Data exchange is the core function of the Redox platform. It’s the process of sending, receiving, and querying healthcare information between your application and your connected partners. Whether you’re sending a newly booked appointment to a hospital’s EHR system or receiving clinical notes about a patient, you’re performing data exchange.
Redox provides a robust framework for you to exchange healthcare data with your connections. Let’s break down the fundamental concepts and tools of how we support data exchange.
Different communication methods have different restrictions. Review technical quotas and constraints for data exchange, including message, file, and rate limits.
Once you have connections and communication methods set up, the Connections > Subscriptions page of the Redox dashboard gives you a picture of how data flows from one system to another (and back again, sometimes).
Set up authentication
Your system has to be authorized to send data to Redox with API keys. You should also have authentication credentials in place to verify requests coming from Redox. Learn more about authenticating both sides of the data exchange flow:
Next, decide how you want to exchange data. Redox supports three types of exchange:
Asynchronous notification (SEND): A notification tells you that something happened in your connection’s system. Some kind of event (e.g., a patient arrived for an appointment) automatically triggers a notification. This type of traffic is a one-way push of data that doesn’t wait for a response.
Alternative method to support notifications
What if your connection doesn’t support traditional event notifications? Don’t worry, check out how to use polling instead.
Synchronous query (REQUEST/RESPOND): A query asks for information from your connection’s system and waits for a response. Your connection gathers data about the patient, encounter, or other requested item, and responds immediately. Sometimes there will be results and sometimes not.
Asynchronous writeback (WRITE): A writeback tells your connection that something happened in your system. This is often used for updating a patient’s chart with data from your app. This type of traffic is a one-way push of data that doesn’t wait for a response.
Also, explore our API actions to learn best practices when creating your own unique FHIR® workflow.
Quotas and constraints
Different communication methods have different restrictions. Review technical quotas and constraints for data exchange, including message, file, and rate limits.
Set up sources and destinations
In your Redox organization, you must have at least one source to send and one API key to authorize your data. A source tells us who your system is and how you connect. An API key lets your system send and request data from your connection. You can view and create both sources and OAuth API keys on the Developer > Sources page of the Redox dashboard. Learn more about authentication.
Your system must have at least one destination, or endpoint, to process incoming requests. A destination is a URL that can RECEIVE data from and RESPOND to your connection’s requests. In the Redox dashboard, you can view and create destinations under the Destinations tab on the Developer page.
You can use the same source to send data to multiple destinations. If you need multiple communication methods, though, you’ll need a source for each type. But at a minimum, your organization must have one source and API key to initiate requests and one destination to receive requests from your connection(s).
What you're responsible for
You’re responsible for configuring sources, API keys, and destinations in your Redox organization. You must create at least one source and destination per environment and communication method. Learn how to:
You must also be able to recognize your connection’s source ID on incoming requests and specify their destination IDs in outgoing requests. Find your connection’s source and destinations IDs on the Connections page of the Redox dashboard.
Redox responsibilities
During your implementation process, we share the destination data for Redox and your connections. We also create the Redox organization records for the healthcare organizations you integrate with. Healthcare organizations may have one or more destinations, depending on the type of integration and data.
How Redox uses metadata to route data
Once you and your connection are set up to exchange data, you can start sending requests. Redox uses the metadata of requests flowing through your Redox organization to process, partition, and route data appropriately.
Here are some primary examples of what we use to route requests:
You can only exchange data with the same environment type. For example, if you send data from a staging environment, it can only be received by another staging type of environment.
Confidential data
Personal health information (PHI) shouldn’t be visible to just anyone in your organization. The ability to view log payloads—which may contain PHI—is restricted based on a user role assignment. Learn about roles. We recommend assigning user access as though all log payloads contain confidential data.
Although we build all environment types with the same level of security, you should never send PHI to development or staging environments. Users in staging or development don’t expect to interact with confidential data and may not treat it with sensitivity. We also can’t guarantee that one of your connections won’t include PHI by accident, so being preemptive about user access is the safest bet.
Dates and time zones
An inherent part of data exchange is knowing when—that is, when outgoing requests are delivered or when incoming requests are received. Redox generates relevant date and time metadata for this.
Also, there may be date and time pieces in a request that are significant to the data itself (e.g., the date that a patient was admitted to the hospital). Redox doesn’t add a timestamp to a time field if the request doesn’t contain one. It’s also important for you to not include a time value if only the date is known or appropriate.
Given that different organizations are likely in different time zones, Redox converts timestamps to UTC time zone in ISO 8601 format (i.e., YYYY-MM-DD or YYYY-MM-DDThh:mm:ss.sTZD). Learn more about ISO 8601.
Type
Format
Example
Date
YYYY-MM-DD
2019-09-22
DateTime
YYYY-MM-DDThh:mm:ss.sssZ
2021-09-22T10:20:30.000Z
Exceptions for date and time conversion
Redox might handle date and time conversion differently if:
You or your connection send data without requiring any kind of mapping. In this case, if your integration is pass-through only, Redox doesn’t convert any timestamps.
A Redoxer configures your organization’s record. There may be other factors during that process to determine whether there’s a conversion or offset for a timestamp.
Be sure to talk through this with the Managed Services team if you have questions about what to expect for your date and time conversions.
Monitor data exchange health
Sometimes data doesn’t make it to its intended destination. The good news is we provide alerting and troubleshooting options to help you stay on top of the health of your integration.
Redox system alerts: Redox sends alerts when there’s a system issue, like a VPN heartbeat or log failure. These are Redox-managed alerts, meaning we both generate and resolve them. However, you can view active and historical system alerts up to 60 days in the past. Learn how to check system alerts.
Your traffic alert rules: You can monitor a Redox organization with your own traffic alert rules. These are unique alerts you define for your organization. When the conditions of your traffic alert rule are met, we send an email to the users you designate.
Traffic alert rules notify you about irregularities so you don’t have to constantly check the Redox dashboard just to see if traffic is flowing appropriately. Bonus, you can independently monitor the health of your integration based on conditions you define without relying on Redox support. Create a traffic alert rule.
Log inspector: A log error prevents data from reaching its destination. You can use log inspector to see where an error occurred during processing so you can troubleshoot errors more effectively.
How Redox monitors monitors and manages errors
Our job is to make sure your data reaches your connection—and that your connection’s data reaches you. You’re responsible for managing errors in your integration with Redox, but we’re here if you need help.
If we identify errors on your connection’s side of the integration, we work to resolve those issues. However, you won’t get notifications for all issues.
With Pagerduty, we continuously monitor Redox (including backup services) end-to-end. Our engineers are instantly notified when errors occur. In other words, we’re committed to helping you exchange data successfully.
FHIR® is a registered trademark of Health Level Seven International (HL7) and is used with the permission of HL7. Use of this trademark does not constitute an endorsement of products/services by HL7®.