The New Rules of Healthcare Platforms: APIs Enable the Platforming of Healthcare

The New Rules of Healthcare Platforms: APIs Enable the Platforming of Healthcare

0 View

Publish Date:
27 May, 2023
Mental Health
Video License
Standard License
Imported From:


Recent regulations have mandated the use of HL7 FHIR APIs (application programming interfaces) to share health data. The regs apply to healthcare providers, payers, and technology developers who participate in federal programs. Many incumbent healthcare organizations are viewing these mandates as a compliance burden. That’s short-sighted. We recommend a more opportunistic POV.

APIs facilitate the sharing of health data across different devices and platforms. By adopting APIs, healthcare organizations can transform themselves from traditional service providers into powerful platforms that can connect patients, providers, and other stakeholders in new and innovative ways.

This blog post is the fourth in the series on The New Rules of Healthcare Platforms. In this essay, we explore the many benefits of API adoption for healthcare organizations and the key considerations that must be taken into account when implementing APIs:

Healthcare’s Data Inflection PointAPIs Enable Platform Business ModelsBarriers, Challenges, Reality Check

Healthcare’s Data Inflection Point

Compared to other industries, healthcare generates a disproportionately large amount of data. According to RBC Capital Markets, “30% of the world’s data volume is being generated by the healthcare industry. By 2025, the compound annual growth rate of data for healthcare will reach 36%. That’s 6% faster than manufacturing, 10% faster than financial services, and 11% faster than media & entertainment.”

Over the past 15 years, new regulations have driven digitization, data interoperability, and data sharing. The goal of regulations has been to liberate patient data that has previously been unstructured and trapped in patient silos. Venture capitalist Kahini Shah summarized these regulatory efforts in her article entitled Healthcare Data APIs – An Upcoming Multi-Billion Dollar Market?:

Recent regulation is forcing digitization, aggregation and transmission of medical records. Congress passed the HITECH Act in 2009, prompting the adoption of electronic health records. Before that medical records were paper based. Healthcare data is incredibly siloed, every American sees an average of 19 providers in their lifetime. Connecting these disparate electronic systems and having them exchange information is called interoperability. In 2020, the HHS and CMS implemented two rules that mandate patient access to their medical records and interoperability. These transformative rules give patients the right to access their data when they need and make it available via APIs. The interoperability rules state that there is no blocking – EHRs must allow data to be shared easily across different systems owned by different vendors.

Shah points out that many early-stage companies already “get” healthcare APIs. There are many companies connecting, aggregating, and transmitting medical records:

Healthcare data is at an inflection point. After a decade-long regulatory march, COVID accelerated the adoption of digital health technologies. Healthcare consumers are demanding the levels of service and responsiveness that they experience elsewhere. Will incumbent healthcare organizations latch on to the opportunities presented by APIs?

PIs Enable Platform Business Models
“APIs are at the basis of platforms business models on which ecosystems are built.”—Paolo Malinverno, Research Vice President, Gartner
The Strategic Value of APIs

APIs are becoming increasingly essential for achieving growth, driving innovation and gaining a competitive edge in today’s business landscape.

Deloitte explained why APIs must be viewed more broadly: “APIs have often been treated as tactical assets until relatively recently… Cut to today’s reality of digital disruption and diverse technology footprints. In many industries, creating a thriving platform offering across an ecosystem lies at the heart of a company’s business strategy”

Success with APIs requires a broader perspective on how technology can be used to support business objectives. Tiffany Xingyu Wang and Matt McLarty explained in their Harvard Business Review article entitled APIs Aren’t Just for Tech Companies:

Companies that have been most successful with APIs display common thinking patterns and practices, something we call the “ways of the API.” Following are three of the most impactful of these patterns.

1) The Unbundling Way: Dismantling and Rebuilding Business Capabilities Through APIs. Jeff Bezos published a corporate edict around 2002 mandating that from that point forward, all product teams were required to expose their data and functionality through APIs. Not only that, he insisted that teams were only allowed to communicate with each other through these APIs. It was an extreme step intended to promote team autonomy and product agility. It was a few years before the mandate took hold, but it created an unprecedented platform for growth….

