Orion Health

Orion Health HIE API

Health Information Exchange API for sharing patient information across healthcare organizations.

GitHub OpenAPI

Documentation

📖
Documentation
https://www.orionhealth.com/developers/hie-api

Specifications

OpenAPI
https://raw.githubusercontent.com/api-evangelist/orion/refs/heads/main/openapi/orion-hie-openapi.yml

Other Resources

🔗
TermsOfService
https://www.orionhealth.com/terms-of-service
🔗
JSONLD
https://raw.githubusercontent.com/api-evangelist/orion/refs/heads/main/json-ld/orion-healthcare-context.jsonld
🔗
NaftikoCapability
https://raw.githubusercontent.com/api-evangelist/orion/refs/heads/main/capabilities/hie-audit.yaml
🔗
NaftikoCapability
https://raw.githubusercontent.com/api-evangelist/orion/refs/heads/main/capabilities/hie-consent.yaml
🔗
NaftikoCapability
https://raw.githubusercontent.com/api-evangelist/orion/refs/heads/main/capabilities/hie-documents.yaml
🔗
NaftikoCapability
https://raw.githubusercontent.com/api-evangelist/orion/refs/heads/main/capabilities/hie-notifications.yaml
🔗
NaftikoCapability
https://raw.githubusercontent.com/api-evangelist/orion/refs/heads/main/capabilities/hie-patient-identity.yaml
🔗
NaftikoCapability
https://raw.githubusercontent.com/api-evangelist/orion/refs/heads/main/capabilities/hie-provider-directory.yaml

