(g)(10) Standardized API for patient and population services

Smartbox| FHIR API for EHRs comprehensively supports the §170.315(g)(10) Standardized API for patient and population services certification criterion. Here's an overview of how Aidbox covers the key requirements:

Data Response

Aidbox fully supports responding to requests for both single and multiple patients' data according to the required standards:

• Implements FHIR R4 (HL7 FHIR Release 4.0.1) as the base standard
• Supports the US Core Implementation Guide for singlepatient data access
• Enables bulk data export using the FHIR Bulk Data Access specification for multiple patients

Supported Search Operations

Aidbox offers robust search capabilities that align with certification requirements:

• Supports all mandatory search parameters defined in US Core for single patient queries
• Implements the search criteria specified in the Bulk Data Access IG for multipatient queries

Application Registration

Aidbox provides a flexible authorization server that allows applications to register and obtain credentials for API access

Secure Connection

Secure connections are established using:

• OAuth 2.0 and OpenID Connect for patient and userscoped access
• SMART Backend Services authorization for systemscoped access

Authentication and Authorization

Aidbox implements the full SMART App Launch framework, supporting:

• Firsttime connections with refresh token issuance
• Subsequent connections using refresh tokens
• Token introspection capabilities1

Patient Authorization Revocation

Aidbox allows revoking application access at a patient's request, meeting the 1-hour revocation requirement.

Service Base URL Publication

Aidbox supports the ONC requirement for publishing service base URLs:

• URLs are published in FHIR Endpoint resource format

Documentation

{:tag "embed", :lines ["{% embed url=\"https://cmpl.aidbox.app/documentation\" %}"]}