Leveraging Healthcare API to transform Interoperability: API Security and Privacy

Interoperability remains one of the biggest challenges facing healthcare organizations today. Despite the advancements made through digital transformation and API that allow increased interoperability, patients still have to contend with a different patient portal for each provider they visit. Several health systems are unable to successfully exchange EHR data. API transfer and consolidate patient information including medical history and treatment records across the disparate healthcare systems. Mobile apps use API to gather data from various medical wearables and add the data to a patient's health record. However, API exposes application logic and sensitive data information giving patient data a window to the World Wide Web and has thus increasingly become a target for attackers. As the need for tighter API security grows, managing APIs becomes more important than ever. The goal of this paper is to provide an overview and discuss research questions that can aid in understanding and building the knowledge base on API data integration and interoperability.