OpenAPI Specification

orion-hie-openapi.yml Raw ↑ 
openapi: 3.1.0
info:
  title: Orion Health HIE API
  description: >-
    The Orion Health Health Information Exchange (HIE) API enables sharing of
    patient health information across healthcare organizations. It provides
    capabilities for patient identity matching, document exchange, consent
    management, provider directory lookups, and audit logging in compliance
    with healthcare interoperability standards. The API supports IHE profiles
    including XDS, XCA, and PDQ.
  version: 1.0.0
  contact:
    name: Orion Health API Support
    email: [email protected]
    url: https://www.orionhealth.com/support
  license:
    name: Proprietary
    url: https://www.orionhealth.com/terms-of-service
  termsOfService: https://www.orionhealth.com/terms-of-service
servers:
  - url: https://api.orionhealth.com/hie
    description: Production HIE Server
  - url: https://sandbox.orionhealth.com/hie
    description: Sandbox HIE Server
security:
  - oauth2: []
  - bearerAuth: []
tags:
  - name: Audit
    description: Audit log access for compliance
  - name: Consent
    description: Patient consent management for data sharing
  - name: Documents
    description: Clinical document exchange and retrieval
  - name: Notifications
    description: Admission, discharge, and transfer notifications
  - name: Patient Identity
    description: Patient identity matching and cross-referencing (MPI)
  - name: Provider Directory
    description: Provider and organization directory lookups
paths:
  /patients/match:
    post:
      operationId: matchPatient
      summary: Orion Health Match a patient across organizations
      description: >-
        Perform patient identity matching across the HIE network using
        demographics, identifiers, and probabilistic matching algorithms
        to find existing records in the Master Patient Index (MPI).
      tags:
        - Patient Identity
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatientMatchRequest'
      responses:
        '200':
          description: Patient match results
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PatientMatchResponse'
        '400':
          $ref: '#/components/responses/BadRequest'
        '401':
          $ref: '#/components/responses/Unauthorized'
  /patients/{patientId}/identifiers:
    get:
      operationId: getPatientIdentifiers
      summary: Orion Health Get patient cross-reference identifiers
      description: >-
        Retrieve all known identifiers for a patient across participating
        organizations in the HIE network.
      tags:
        - Patient Identity
      parameters:
        - name: patientId
          in: path
          required: true
          schema:
            type: string
        - name: organization
          in: query
          description: Filter by organization
          schema:
            type: string
      responses:
        '200':
          description: Patient identifiers
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PatientIdentifiers'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
  /patients/{patientId}/record-locator:
    get:
      operationId: locatePatientRecords
      summary: Orion Health Locate patient records across organizations
      description: >-
        Query the HIE network to locate clinical records for a patient
        across participating organizations. Returns available document
        references without retrieving the full documents.
      tags:
        - Documents
        - Patient Identity
      parameters:
        - name: patientId
          in: path
          required: true
          schema:
            type: string
        - name: organization
          in: query
          description: Filter by source organization
          schema:
            type: string
        - name: documentType
          in: query
          description: Filter by document type
          schema:
            type: string
            enum:
              - ccd
              - discharge-summary
              - progress-note
              - lab-report
              - radiology-report
              - referral
              - consult-note
        - name: dateFrom
          in: query
          schema:
            type: string
            format: date
        - name: dateTo
          in: query
          schema:
            type: string
            format: date
      responses:
        '200':
          description: Located record references
          content:
            application/json:
              schema:
                type: object
                properties:
                  data:
                    type: array
                    items:
                      $ref: '#/components/schemas/RecordLocatorResult'
                  total:
                    type: integer
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
  /documents:
    get:
      operationId: searchDocuments
      summary: Orion Health Search for clinical documents
      description: >-
        Search for clinical documents in the HIE document registry
        by patient, organization, document type, and date range.
      tags:
        - Documents
      parameters:
        - name: patientId
          in: query
          required: true
          schema:
            type: string
        - name: documentType
          in: query
          schema:
            type: string
            enum:
              - ccd
              - discharge-summary
              - progress-note
              - lab-report
              - radiology-report
              - referral
              - consult-note
              - operative-note
              - pathology-report
        - name: sourceOrganization
          in: query
          schema:
            type: string
        - name: dateFrom
          in: query
          schema:
            type: string
            format: date
        - name: dateTo
          in: query
          schema:
            type: string
            format: date
        - name: format
          in: query
          description: Document format
          schema:
            type: string
            enum:
              - cda
              - fhir
              - pdf
        - $ref: '#/components/parameters/PageOffset'
        - $ref: '#/components/parameters/PageLimit'
      responses:
        '200':
          description: List of matching documents
          content:
            application/json:
              schema:
                type: object
                properties:
                  data:
                    type: array
                    items:
                      $ref: '#/components/schemas/DocumentMetadata'
                  pagination:
                    $ref: '#/components/schemas/Pagination'
        '400':
          $ref: '#/components/responses/BadRequest'
        '401':
          $ref: '#/components/responses/Unauthorized'
    post:
      operationId: submitDocument
      summary: Orion Health Submit a clinical document
      description: >-
        Submit a clinical document to the HIE document repository for
        sharing with other participating organizations.
      tags:
        - Documents
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/DocumentSubmission'
      responses:
        '201':
          description: Document submitted
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DocumentMetadata'
        '400':
          $ref: '#/components/responses/BadRequest'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '422':
          description: Document validation failed
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Error'
  /documents/{documentId}:
    get:
      operationId: getDocument
      summary: Orion Health Retrieve a clinical document
      description: >-
        Retrieve the full content of a clinical document from the HIE
        document repository by its document ID.
      tags:
        - Documents
      parameters:
        - name: documentId
          in: path
          required: true
          schema:
            type: string
            format: uuid
        - name: format
          in: query
          description: Requested document format
          schema:
            type: string
            enum:
              - cda
              - fhir
              - pdf
              - original
      responses:
        '200':
          description: Clinical document content
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DocumentContent'
            application/xml:
              schema:
                type: string
                description: CDA XML document
            application/pdf:
              schema:
                type: string
                format: binary
        '401':
          $ref: '#/components/responses/Unauthorized'
        '403':
          description: Consent not on file or access denied
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Error'
        '404':
          $ref: '#/components/responses/NotFound'
  /consent:
    get:
      operationId: searchConsents
      summary: Orion Health Search for patient consents
      description: >-
        Search for patient consent directives governing the sharing
        of health information within the HIE network.
      tags:
        - Consent
      parameters:
        - name: patientId
          in: query
          required: true
          schema:
            type: string
        - name: status
          in: query
          schema:
            type: string
            enum:
              - active
              - inactive
              - revoked
              - expired
        - name: purpose
          in: query
          description: Purpose of use
          schema:
            type: string
            enum:
              - treatment
              - payment
              - operations
              - research
              - public-health
        - $ref: '#/components/parameters/PageOffset'
        - $ref: '#/components/parameters/PageLimit'
      responses:
        '200':
          description: List of consent directives
          content:
            application/json:
              schema:
                type: object
                properties:
                  data:
                    type: array
                    items:
                      $ref: '#/components/schemas/Consent'
                  pagination:
                    $ref: '#/components/schemas/Pagination'
        '401':
          $ref: '#/components/responses/Unauthorized'
    post:
      operationId: createConsent
      summary: Orion Health Create a patient consent directive
      description: >-
        Record a new patient consent directive specifying permissions
        for sharing health information within the HIE network.
      tags:
        - Consent
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ConsentCreate'
      responses:
        '201':
          description: Consent directive created
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Consent'
        '400':
          $ref: '#/components/responses/BadRequest'
        '401':
          $ref: '#/components/responses/Unauthorized'
  /consent/{consentId}:
    get:
      operationId: getConsent
      summary: Orion Health Get a consent directive
      description: Retrieve a specific patient consent directive.
      tags:
        - Consent
      parameters:
        - name: consentId
          in: path
          required: true
          schema:
            type: string
            format: uuid
      responses:
        '200':
          description: Consent directive
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Consent'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
    put:
      operationId: updateConsent
      summary: Orion Health Update a consent directive
      description: Update an existing patient consent directive.
      tags:
        - Consent
      parameters:
        - name: consentId
          in: path
          required: true
          schema:
            type: string
            format: uuid
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ConsentCreate'
      responses:
        '200':
          description: Consent directive updated
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Consent'
        '400':
          $ref: '#/components/responses/BadRequest'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
  /consent/{consentId}/revoke:
    post:
      operationId: revokeConsent
      summary: Orion Health Revoke a consent directive
      description: Revoke a patient consent directive, preventing further data sharing.
      tags:
        - Consent
      parameters:
        - name: consentId
          in: path
          required: true
          schema:
            type: string
            format: uuid
      requestBody:
        content:
          application/json:
            schema:
              type: object
              properties:
                reason:
                  type: string
                  description: Reason for revocation
                effectiveDate:
                  type: string
                  format: date-time
      responses:
        '200':
          description: Consent revoked
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Consent'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
  /providers:
    get:
      operationId: searchProviders
      summary: Orion Health Search the provider directory
      description: >-
        Search the HIE provider directory for healthcare providers
        and organizations participating in the exchange network.
      tags:
        - Provider Directory
      parameters:
        - name: name
          in: query
          description: Provider or organization name
          schema:
            type: string
        - name: npi
          in: query
          description: National Provider Identifier
          schema:
            type: string
        - name: specialty
          in: query
          description: Provider specialty
          schema:
            type: string
        - name: type
          in: query
          description: Provider type
          schema:
            type: string
            enum:
              - individual
              - organization
        - name: city
          in: query
          schema:
            type: string
        - name: state
          in: query
          schema:
            type: string
        - name: active
          in: query
          schema:
            type: boolean
        - $ref: '#/components/parameters/PageOffset'
        - $ref: '#/components/parameters/PageLimit'
      responses:
        '200':
          description: Provider search results
          content:
            application/json:
              schema:
                type: object
                properties:
                  data:
                    type: array
                    items:
                      $ref: '#/components/schemas/Provider'
                  pagination:
                    $ref: '#/components/schemas/Pagination'
        '401':
          $ref: '#/components/responses/Unauthorized'
  /providers/{providerId}:
    get:
      operationId: getProvider
      summary: Orion Health Get provider details
      description: Retrieve details of a specific provider in the HIE directory.
      tags:
        - Provider Directory
      parameters:
        - name: providerId
          in: path
          required: true
          schema:
            type: string
      responses:
        '200':
          description: Provider details
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Provider'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
  /notifications:
    get:
      operationId: listNotifications
      summary: Orion Health List ADT notifications
      description: >-
        Retrieve admission, discharge, and transfer (ADT) notifications
        for subscribed patients and organizations.
      tags:
        - Notifications
      parameters:
        - name: patientId
          in: query
          schema:
            type: string
        - name: type
          in: query
          schema:
            type: string
            enum:
              - admission
              - discharge
              - transfer
              - registration
        - name: organization
          in: query
          schema:
            type: string
        - name: dateFrom
          in: query
          schema:
            type: string
            format: date-time
        - name: dateTo
          in: query
          schema:
            type: string
            format: date-time
        - name: status
          in: query
          schema:
            type: string
            enum:
              - pending
              - delivered
              - read
              - failed
        - $ref: '#/components/parameters/PageOffset'
        - $ref: '#/components/parameters/PageLimit'
      responses:
        '200':
          description: List of notifications
          content:
            application/json:
              schema:
                type: object
                properties:
                  data:
                    type: array
                    items:
                      $ref: '#/components/schemas/Notification'
                  pagination:
                    $ref: '#/components/schemas/Pagination'
