For Telemonitoring Providers

Integration
Documentation

Global Architecture

Context Integration

Context Integration is used to send EHR information to the Telemonitoring Provider.
This is done through the Telemonitoring Prescription Portal and will send a prescription request to the provider via a JSON REST call.

The Telemonitoring Prescription Portal is used directly by the HCP via a User Interface.

Security

The communication between Portal and Provider happens through HTTPS calls. These calls are protected with authentication headers chosen by the Telemonitoring Provider. The Telemonitoring Provider chooses which fixed headers are set by the Provider and which are configurable by the hospital. This way a hospital can have multiple instances of Telemonitoring Provider applications, defined by different custom headers.

The Prescription Request

The Prescription Request is triggered when a HCP clicks on the ‘prescribe’-button.
A HTTPS POST request will be triggered and will contain at least the following default content

{
  "telemonitoringId": "xxx",
  "patientId": "yyy",
  "prescriber": {
     "id": "zzz",
  }
}

telemonitoringId : This ID is unique within the Telemonitoring Portal and is needed if you want to attach results of the Telemonitoring Service back to the EHR.
patientId : A unique patient identifier defined by the hospital. Ideally this is a pseudonymized ID only known by the hospital, who can map this back to the patient.
prescriber > id : A unique hospital identifier. This is globally unique.

Next to this type of data other data can be requested as well.
This is the current, non exhaustive list of data you can receive. Note that more data can be requested and we’ll continue working with EHR’s to expose this data if the Telemonitoring Provider needs it to run successful Telemonitoring Sessions.

patientId	Unique pseudonymized identifier of the patient
patient > citizenId	SSIN of the patient
patient > firstName	Firstname of the patient
patient > secondName	Secondname of the patient
patient > lastName	Lastname of the patient
patient > email	Email of the patient
patient > birthDate	Birthdate of the patient
patient > gender	Gender of the patient
patient > language	Language of the patient (2 characters)
patient > nationality	Nationality of the patient
patient > street	Street of the patient
patient > number	Street number of the patient
patient > bus	Street bus of the patient
patient > postalCode	Postal Code of the patient
patient > city	City of the patient
patient > country	Country of the patient
patient > tel	Deprecated – replaced by phoneNumber
patient > phoneNumber	Phone number of the patient
patient > mobilePhoneNumber	Mobile phone number of the patient
prescribingHcp > id	Deprecated – RIZIV number of the prescribing HCP
prescribingHcp > healthProviderId	RIZIV number of the prescribing HCP
prescribingHcp > citizenId	SSIN of the prescribing HCP
prescribingHcp > firstName	First Name of the prescribing HCP
prescribingHcp > lastName	Last Name of the prescribing HCP
responsibleHcp > id	Deprecated – RIZIV number of the responsible HCP
responsibleHcp > healthProviderId	RIZIV number of the responsible HCP
responsibleHcp > citizenId	SSIN of the responsible HCP
responsibleHcp > firstName	First Name of the responsible HCP
responsibleHcp > lastName	Last Name of the responsible HCP
generalPractitioner > healthProviderId	RIZIV number of the GP
generalPractitioner > citizenId	SSIN of the GP
generalPractitioner > firstName	First Name of the GP
generalPractitioner > lastName	Last Name of the GP

The following fields are currently being investigated to add :

surgery > procedure > id	procedure code
surgery > procedure > description	procedure humanly readable description
surgery > procedure > startDate	start date of the procedure
surgery > procedure > surgeon > id	RIZIV number of the surgeon
surgery > procedure > surgeon > firstName	First Name of the surgeon
surgery > procedure > surgeon > lastName	Last Name of the surgeon
surgery > procedure > laterality	Laterality within the procedure

When receiving this request as a Telemonitoring Provider you have three options :

Option 1 : You have enough information and can confirm the request
in this case you return a status code 200, with an empty body

Option 2 : You need more information and can not confirm the request (yet)
You return a status code 200, body should contain a URI where you can fill in the missing information : { url : <https://...>}

Option 3 : You can’t confirm the request (because of any reason)
If you do not want to accept the request you should return a different status code, like 401 or 404.
You can include a message in the body to explain the reasoning : { message : 'DPA has not been signed yet' }

Outcome Integration

Authorization

All API calls towards the Telemonitoring HUB require an Authorization Header. The Telemonitoring Provider will have to request a valid access_token based on the provided client and secret.

HTTPS	POST	https://api.telemonitoring-prescription.com/auth/providers
HEADER	Authorization	Base64 encoded client:secret (provider specific)

Example Response :

{
  "access_token":"eyJhbGciOiJIU...",
  "token_type":"bearer",
  "expires_in":3600
}

The client and secret are specific to a Telemonitoring Provider. Requesting a client ID and secret can be done via support@telemonitoring-prescription.com, check out the I want to get started section at the bottom of this page.

