logo-white

FAQs

Which EHRs does CONNECT integrate with?

CONNECT was built with an extensible plug-in architecture, allowing for quick implementation of new integrations for any EHR. So far, we have integrated with Epic, Cerner, Athenahealth, Meditech, Nextgen, and eClinicalWorks. Integrations with Allscripts, and Greenway will be available soon.

How do I get started?

You will have access to the CONNECT client portal after completing the customer intake form, along with a user guide. You will also be qualified to receive help and support from the CONNECT technical team.

Before using CONNECT, do I need to be a an EHR consumer with an account and access rights to health data?

No, you can use the EHR’s sandbox APIs’ test data first. However, it necessitates having access and permissions to real health data from EHR systems, clinics, and hospitals.

 Are CONNECT’s APIs bidirectional?

Yes, they are. Both read and write methods are supported.

Does it work outside of the US?

Yes, it does, as FHIR® is a global standard. As long as we have access to the supported EHR systems  including Epic, Cerner, Athenahealth, Meditech, Nextgen, eClinicalworks, and Greenway.

CONNECT will integrate with more EHRs. If a health system is already connected, will the new EHR integration be enabled without having to rewrite the code?

Yes, CONNECT provides a single set of standardized APIs across all integrated EHRs. 

What use cases does CONNECT currently support?

CONNECT currently supports:

  • Appointment scheduling
  • Common clinical data set for patients: demographics,  medical history
  • Physician orders and clinical results

What types of data can healthcare systems exchange with EHRs using CONNECT?

The following data types can be used with CONNECT in FHIR format:

AllergyIntolerance, Appointment, Binary, Communication, Condition, DiagnosticReport, DocumentReference, Encounter, FamilyMemberHistory, Immunization, Location, MedicationAdministration, MedicationRequest, MedicationStatement, NutritionOrder, Observation, Organization, Patient, Practitioner, Procedure, ServiceRequest, and Slot.

Which FHIR versions does it support?

CONNECT is compatible with DSTU2, STU3, and the most recent FHIR version R4. To be clear, CONNECT can integrate with various data endpoints using various FHIR versions and then simplify them into a single set of APIs in FHIR R4 format.

Does CONNECT support the HL7 messaging standard?

HL7v2 is the widely used standard for exchanging medical data. CONNECT will simplify complicated HL7v2 messages into simple JSON objects and make them accessible through its public APIs.

Where can I find public API documentation?

How can we exchange health information using the CONNECT platform?

There are a few straightforward steps required to call its APIs: 

  • Configure your connection with an EHR using CONNECT’s web portal
  • Get a generated API token
  • Use this token to call the APIs. The API documentation is available here.

How long before the access token expires?

Using a generated API key or an OAuth access token are the two options for CONNECT authentication. The API key never expires. If you use OAuth, you must refresh your access token every hour.

Do you offer a sandbox environment?

Even though we only published one environment, you will still have access to the EHR sandboxes. To be clear, CONNECT enables the creation of multiple apps. This makes it simple for you to distinguish between production apps, which are used with your real EHR account, and sandbox apps, which are used with the EHR sandboxes we provided.

Where is CONNECT hosted?

CONNECT is hosted in the HITRUST-compliant Azure cloud.

How do you handle data destruction?

We leverage Azure Blob Storage for data management and destruction. Please, see the link below. (Note that, today, we don’t store any PHI). https://docs.microsoft.com/en-us/azure/security/fundamentals/protection-customer-data

What is your data retention period?

We keep it for a maximum of 7 days if notification messages are not delivered.

Where can I access your systems in terms of location? How are requests secured?

Users from all over the world can access our system. We don’t restrict which nations can use our system. All requests are encrypted using HTTPS (TLS 1.2,1.3).

How is data encrypted on a database level?

Our database is persisted into Azure Cloud Storage with host-based encryption on Azure Kubernetes Service (AKS).

How does CONNECT manage security compliance?

We apply best practices to maintain the security so that it is HIPAA compliant and SOC 2 Type II certified. CONNECT does not store any Protected Health Information (PHI). We are in the process of obtaining HITRUST certification. Below are our certificates, and security best practices:


  • ISO27001: 2013 Certification by TÜV Nord
  • SOC 2 Type 2 Report issued by A-LIGN
  • HIPAA compliance: Keep security practices and audits quarterly to ensure compliance with HIPAA regulations.
  • HITRUST (in the process to get HITRUST)
The official link at https://www.kms-technology.com/certifications brief the industrial security standards that KMS Technology has obtained.

© 2023 KMS Healthcare