API Management is a façade over the FHIR infrastructure providing a layer of orchestration between FHIR endpoints and the payer’s enterprise systems/services. Scenarios, where such business service orchestration would be needed, include validating members’ consent against a consent repository before providing access to requested FHIR resources as well as member matching services to retrieve member identifier and its associated FHIR resources. 

Another benefit of this model is the degree of control afforded to health plans. The API management functionality in this infrastructure enables payers to plan and operationalize the management of access to critical FHIR infrastructure by external & internal stakeholders. The internal stakeholders are payer's member and provider portals while external stakeholders are third-party apps and other health plans. Payers can leverage the monitoring and usage reporting of API management functionality
as part of their support activities.

Obtaining these results is possible for many health plans. Payers can leverage their existing API management infrastructure and reconfigure it to match this architectural pattern. This format serves as a gateway to access FHIR infrastructure resources and can be extended to monitor usage and inappropriate access. This façade provides a degree of flexibility and affords plans the option to customize their service offering and boost their security protocols.

For more information on how Sagitec’s HealFHIR solution can help your organization with processes like API management, click below.