19 May, 2022 | 3 min read

A Beginners Guide to Interoperability in Healthcare - Part 2

  • Joy Rathnayake
  • Associate Director/ Solutions Architect - WSO2

Photo by MART PRODUCTION from Pexels

In our previous article, we defined interoperability and its role in transforming the healthcare industry. In this article, we will give more details on how systems such as WSO2 Open Healthcare make this a reality. 

To explain and provide examples, we will use WSO2 Open Healthcare in our article.

WSO2 Open Healthcare solution is a turnkey solution for achieving US based CMS and Office of the National Coordinator for Health Information Technology (ONC) regulatory compliance. These solutions are built on WSO2’s world-recognized, leading platforms such as WSO2 API Manager, WSO2 Enterprise Integrator, and WSO2 Identity Server. Hence it can be leveraged for functions beyond just compliance. 

Key highlights of Open Healthcare are as follows:

  • This turnkey solution provides a great deal of flexibility, allowing healthcare stakeholders to become CMS and ONC regulatory compliant in weeks, not months. It’s modular, cloud-native, and hybrid architecture allows an enterprise to customize the solution to suit their unique requirements.
  • Solutions like WSO2 Open Healthcare connect multiple healthcare systems fronted by standards-based (HL7 FHIR ®) APIs, which are discoverable on a healthcare API marketplace. They often include In-built FHIR® accelerators including pre-built healthcare APIs, FHIR® and HL7 transformation, EHR connectors, Async FHIR repository, and FHIR® server.
  • Built on market-leading API, Integration and Identity and access management platforms. These include full lifecycle API Management with API gateway and API monetization, rate limiting, QoS, and healthcare API marketplace.
  • Integrated OIDC based API security, user consent management, and support for Consumer Identity Access Management (CIAM).
  • Provides no-code, low-code, or pro-code integration with advanced data mapping and FHIR® modules to support backend integration.
  • Zero or low operational overhead as the solution is hosted in the cloud, depending on the customer’s choice (e.g., Azure, AWS, GCP) and the vendor is responsible for managing and maintaining the solution.

Figure 1 shows the high-level solution overview of the WSO2 Open Healthcare solution:

Figure 1: WSO2 Open Healthcare Platform | Source: WSO2

Let’s break this down further as shown by Figure 2 and try to understand how WSO2 Open Healthcare can help healthcare organizations become CMS and ONC compliant quickly.

Figure 2: Source Systems | Source: WSO2

As shown by Figure 2, different stakeholders store their healthcare-related information here. These are stored in a variety of data formats including EMRs/ EHRs, relational or non-relational databases, flat files, file shares, cloud storage, etc. The first challenge is to connect with these various data sources. WSO2 Open Healthcare provides a set of connectors that abstracts complexities and simplifies the communication between them. Figure 3 shows a visual illustration of these connectors.

Figure 3: Types of connectors | Source: WSO2

As shown above, the solution already has connectors for popular EMRs and EHRs such as Cerner, Epic, etc. In the event of a new data source, WSO2 Open Healthcare provides a toolset to generate a connector automatically by reading the data sources’ underlying API specification. 

Once connected to the underlying data sources, it requires converting different data formats into HL7 FHIR ® formats. While this usually takes a lot of time and effort, WSO2 provides the integration and data transformation accelerators to speed things up. This is illustrated by Figure 4 below.

Figure 4: Data transformation accelerators

This data transformation includes converting different healthcare-related data formats such as X12 and HL7v2 to FHIR® and converting custom XML/JSON to FHIR®. Additionally, the data transformation accelerators validate outgoing schema to conform to FHIR® schema using FHIR® validators.

Once we connect to different data sources and transform the data into the necessary FHIR® format, there must be a uniform/managed way of exposing them as APIs/services. This can be done by building an API Management layer from scratch or integrating with a third-party API Management platform. WSO2 Open Healthcare removes the need to build a new layer from scratch by leveraging its inbuilt API Management layer. This is shown by Figure 5 below.

Figure 5: Aspects of WSO2 API Manager | Source: WSO2

The built-in API Management layer provides both FHIR® server and API gateway features, allowing healthcare organizations to expose APIs in a managed, governed, and secured manner. As shown in Figure 6, WSO2 Open Healthcare’s inbuilt API publisher/designer allows developers to onboard APIs easily. 

Figure 6: WSO2 API Publisher/ Designer

The platform’s inbuilt API Marketplace, shown in Figure 7 below, allows APIs to be found by developers, thereby bringing people, processes, and technology together under one roof. These API Management capabilities are not limited to healthcare use cases, and they allow onboarding several other APIs, and provides users the tools needed to build a powerful API-led integration platform, beyond CMS regulation.

Figure 7: API Marketplace

Another challenge faced by healthcare companies is the time and effort taken to onboard HL7 FHIR® specific APIs. Developers must review and understand the API documentation, prior to making their own implementations. This challenge also exists when dealing with common healthcare APIs as well.

FHIR ® API Definition Hub

As a possible solution, WSO2 Open Healthcare provides an FHIR® API Definition Hub, with all APIs related to the different international and US-specific CMS standards. This is shown by Figure 8 below. The platform autogenerates APIs and their OpenAPI Specification 3.0 and Swagger 2.0 definitions allows healthcare organizations to easily download and onboard them onto the platform.

Figure 8: FHIR ® API Definition Hub

The FHIR® API Definitions Hub is an evolving component and includes all other regulations across different countries and continents. Thus, it acts as a common healthcare API marketplace where stakeholders can take and onboard the required APIs into their platforms with ease.

Finally, the ability to enforce the right privacy settings is a key feature when complying with both CMS and ONC requirements or implementing other healthcare use cases. Figure 9 shows the Consent Management Workflow below.

Figure 9: Consent Management Workflow

WSO2 Open Healthcare provides a powerful Consent Management Workflow engine that can be configured to enforce the right balance of security and privacy on information being shared with third-party applications. Implementing consent management on WSO2 Open Healthcare is done in the following stages:

  • Consent Administration, where platform administrators define organizational consent policies using the admin portal.
  • Consent Requisitions, where app developers associate required consent policies with the applications.
  • Consent Collection, where patients/healthcare organizations can login to a self-care portal and add/update/revoke consent for each application or login to the application and add/update/revoke consent during the login process itself.
  • Consent Enforcement, where an application filter response/payload based on the user consent already provided.


While many enterprises are moving towards digital transformation, enterprise integration, and connected systems, the healthcare industry focused on day-to-day wellness. The time is right to move beyond working in silos and collaborate better by leveraging interoperability. Being interoperable with other healthcare organizations gives a chance to connect healthcare organizations and patients alike, transforming the industry as we know it.