Status Update

EHR’s can be kept up to date with the data you provide as a Telemonitoring Provider. This is done by informing the Telemonitoring HUB with the needed information.
Keep in mind that informing the Telemonitoring HUB is only possible with the Telemonitoring ID. This ID is received during the request through Context Integration.

A Telemonitoring Session always has a status. The diagram below shows the possible statuses and the possible. transitions between those statuses. As Telemonitoring Provider you are the owner of the status of each session. An HCP can request a status change though the supported actions (see later section).

Carepath HL7

During a status update call it’s possible as a Telemonitoring provider to inform the EHR about the carepath for which the Telemonitoring Prescription has been created via the carepath property. This carepath property can be passed along with any status update towards the Telemonitoring HUB and will be persisted with the corresponding telemonitoringId. This means that as a Telemonitoring Provider you only have to pass the carepath once or you can also decide to pass it towards the Telemonitoring HUB with each update. The carepath is added by the provider when there is a link to a validated HL7 carepath. This link refers to to the HL7 implementation Guide.

Example carepath for Heartfailure can be found here (Telemonitoring Hub Identifier): https://build.fhir.org/ig/hl7-be/patient-monitoring/branches/main/heartfailure.html

Status : Requested

The Prescription Request is triggered when a HCP clicks on the ‘prescribe’-button. Each Telemonitoring session will initially be created in the status “Requested”.

Status : Accepted

The first thing you need to inform the Telemonitoring HUB of is if you accepted the Telemonitoring Prescription Request. Doing so is done through a PUT request to the Telemonitoring HUB. Changing the status of a Telemonitoring Session to “Accepted” is only possible in case the current status of the session is “requested”.

PUT : https://api.telemonitoring-prescription.com/prescription
HEADERS : { Authorization : access_token }
BODY : 
{
  telemonitoringId: 'xxx',
  status : 'accepted',
  providerContext : '<extra provider context>',
  carepath : {id : 'hl7-be/...', version : 'x'}
}

Note that you can add a providerContext. This can be used if the Telemonitoring Provider wants to add extra context to the HUB, which could be relevant for the EHR.

Status : In-Progress

The status ‘in-progress’ can be sent by the Telemonitoring Provider to inform the EHR the Telemonitoring Session is ongoing and measurements or data relevant to the Telemonitoring Session is or can become available. Changing the status of a Telemonitoring Session to “In-Progress” is only possible in case the current status of the session is “Accepted”.


PUT : https://api.telemonitoring-prescription.com/prescription
HEADERS : { Authorization : access_token }
BODY : 
{
  telemonitoringId: 'xxx',
  status : 'in-progress',
  providerContext : '<extra provider context>',
  carepath : {id : 'hl7-be/...', version : 'x'}
  attachments : [...]
}

Note that in the status 'in-progress', attachments can be defined. We cover attachments in a separate section.

Status : Cancelled

“Cancelled” is a status if the HCP decided to cancel a Telemonitoring Session. This is done by the cancel action. Changing the status of a Telemonitoring Session to “Cancelled” is only possible in case the current status of the session is “Requested” or “Accepted”.
Note, that for most Telemonitoring Sessions a cancel can only happen if there was no data measured and only if the Telemonitoring Provider supports the ‘cancel’ action.

PUT : https://api.telemonitoring-prescription.com/prescription
HEADERS : { Authorization : access_token }
BODY : 
{
  telemonitoringId: 'xxx',
  status : 'cancelled', 
  carepath : {id : 'hl7-be/...', version : 'x'}
}

Status : Completed

When the Telemonitoring Session has ended a status update to “Completed” needs to happen. The EHR is in that way informed that no further data will become available on that specific telemonitoring ID. Changing the status of a Telemonitoring Session to “Completed” is only possible in case the current status of the session is “Accepted” or “In-Progress”.

PUT : https://api.telemonitoring-prescription.com/prescription
HEADERS : { Authorization : access_token }
BODY : 
{
  telemonitoringId: 'xxx',
  status : 'completed'
  providerContext : '<extra provider context>',
  carepath : {id : 'hl7-be/...', version : 'x'}
  attachments : [...]
}

Attachments

The Telemonitoring HUB can receive 3 types of data and make those available to the EHR.

Type 1 : PDF

The PDF gives an overview of the Telemonitoring Session in a human readable format. This can be shared with the health hubs. Every PDF has a unique ID, which makes it possible for the EHR to know if an update to the same file occured. If you share multiple languages, you should add the contentLanguage attribute.

The Telemonitoring HUB does not import or read data in any way. The data remains on the side of the Telemonitoring Provider and it is up to the EHR to download the data. That means the HUB will only share metadata on the PDF.