2) The Outside-In Way: Designing and Developing with the API Consumers in Mind. Stripe entered a crowded payments market in 2010. Identifying mobile app developers as an underserved customer segment, Stripe focused on delivering the most useful and usable APIs possible. It worked. Stripe has close to 20% of the online payments market share (a number that’s growing), and the company is valued at over $100 billion. One of the pillars of their success has been an unwavering commitment to designing their products outside-in from the consumer’s perspective….

3) The Ecosystem Way: Cultivating a Digital Ecosystem with APIs. Borrowing another Clayton Christensen concept, Twilio envisioned the “value network” for mobile applications, the digital ecosystem within which apps would exist. By looking at the various stakeholders (app users, app developers, third-party service providers) and the value exchanges between them, Twilio identified a gap that could be filled — combining and accelerating carrier services — to the benefit of all ecosystem members.

Bezos’ 2002 decree described above has been widely quoted, but it’s not always explained in plain terms — that Bezos explicitly mandated the adoption of internal and external APIs at Amazon. He ended the mandate with: “Anyone who doesn’t do this will be fired. Thank you; have a nice day!”

PIs Can Support a Wide Range of Business Models

There are many potential uses for APIs. APIs: A Strategy Guide listed some of them:

You need a second mobile appYour customers or partners ask for an APIYour site is getting screen scrapedYou need more flexibility in providing content [and data]You have data to make availableYour competition has an APIYou want to let potential partners test the watersYou want to scale integration with customers and partners

It’s beyond the scope of this post to go into detail, but we want to give you a sense of the wide range of internal and external business models that APIs can support:

The graphic (above) is from Programmable Web’s 2020 Guide to API Business Models. Here’s a brief explanation:

The tree hierarchy attempts to logically organize API business models according to several groupings and sub-groupings. For your monetization conversations, it facilitates important questions like “Should this API be externally exposed outside of our firewall and, if so, should it be productized for consumption by the general public, reserved for partner use, or both?”

Benefits of APIs

More broadly, there are many benefits of adopting APIs in healthcare. Here are some of the most notable advantages:

1. Efficient interoperability and data sharing: One of the primary benefits associated with API adoption in healthcare is improved data sharing among healthcare providers, patients, and other stakeholders. APIs can enable seamless data exchange between different healthcare systems and disparate technology platforms, ensuring that all parties have access to accurate and up-to-date health information.

2. Increased patient engagement: By providing patients with access to their own health data via APIs, healthcare organizations can empower patients to take a more active role in their own health management. This can lead to improved patient outcomes and higher levels of patient satisfaction.

3. Innovation and scalability: APIs can enable healthcare organizations to more easily collaborate with third-party developers to create new digital health solutions. This can result in the creation of innovative new tools and services that can help improve patient care and reduce costs. Additionally, APIs can help healthcare organizations scale their operations more efficiently by leveraging the expertise of other organizations in the industry.

4. Increased Profitability: Boston University researchers examined The Impact of APIs in Firm Performance. They found that “API adoption – measured both as a binary treatment and as a function of the number of calls and amount of data processed – is related to increased sales, operating income, and decreased costs. It is especially tightly related to increased market value. In our preferred specification, binary API adoption predicts a 10.3% increase in a firms’ market value.”

Healthcare Example — Patient-Facing APIs

Writing in the Journal of Medical Internet Research, Aaron Neinstein and his colleagues conducted interviews with 10 top health systems to gain insights into their approach towards patient-facing APIs. The objective was to understand the initial experiences of healthcare systems and identify insights that could be beneficial for policy and practice. Their key findings:

Our results suggest a reason for optimism about the prospects for patient-facing APIs and their impact on the US health care system…The health systems we interviewed all planned to increase the use of patient-facing APIs, and many stated that this was “the right thing to do.” Two use cases emerged as the strategic driving forces for health systems: the ability for the patient to create an aggregated longitudinal health record and better digital patient engagement.

