Get Started

This section guides you through a step-by-step implementation required by the CMS Interoperability and Patient Access rule. When you are through with the implementation, you would have enabled patient access to claims, payment, encounters, clinical, and formulary information through third-party applications using a secure, standards-based Patient Access API. Although, the USCDI and CPCDS data elements require the upload of Clinical and Financial data, in this sample scenario, we use HL7 (v2.5.1 ADT A01) and HIPAA (837P) files as sample data files to demonstrate the implementation.

The following are the basic steps of this sample scenario:

1. Install XES Module for FHIR and all the prerequisites.
2. Upload HL7 and HIPAA data to a FHIR server.

At this step, your data is validated, converted to the FHIR format, de-duplicated, and uploaded to the FHIR server.

• Set up a secure authorization service based on the OAuth 2.0 framework using XEConnect.

At this step, you configure a sample application client that instructs the XEConnect service on how to issue a token to a particular client application (a browser, a web service, a mobile app, and so on). You also define the permitted FHIR resources the client application can request for, redirect URIs, the permitted grant types, the intended token recipients, and so on.

4. Access data through the API using the OAuth 2.0 authentication type.

At this step, you place a request for FHIR resources using the Patient Access API through Postman - a tool that allows you to test calls to APIs.

5. Access data through an XEServer route using the FHIR component.

At this step, you configure the XEServer FHIR Search component to access the required FHIR resources using the OAuth 2.0 authentication type.