Guide: Share medical data across mobile platforms

The interoperability group Integrating the Healthcare Enterprise (IHE) International has released a guide for simplifying mobile access to health documents for patients and providers.

The guide describes a simplified application programming interface, or API, to access health records through a patient portal, an electronic health record, a personal health record or a health information exchange.

It uses a REST, or representational state transfer, Web-based architectural framework and builds on metadata concepts found in earlier specifications from IHE and international standards group HL7, but simplifies them for web-enabled devices and applications.

The guide looks at various situations in which the standards might be applied, including home health and monitoring devices; patient kiosks in hospital registration departments; apps to access or submit patient history data; and electronic measurement devices that need to access patient history information from EHRs or HIEs.

It notes that common uses of HTTP might not be secure enough for transferring sensitive healthcare data. It also suggests that developers use a risk analysis in the design of applications, and that healthcare organizations perform their own risk analysis of the environment in the deployment and operation of them.

The aim is to define one standardized interface that will allow patients and physicians to view health documents on mobile devices, including tablets, smartphones and embedded devices such as those used for home health monitoring.

"This profile is also applicable in larger systems where the needs are simple, such as to pull the latest summary for display on a secondary monitor," according to IHE.

Siloed systems have long been the bane of efforts to connecting EHRs and HIEs, with various workgroups trying to sort things out and keep all the players happy. Add physicians and their mobile devices to the mix and security issues come into play, as well. A recent article in Becker's Hospital Review warned that providers could be turning to commercially available cloud storage such as iCloud or Dropbox to stash info on the go--a HIPAA security nightmare.

Meanwhile, the Office of the National Coordinator for Health IT has challenged grantees of its state HIE program to increase consumers' access to their own health information. Increasingly, that means mobile access.

To learn more:
- read the mobile access guide
- here's the IHE release
- submit comments on the guide here
- read the Becker's Hospital Review story