Skip to content

Instantly share code, notes, and snippets.


Josh Mandel jmandel

View GitHub Profile
View CARIN Call

Subscribers and dependants

Minimum bar: support patient/ scopes (e.g., patient/, and authorize the app for each patient record. So here at authz time, e.g., scope=launch/patient patient/ patient/ ... e.g., scope=launch/patient patient/*.read

Beyond the minumum, a server can support user-level scopes ("do you want to share all the records you have access to with the following app"...)

jmandel / measure-report-examples.txt
Last active Mar 25, 2020
Example Locations, Groups for tracking beds (work in progress)
View measure-report-examples.txt
Example measure report (pseudo-yaml-pseydo-FHIR)(TM)
resourceType: MeasureReport
status: complete
type: summary (??)
date: today

Background: Consumer API Access via Certified EHR APIS

In a series of EHR Certification and Meaningful Use programs since 2010, US national policy has driven toward better consumer access to clinical data – first through online portals; then through downloadable documents; and most recently through APIs that enable third-party application access. This technology is enabling consumers to connect apps like Apple Health or MyFHR to their health records, helping individuals understand their health and shop for better care. API access is expanding, but key struggles include:

  • App registration does not scale. Today, connecting an app requires not only permission from a patient, but also (as a pre-requisite), two additional hurdles that limit the ability for apps to scale: registration with an EHR vendor and approval by a healthcare provider organization. These two steps mean that apps must seek approvals from institutions that may not share common values or business incentives. The first hurdle should be
jmandel / handshake-bare.json
Last active Feb 20, 2020
R5 Subscription Notifications: Packaging Discussion
View handshake-bare.json
"resourceType": "Bundle",
"id": "handshake",
"type": "history",
"timestamp": "2019-08-07T10:24:13.1882432-05:00",
"meta": {
"extension": [
"url": "",
"valueInteger64": "0"
jmandel /
Created Feb 19, 2020
Automated captions for self-owned Identity in healthcare overview

Automated captions for

I wanted to spend a few minutes, and introduced some vocabulary around a few court challenges in managing identity in healthcare and beyond. I want to argue that today. Things are pretty broken. Even when they seem to be working kind of OK and then point forward to a set of emerging specifications that are the first thing I've seen in a long time that really look like they could actually make a dent in the problem.

I think a little bit about a road map towards getting there so to start I want

jmandel / careevolution.json
Last active Sep 15, 2019
CARIN Blue Button Examples from FHIR 2019-09 Connectathon
View careevolution.json
"resourceType": "Bundle",
"type": "searchset",
"total": 3,
"link": [
"relation": "self",
"url": ""
curl -X POST \
'$submit' \
--data @sample-request.json
jmandel /
Last active Sep 9, 2019
Realtime Benefits Check Examples

POST /$rx-pricing

Where can I fulfill my simvastatin prescription within two miles of 85054?

  "resourceType": "Parameters",
  "parameter": [{
    "name": "patient",
 "resource": {
jmandel / Dockerfile
Created May 15, 2019
HAPI CLI docker example
View Dockerfile
FROM ubuntu as gethapi
RUN apt-get update && \
apt-get install -y curl bzip2
RUN mkdir /hapi && \
cd /hapi && \
curl -L \
| tar -xj
FROM openjdk