APIs are at the heart of efforts by the US Centers for Medicare & Medicaid Services (CMS) to give patients ready access to their healthcare information. For healthcare insurance companies and other healthcare payers, this means complying with the Patient Access API and Provider Directory API requirements of the CMS Interoperability and Patient Access Final Rule (CMS-9115-F) no later than July 1, 2021. Newly launched WSO2 Open Healthcare from Mountain View, Calif.-based WSO2 is an all-in-one solution designed to enable most customers to achieve CMS-9115-F compliance within three months.

Using WSO2 Open Healthcare, enterprises in the healthcare industry can also fast-track compliance with the Office of the National Coordinator for Health Information Technology (ONC) 21st Century Cures Act: Interoperability and Information Blocking. By using APIs to comply with the Cures Act, healthcare organizations can avoid penalties of up to $1 million per violation.

Enabling API-Driven Compliance and New Business Models

WSO2 Open Healthcare is purpose-built for healthcare payers and insurers, healthcare providers, hospital networks, pharmacy benefit managers, healthcare organizations, and others serving the healthcare market. The interoperability solution goes beyond basic healthcare accelerators to provide healthcare organizations with the foundation for implementing a comprehensive digital API strategy. Leveraging years of healthcare industry implementation expertise, it is built on WSO2’s market-leading API management, integration, and customer identity and access management (CIAM) platforms. Additionally, the solution runs in the cloud, on-premises, and in hybrid environments to maximize deployment flexibility.

Using WSO2 Open Healthcare, customers can connect healthcare source systems in formats such as Fast Healthcare Interoperability Resources (FHIR) APIs, the Health Level Seven (HL7) standard, and X12 Electronic Data Interchange (EDI) standard, as well as custom format. The solution then translates, validates, and exposes them as FHIR APIs that comply with standards set by HL7, US Core Implementation Guide, Da Vinci Project, and the CARIN Alliance. Additionally, robust API management functionality enables healthcare organizations to go beyond compliance and create new business models by turning APIs into products, monetizing APIs, and building API marketplaces.

“The US healthcare industry is currently focused on complying with CMS and ONC regulations to ensure safe, open access to patient information. But, the API-driven interoperability required for this compliance also presents opportunities to create new business models by packaging data and services as API products that can be shared and monetized,” says WSO2 Vice President of Solutions Architecture Mifan Careem. “Through our new WSO2 Open Healthcare solution, we’re giving healthcare organizations a comprehensive platform for streamlining compliance today and driving innovation across their digital business initiatives tomorrow.”

Developed for Healthcare Customers’ Real-World Needs

WSO2 Open Healthcare was developed using the experience that WSO2 has gained from working with some of the world’s largest organizations in the healthcare industry. Recently, two of these customers spoke at the WSO2 Summit–Americas virtual event, which was held August 26-27, 2020. 

In the session, “One FHIR Service, 180 Facilities, 36 Million Patient Visits,” Director of Data Innovation Tim Dunnington discussed the use of FHIR and API management functionality at a large healthcare provider, which enabled its applications to handle up to 1 million messages per day. While the FHIR services were developed for internal applications, the process and outcome were similar to those for CMS compliance. Tim noted, “Now we have 360 connections that we’re hiding behind the scenes here, while the consumer application is none the wiser. They just continue to have their one connection. And of course, that’s fronted by the WSO2 API gateway product, the APM, which is brokering all of the security and managing all of the connectivity through to these backend services.”

Best Practices on Interoperability via FHIR APIs

WSO2 provides a number of resources that cover best practices in healthcare interoperability and how to comply with CMS and ONC mandates.

A new whitepaper, “Healthcare API Interoperability – An Implementation Guideline,” serves as a pragmatic guide on how to address the CMS Interoperability and Patient Access API rule for US healthcare payers, as well as general interoperability for healthcare providers. The paper looks at the CMS rule in detail, who it applies to, and the timelines. Additionally, it examines the implementation steps required for compliance, including data source identification, verification, and technology selection. The paper also discusses how the features of WSO2 Open Healthcare can be used to satisfy the regulatory requirements and beyond.

Additionally, WSO2 Senior Lead Solutions Engineer Nirmal Fernando has presented two sessions, which are now available via video:


WSO2 Open Healthcare is available today as a cloud-based, on-premises, or hybrid solution. It can be deployed as a software download that runs directly on servers, on top of a private platform as a service (PaaS), or on top of infrastructure as a service (IaaS), such as Amazon Elastic Computing Cloud (EC2), Linux Kernel Virtual Machine (KVM), and VMware ESX. Additionally, customers can choose to have WSO2 host the software through WSO2 Managed Cloud hosted services. Organizations can learn more about features, functionality, pricing, and how to set up a test solution; schedule a demo with a healthcare solution architect; or sign up for a free tenant by visiting WSO2