3. Learning Objectives • By the end of this presentation, attendees should be able to: • Understand the value in connecting non-healthcare REST APIs • Understand the general methods to accomplish this • Understand the risks and mitigation strategies in doing this

  4. Last Year at SIIM15…

  5. Healthcare Standards are at your Disposal … but challenges expand beyond these domains ...

  6. My Eleventy Billion Dollar Innovation = $70 Missed Appointment = 20% AvgCancellation Rate • Challenge – Connecting Telephony: • Do you perform integrations into each PBX system or into each telephony provider? • How do you guarantee up-time? What happens when an API changes? • This quickly becomes untenable when scaling deployments • How can we maximize re-use and minimize effort? = $168,000 Annual Loss for 1,000 monthly visits “Yes.” “Hi Alex. You have an appointment today at 9:30am. Will you still be coming?” The Innovation “Yes.” “Sally, before we can image you, is there any chance you might be pregnant? “It is unsafe to proceed with your CT. We will release your CT slot to other patients, and follow-up with an MRI. How is Friday at 10am?”

  7. Someone else has solved your problem … … but they may not be in the healthcare space ...

  8. Example API : Twilio • Telephony REST API provider • Enable your applications to • send out text messages • make phone calls • solicit input via voice or digit presses • text-to-speech and speech-to-text • Simple to implement using “TwiML” language (XML-driven) https://www.twilio.com

  9. Good APIs follow the “555” Rule 5 seconds to Documentation 5 minutes to Hello World 5 hours to Prototype

  10. Combine APIs to Innovate Exponentially ?

  11. Example API Aggregator : IFTTT • If This, Then That • “Consumertizes” API access for the end users • Defines a “service” as an API endpoint • Defines a “recipe” as a combination of two services with an action https://ifttt.com

  12. Innovate with Building Blocks Send myself a text five mins before my meeting Call an Uber to take me to work when it rains Log tweets on #SIIM16 to my notepad

  13. Innovate with Healthcare Standards Call patients to remind them of appointments Log all images with cancer to my notepad When patient admitted to room, warm to 72 degrees Increase staff in ER during freezing rain forecasts Call Uber to pick up patients for appointments without transport E-mail patient their images after each visit

  14. How to Connect to an API 5 seconds 5 minutes 5 hours

  15. What is an API key? • This uniquely identifies you to the service • They may collect usage metrics or for billing • Usually passed as an HTTP header or query parameter

  16. Security • Always use HTTPS • Never post your application keys anywhere • Nor embed the keys in a system at risk of being reverse-compiled • Proxy calls to drive connectivity from servers where relevant (XSS) ! ! Won’t work due to XSS

  17. Privacy • Understand the cloud environment where data is stored • Need to understand your liability • Understand methods to mitigate or control risk • i.e., two-factor authentication

  18. Testing • Health data have structures that will break your apps • Both in your own application and in the API provider • i.e., looking up an address in Google Maps but the patient has no fixed address • So, test both your core and edge cases • Follow OWASP guidelines (https://www.owasp.org/index.php/Data_Validation) • Handle HTTP errors you receive gracefully • Know your rate limits

  19. Useful Links • API Directory from Programmable Webhttp://www.programmableweb.com • API Conferences and Hackathonshttp://devpost.com • If This, Then Thathttp://ifttt.com • Open Web Application Security Project (OWASP)https://www.owasp.org/index.php/Data_Validation

  20. Connect to APIs …

  21. … And Innovate Healthcare Someone else has solved your problem … Use their solutions to your advantage, to innovate and drive change @IntegratorBrad

More Related