Data Flow
This document provides a clear overview of the data flows involved in the Integration Layer of the Telemonitoring Project.
Context Integration : EHR To Telemonitoring (TM) Portal
Different Electronic Health Records (EHR) systems have unique integration requirements and existing endpoints. Because EHRs are less adaptable and often use established standards, integration must align with each system’s available interfaces.
Nexuzhealth KWS / Millenium / Synops / Primuz
Authorization : An oAuth token is issued based on specific prescriber client ID and secret.
Data exchange : Contextual data (in JSON) is posted to the Telemonitoring Portal with the valid oAuth token.
Content : The JSON payload includes only the data relevant for Telemonitoring, as defined by the hospital.
Epic
Authorization : Integration uses oAuth tokens.
Data Retrieval : Additional FHIR information can be requested from Epic once an oAuth token is obtained.
ChipSoft HiX
Authorization : A SAML token is issued through Zorgplatform.
Data Exchange : The authorized context is transferred to the Telemonitoring Portal using this SAML token.
Context Integration : TM Portal to TM Provider
Authentication : varies per Telemonitoring Provider and may include Authorization Headers, oAuth, or mutual TLS (mTLS)
Data Minimization : Only essential data required for the Telemonitoring Provider’s service is transmitted. This ensures compliance with privacy regulations and aligns with the principle of least privilege.
Outcome Integration : TM Provider to TM Portal
Push of Metadata: The Telemonitoring Provider sends back the status of the patient’s Telemonitoring session and any relevant attachments (e.g., PDFs, FHIR resources, or direct dashboard integrations).
Security Considerations: Metadata and attachments are transferred securely using encrypted channels. Access controls ensure that only authorized parties in the Telemonitoring Portal can view or process these results.
Outcome Integration : TM Hub to EHR
Webhook Integration: Each EHR system receives outcome data through a webhook push mechanism.
EHR-Specific Approaches: The exact connection method depends on the EHR’s technical requirements. Regardless of method, strong authentication and secure transport (e.g., TLS) protect the data in transit.
EHR to Health Hubs
Extended Data Accessibility: For broader therapeutic relationships, the hospital can forward data to designated Health Hubs through existing EHR-to-Health Hub integrations.
Manual HCP Interaction: A healthcare professional (HCP) must review or authorize data transfers to Health Hubs, ensuring adherence to clinical judgment and privacy best practices.
Decentralized Approach: This decentralized flow allows manual oversight, preventing unintended disclosures and supporting compliance with data protection regulations.