This documentation provides instruction to access EBIO-METRONICSs Patient Data API (EBIO-METRONICS PDAPI). EBIO-METRONICS PDAPI provides access to patient data as part of certification criteria outlined by the Office of the National Coordinator for Health Information Technology (ONC).
This document should be used by third parties as a reference to access patient clinical data. This document serves to fulfill the following criterion outlined by ONC.
- 170.315(g)(7) Application Access – Patient Selection
- 170.315(g)(9) Application Access – All Data Request
Authentication
In order to access patient information, any patient or patient representative should first be registered to the EBIO-METRONICS EHR portal. Upon account setup a practice Id, username and password will be created that will be used to access the EBIO-METRONICS EHR.
API URL: {domain-url}/accessibility_api/apiLogins.php.
Parameters:
| Field Name | Data Type | Required |
| practice_id | Varchar(string) | YES |
| username | Varchar(string) | YES |
| password | Varchar(string) | YES |
Method: POST
Post Data Format: JSON
Headers:
{
"Content-Type":"application/json"
}Body:
{
"practice_id": String,
"username": String,
"password": String
}Successful Response API:
NOTE: If all parameters are correct and matched with Application then will return successful response with a session Id and format will be JSON.
Example:
{
"error": {
"code": 0,
"desc": ""
},
"message": "Login Successful",
"PHPSESSID": "jg94vdk1hr4p3nhanjjl7jt467" }Exceptions handling in Response of API:
NOTE: All parameters are required so if any parameter will be miss then API response will come with error code and if credentials will be wrong then also return wrong credentials message with error code.
Example 1: If credentials will be wrong then following response will come.
{
"error": {
"code": 10,
"desc": "Invalid credentials"
}
}Example 2: If any parameter will be missing then following response will come.
{
"error": {
"code": 1,
"desc": "Missing credentials parameter"
},
"message": "Missing Password"
}Application Access – Patient Selection – 45 CFR 170.315(g)(7)
In complaince to 45 CFR 170.315(g)(7), EBIO-METRONICS provides an API that receives a request with identifying information about a patient and returns a unique token specific to that patient. The unique patient token can be used as a parameter when calling the data access api endpoints. The account must be setup to have access the patient requested.
API URL: {domain-url} /accessibility_api/patient_selection.php
Parameteres:
| Field Name | Data Type | Required |
| firstName | Varchar(string) | YES |
| lastName | Varchar(string) | YES |
| dob | Varchar(string in ‘MM-DD-YYYY’ | NO |
| phpsessionId(Token) | Varchar(string) | YES |
Method: POST
Post Data Format: JSON
headers:
{
"Content-type":" application/json",
"Bearer": Token returned from login
}
Body:
{
"FirstName":"Myra",
"LastName": "Banks"
}Sample Response:
On Success:
{
"Data":{
"patientId": "eBio565"
}
}On Failure:
{
"error": {
"code": 6,
"desc": "Session not established"
},
"message": "Please authenticate"
}Application Access – All Data Request – 170.315(g)(9)
EBIO-METRONICS provides access to patient clinical data, in compliance to 170.315(g)(9).
This API responds to requests for patient data for all the data categories specified in the current USCDI requirement.
API URL: {domain-url} /accessibility_api/ fullDataRequest.php
Parameters:
| Field Name | Data Type | Required |
| patientId | Varchar(string) | YES |
| category | Varchar(string) | YES |
| phpsessionId(Token) | Varchar(string) | YES |
The sample request is shown below:
Method: POST
Post Data Format: JSON
headers:
{
"Content-type":" application/json",
"Bearer": Token returned from login
}Body:
{
"patientId":" eBio565",
"category": " ccda_complete"
}Successfully Response of API:
NOTE: If parameters matched with system then return full CCDA 2.1.
Example:
{
"data": " {xml version="1.0" encoding="UTF-8"}............{/ClinicalDocument}"
}
Full Patient Data in CCDA XML format.Patient Data API Terms and Conditions
ONC CERTIFIED HIT® is a registered trademark of HHS
SLI CERTIFIED® is a registered trademark of Gaming Laboratories International, LLC dba SLI Compliance.