Example of a PDF document :

{
  "id":"pdf",
  "etag":"f2fd2ddd34eebc9d039f5e693b95a61c",
  "contentMD5":"f2fd2ddd34eebc9d039f5e693b95a61c",
  "contentLength":255917,
  "contentType":"application/pdf",
  "lastModified":"2024-09-30T07:44:17.335Z",
  "contentLanguage":"nl",
  "uri":"https://xxx/pdf?token=0ba1b31c",
  "headers": { 
     "X-Custom-Header": "HeaderValue" 
  }
}

It’s highly recommended as a Telemonitoring Provider to add MD5 hash and content Length to guarantee there is no data loss or corruption during download of the file by the EHR.

Type 2 : FHIR

Next to PDF, all carepath data that is sent through the Telemonitoring HUB requires a structured FHIR format as well so parsing, visualisation and re-use can be guaranteed. The FHIR format and definition is going through a fixed process, which you can see in the flow chart below.

Example of the FHIR structure

{
  "id": "summary",
  "contentType": "application/fhir+json",
  "contentMD5": "YWIzZGVmNA==",
  "contentLength": 120,
  "lastModified": "2023-09-02T12:30:00.000-05:00",
  "etag": "\"12345abc\"",
  "uri": "https://example.com/resource1",
  "headers": { 
    "X-Custom-Header": "HeaderValue" 
  }
}

Type 3 : Dashboard

The final Type is required when visualisation is needed and done by the Telemonitoring Provider. This can be the case by specialized dashboard requirements (for example a neurologists dashboard to monitor and view multi modal signals). In this case a URI is shared that can be included and i-Framed by the EHR.

{
  "id": "customId2",
  "contentType": "x-tm-dashboard",
  "uri": "https://example.com/dashboard",
  "headers": { 
     "X-Dashboard-Header": "DashboardValue" 
  }
}

Securing your data

As the Telemonitoring HUB acts as a gateway for metadata, but doesn’t store data the EHR needs to get data from the Telemonitoring Provider in way that it is safe for the Telemonitoring Provider to not expose this data. There are several ways of doing this and as a Telemonitoring Provider you are free to choose your way of working. Hereby some ways we’ve seen that might work for you.

Obscuring the URI :
This makes the URI impossible to guess, which guarantees that only the EHR can actually read this information.

Adding a prescriber specific token to the URI :
Adding a Token enables you to know what prescriber you’ve sent the data to and validate the correctness of the token. This gives you more control and information versus obscuring the URI.

Limiting in time (signed URI or temporary token) :
This makes the availability of the URI temporary and limits the security risk drastically.

Limiting in requests :
This guarantees a read only-once and so reduces the security risk.

Adding extra headers in the metadata of the HUB :
This URI requires extra authentication that needs to be added by the EHR before downloading. This functionality is currently not supported by the Telemonitoring Portal (so downloading of files with extra authentication will not work with the Telemonitoring Portal)

As an extra security measure some EHR’s will also use white-listing on DNS level and so will require the DNS where you store data on upfront. This will be requested by the Telemonitoring HUB during activation

Attachment Limitations

There is currently a soft limit of 10 attachments
There can be multiple FHIR, PDF and Dashboard URI’s available for a Telemonitoring Prescription.
Every FHIR, PDF and Dashboard are identified by a unique ID defined by the Telemonitoring Provider.
Every attachment should be made available. If it is out of the array in the webhook, the EHR can mark it as deleted.

Supported Actions

If supported by the Telemonitoring Provider and the EHR, an HCP can trigger actions towards the Telemonitoring Provider. Current supported actions by the Telemonitoring Prescription Portal are stop and cancel.

When the HCP triggers such an action, the Telemonitoring Prescription Portal will trigger the Telemonitoring Provider via the given Action URI:

POST : Action URI webhook
HEADERS : { headers as defined by the Provider }
BODY : 
{
  telemonitoringId: 'xxx',
  prescriber: {
     id: '...'
  },
  action: 'stop' or 'cancel'
}

It is up to the Telemonitoring Provider to adjust the status of the Telemonitoring Session according to your business rules and update the Telemonitoring HUB of the status change as described in the section on Status Updates.

I want to get started!

Are you ready to get going and want to get integrated into the Telemonitoring Portal and HUB?

Great! When you’ve implemented the Context and Outcome integration like described above we just need you to send us a bit of information and we will configure you as a Telemonitoring Provider.

What information do we need?

Name	Telemonitoring Provider Application Name
Provider	Telemonitoring Provider Company Name
Description	Description available to the HCP
Fields	A list of fields (of the available fields which you can find at the top of this page) that you as a provider would like to receive.
Supported Actions	[‘stop’, ‘cancel’] : do you support one of these action items?
Headers	What headers do you expect the Telemonitoring HUB to include when requesting you?
Prescriber specific Headers	What (custom) headers can be filled in by the hospital when configuring / activating you in the portal?
URI	What is the URI the HUB can POST to when triggering a new Telemonitoring Prescription
Action URI	What is the URI the HUB can POST to when triggering a new Telemonitoring Action

You can send this configuration to support@telemonitoring-prescription.com

Once we got this information we’ll set you up as soon as possible and activate an environment for you where you can test the whole flow. After that we can set you up in production.