Apple Health Cloud REST API

Apple Health via Healthkit recently introduce the ability to pull individual patient health records from hospitals and clinics using the same FHIR functionality as 1upHealth. (Note that Apple Health does not support all the health systems supported by 1upHealth) That patient data is stored on the device and does not natively support a cloud or RESTful API experience. That is a limiting experience because you cannot query your patient data across populations or for specific items within their medical record. To enable a cloud based functionality, you can push the FHIR healthcare records from the user's device to 1upHealth and store it in our cloud backend enabling your applications to interact with the data in a RESTful manner. Star by creating a free 1upHealth developer account. Then follow the other steps below.

Setup

Before beginning, you must understand the basics of making queries against the 1upHealth FHIR API. Here's a quick intro to FHIR APIs that shows you how to create a 1upHealth user and make requests with an access_token.

Process

  1. Follow Apple Health's guide to get FHIR data from their supported health systems.
  2. Within your iOS app, get to the point where you can create a JSON representation of the FHIR Resource
  let jsonDictionary = try JSONSerialization.jsonObject(with: fhirRecord.data, options: [])
  1. After you have this jsonDictionary, you must post that to 1upHealth using a user's access_token. This Patient resource endpoint must be changed if the resourceType you are posting is another FHIR type.
let jsonData = try? JSONSerialization.data(withJSONObject: jsonDictionary)

// create post request
let url = URL(string: "https://api.1up.health/fhir/dstu2/Patient")!
var request = URLRequest(url: url)
request.httpMethod = "POST"

// set the header
request.setValue("application/json", forHTTPHeaderField: "Content-Type")
request.setValue("application/json", forHTTPHeaderField: "Accept")
request.setValue("Bearer your1uphealthusersbeareraccesstokenhere", forHTTPHeaderField: "Authorization")

// insert json data to the request
request.httpBody = jsonData

let task = URLSession.shared.dataTask(with: request) { data, response, error in
    guard let data = data, error == nil else {
        print(error?.localizedDescription ?? "No data")
        return
    }
    let responseJSON = try? JSONSerialization.jsonObject(with: data, options: [])
    if let responseJSON = responseJSON as? [String: Any] {
        print(responseJSON)
    }
}

task.resume()
  1. Now you can get data using your iOS or any other server that has perissions via the access_token.

Recommendations

We have a few other recommendations on how to structure this method of using Apple Health via a Cloud API.

  • Use one access_token per user (device)
  • Have something server side which enables you to make queries in the cloud. After all, one major benefit is that you can now query data from other systems like web apps or Android devices.
  • Ensure you keep the client_id and client_secret secure. You cannot store those on the device, the tokens must be issued from a secure cloud server that you own.