Tiro.health API Integrations

Tiro.health provides a set of APIs to integrate structured data capture capabilities into your healthcare information system, such as an EHR or LIS.

The API integration allows you to leverage Tiro.health's technology for structured data capture without needing to implement a full UI integration. This is particularly useful for EHR or LIS systems that support a simple URL-based integration, allowing you to quickly set up Tiro.health.

Supported Integrations

The Tiro.health platform supports a variety of EHR integrations through standardized FHIR APIs. Overview of supported integrations:

KWS by Nexuzhealth: Learn more about the KWS integration.
Synops by AZ Maria Middelares: Tiro.health is deeply integrated in Synops. Please contact the application manager of your hospital for more information.
HiX by ChipSoft: Contact us for more information on the HiX integration.
Primuz: Contact us for more information on the Primuz integration.

High-level Integration Flow

Here's how a typical integration with Tiro.health API looks like:

Data Import

Tiro.health requires minimal patient data to associate with the QuestionnaireResponse. At minimum, a patient resource with a single identifier is required. You can optionally provide an encounter resource as well. This data can be imported in your data tenant in the background before users are writing structured report to prevent users from having to enter patient data manually. Learn more about available APIs in the FHIR API section.

Example: FHIR Transaction

curl -X POST https://reports.tiro.health/fhir/r5 \
  -H "Authorization: Basic {{apikey}}" \
  -H "Content-Type: application/fhir+json" \
  -d '{
    "resourceType": "Bundle",
    "type": "transaction",
    "entry": [
      {
        "fullUrl": "urn:uuid:patient-001",
        "resource": {
          "resourceType": "Patient",
          "identifier": [{
            "system": "http://hospital.example.com/patients",
            "value": "PAT-12345"
          }],
          "name": [{"family": "Smith", "given": ["John"]}]
        },
        "request": {
          "method": "POST",
          "url": "Patient"
        }
      },
      {
        "fullUrl": "urn:uuid:practitioner-001",
        "resource": {
          "resourceType": "Practitioner",
          "identifier": [{
            "system": "http://hospital.example.com/practitioners",
            "value": "PRAC-67890"
          }],
          "name": [{"family": "Jones", "given": ["Sarah"]}]
        },
        "request": {
          "method": "POST",
          "url": "Practitioner"
        }
      },
      {
        "fullUrl": "urn:uuid:task-001",
        "resource": {
          "resourceType": "Task",
          "identifier": [{
            "system": "http://hospital.example.com/tasks",
            "value": "TASK-54321"
          }],
          "status": "draft",
          "intent": "order",
          "code": {
            "coding": [{
              "system": "http://fhir.tiro.health/CodeSystem/task-type",
              "code": "complete-questionnaire"
            }],
            "text": "Complete questionnaire"
          },
          "for": {
            "reference": "urn:uuid:patient-001"
          },
          "owner": {
            "reference": "urn:uuid:practitioner-001"
          }
        },
        "request": {
          "method": "POST",
          "url": "Task"
        }
      }
    ]
  }'

Sketch illustrating the data import step.

Context Launch

To provide a seamless user experience between your system and Tiro.health, we support contextual launches that allow users to access patient-specific information directly. Tiro.health supports two authentication patterns:

Standard Identity Provider (Identity Verification Only) When using off-the-shelf identity providers like Microsoft Entra ID or Google, Tiro.health verifies user identities but does not perform authorization. The host system can redirect users to specific reports via URL parameters, but no session-scoped access control is enforced.

Backchannel Authorization (Session-Scoped Access) For seamless session handovers with context, the host system can authorize sessions through a backchannel API. This enables:

Sessions scoped to a specific patient
Granular session-scoped access control
Seamless context transfer from the host system to Tiro.health

Sketch illustrating the context launch step.

More info about context launches can be found on the session managment page and the identity provider page.

Submission

The submission process follows three distinct steps:

User clicks submit: The user completes their work in Tiro.health and clicks the submit button.
Data persistence: The submit action persists all data to the customer's data tenant.
Redirect and data retrieval: The user is redirected to a configured URL, which serves as both a return mechanism and a trigger for the host application to fetch all data from the data tenant.

The redirect URL can be configured per session and supports different integration patterns:

Web-based applications: Use standard HTTP URLs to redirect users back to the EHR or LIS.
Native applications: Use custom URI schemes to return users to the application:
- Windows apps can implement URI activation handlers
- Mac apps can define custom URL schemes

The redirect not only brings the user back to the host application but also signals that the data is ready to be retrieved from the data tenant. Sketch illustrating the submission step.