Barriers, Challenges, Reality Checks

“Today, a firm without application program interfaces (APIs) that allow software programs to interact with each other is like the internet without the World Wide Web.” –Bala Iyer and Mohan Subramaniam, Harvard Business Review

Despite the benefits, APIs are not a foregone conclusion. There are many challenges to the widespread, ubiquitous adoption of APIs.

Realizing the Value of APIs Requires a Mindset Shift

We believe the biggest challenge to broad API adoption in healthcare is “mindset”. Healthcare moves slowly. The industry has been resistant to sharing data and assets. Deloitte explained the shift that is needed:

APIs can be a vehicle to spur growth, and even create new paths to revenue. Viewing APIs in this way requires a shift in thinking. The new integration mindset focuses less on just connecting applications than on exposing information within and beyond your organizational boundaries. It’s concerned less with how IT runs, and more with how the business runs.

Healthcare organizations need to adopt a discipline for creating APIs strategically, rather than making point connections on a project-by-project basis.

Financial Incentives are Misaligned

The gradual shift towards value-based care and payments has been ongoing for decades, yet its pace has been slow. This is largely due to the misalignment of financial incentives, particularly under the prevalent fee-for-service reimbursement model.

Under fee-for-service, incentives for data sharing are minimal. Historically, providers have considered data as their proprietary asset. There is no direct financial reward for sharing data, and APIs and other data-sharing ecosystems, like Carequality and TEFCA, are often perceived as burdensome compliance requirements rather than opportunities for improving patient care and business operations.

Will New Regs Be Enforced?

As previously noted, much of the momentum toward API adoption in healthcare has been spurred by federal regulations In 2022 Troy Bannister, former CEO of Particle Health, posed the question of whether there will be resources and an appetite to vigorously enforce these regulations:

So far, no real fines have been issued against violators, and honestly, I don’t know where they’d even start. I don’t know a single hospital, practice or clinic adhering to the rule today. How do we feel, as a country, about a system of government that creates rules, laws and policies but allows entire industries to ignore them completely—either directly through abstinence or indirectly through lobbied, hyper-specific loopholes?

Healthcare Lags in Attracting Developers

Despite the increasing digitization of healthcare, the industry has struggled to attract top-tier software developers. Compared to sectors like finance and media, healthcare has been slower to adopt technology, often due to complex regulations and the necessity to comply with multiple standards. The intricate nature of EHRs, the diversity of integration capabilities, and the technical density of healthcare standards present significant challenges to developers. Coupled with this, the industry’s fragmentation and inconsistent pace of technology adoption may deter developers who could otherwise drive innovation.

Data Privacy and Security Issues

A big challenge of API adoption in healthcare is ensuring the appropriate protection of sensitive health data. Maintaining confidentiality and security of patient health data is paramount, and ensuring that healthcare organizations remain in compliance with privacy regulations can be a major hurdle.

Data Quality is Inconsistent

EHRs have built on differing data models, vastly limiting their ability to exchange data that is “understood” by other EHRs. For example, a recent JAMIA study reported only 22-68% interoperability across EHR platforms.

The United States Core Data for Interoperability (USCDI) is a standardized set of health data classes and constituent data elements for nationwide interoperability of health information technology (IT) systems. The USCDI sets a minimum standard for the data elements that must be shared to support patient care and facilitate access to health IT.

However, the USCDI has limitations. It does not cover all of the necessary data elements required for patient care or research. It only focuses on structured data, which can exclude important clinical information that is not captured in a structured format. Lastly, the USCDI is not a comprehensive data set.

Limitations of the FHIR API

Implementing and utilizing the FHIR API requires advanced technical knowledge and infrastructure. The FHIR API only provides a standard format for exchanging specific types of health data, meaning not all data elements may be available through the FHIR API.


The API economy is growing and changing rapidly, with new business models, tools, and strategies being developed to meet the needs of patients, healthcare organizations, and developers. As APIs become more ubiquitous across industries, they are reshaping the way businesses grow and innovate.

It’s time for healthcare to join the thriving API economy.

Vince Kuraitis, JD, MBA, is a health care consultant and primary author of the e-CareManagement blog, where this post first appeared.