        '401':
          $ref: '#/components/responses/Unauthorized'
  /notifications/subscriptions:
    get:
      operationId: listNotificationSubscriptions
      summary: Orion Health List notification subscriptions
      description: Retrieve current ADT notification subscriptions.
      tags:
        - Notifications
      responses:
        '200':
          description: List of subscriptions
          content:
            application/json:
              schema:
                type: object
                properties:
                  data:
                    type: array
                    items:
                      $ref: '#/components/schemas/NotificationSubscription'
        '401':
          $ref: '#/components/responses/Unauthorized'
    post:
      operationId: createNotificationSubscription
      summary: Orion Health Create a notification subscription
      description: >-
        Subscribe to ADT notifications for specific patients, organizations,
        or event types.
      tags:
        - Notifications
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/NotificationSubscriptionCreate'
      responses:
        '201':
          description: Subscription created
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/NotificationSubscription'
        '400':
          $ref: '#/components/responses/BadRequest'
        '401':
          $ref: '#/components/responses/Unauthorized'
  /audit-logs:
    get:
      operationId: searchAuditLogs
      summary: Orion Health Search audit logs
      description: >-
        Search audit logs for data access and exchange events within the
        HIE network for compliance and accountability purposes.
      tags:
        - Audit
      parameters:
        - name: patientId
          in: query
          schema:
            type: string
        - name: userId
          in: query
          schema:
            type: string
        - name: action
          in: query
          schema:
            type: string
            enum:
              - query
              - retrieve
              - submit
              - update
              - consent-change
        - name: dateFrom
          in: query
          schema:
            type: string
            format: date-time
        - name: dateTo
          in: query
          schema:
            type: string
            format: date-time
        - name: outcome
          in: query
          schema:
            type: string
            enum:
              - success
              - failure
              - denied
        - $ref: '#/components/parameters/PageOffset'
        - $ref: '#/components/parameters/PageLimit'
      responses:
        '200':
          description: Audit log entries
          content:
            application/json:
              schema:
                type: object
                properties:
                  data:
                    type: array
                    items:
                      $ref: '#/components/schemas/AuditLogEntry'
                  pagination:
                    $ref: '#/components/schemas/Pagination'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '403':
          description: Insufficient permissions for audit access
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Error'
components:
  securitySchemes:
    oauth2:
      type: oauth2
      flows:
        clientCredentials:
          tokenUrl: https://auth.orionhealth.com/oauth2/token
          scopes:
            hie:patient-query: Query patient identity
            hie:document-read: Retrieve documents
            hie:document-write: Submit documents
            hie:consent-read: Read consent directives
            hie:consent-write: Manage consent directives
            hie:provider-read: Query provider directory
            hie:notification-read: Read notifications
            hie:notification-manage: Manage notification subscriptions
            hie:audit-read: Read audit logs
    bearerAuth:
      type: http
      scheme: bearer
      bearerFormat: JWT
  parameters:
    PageOffset:
      name: offset
      in: query
      description: Number of items to skip
      schema:
        type: integer
        minimum: 0
        default: 0
    PageLimit:
      name: limit
      in: query
      description: Maximum number of items to return
      schema:
        type: integer
        minimum: 1
        maximum: 100
        default: 20
  schemas:
    PatientMatchRequest:
      type: object
      properties:
        familyName:
          type: string
        givenName:
          type: string
        dateOfBirth:
          type: string
          format: date
        gender:
          type: string
          enum:
            - male
            - female
            - other
            - unknown
        identifier:
          type: object
          properties:
            system:
              type: string
              description: Identifier system (e.g., MRN namespace)
            value:
              type: string
        ssn:
          type: string
          description: Last four digits of SSN for matching
        address:
          type: object
          properties:
            line:
              type: string
            city:
              type: string
            state:
              type: string
            postalCode:
              type: string
        phone:
          type: string
        matchThreshold:
          type: number
          description: Minimum match confidence score (0-1)
          default: 0.85
    PatientMatchResponse:
      type: object
      properties:
        matches:
          type: array
          items:
            type: object
            properties:
              patientId:
                type: string
              confidence:
                type: number
                description: Match confidence score (0-1)
              matchGrade:
                type: string
                enum:
                  - certain
                  - probable
                  - possible
                  - no-match
              identifiers:
                type: array
                items:
                  type: object
                  properties:
                    system:
                      type: string
                    value:
                      type: string
                    organization:
                      type: string
              demographics:
                type: object
                properties:
                  familyName:
                    type: string
                  givenName:
                    type: string
                  dateOfBirth:
                    type: string
                    format: date
                  gender:
                    type: string
        totalMatches:
          type: integer
    PatientIdentifiers:
      type: object
      properties:
        patientId:
          type: string
        identifiers:
          type: array
          items:
            type: object
            properties:
              system:
                type: string
              value:
                type: string
              organization:
                type: string
              organizationName:
                type: string
              assigningAuthority:
                type: string
              active:
                type: boolean
    RecordLocatorResult:
      type: object
      properties:
        documentId:
          type: string
          format: uuid
        documentType:
          type: string
        title:
          type: string
        sourceOrganization:
          type: string
        sourceOrganizationName:
          type: string
        authorName:
          type: string
        createdDate:
          type: string
          format: date-time
        format:
          type: string
        size:
          type: integer
          description: Document size in bytes
        availableFormats:
          type: array
          items:
            type: string
    DocumentMetadata:
      type: object
      properties:
        id:
          type: string
          format: uuid
        patientId:
          type: string
        documentType:
          type: string
        title:
          type: string
        sourceOrganization:
          type: string
        sourceOrganizationName:
          type: string
        authorName:
          type: string
        authorSpecialty:
          type: string
        createdDate:
          type: string
          format: date-time
        submittedDate:
          type: string
          format: date-time
        format:
          type: string
        mimeType:
          type: string
        size:
          type: integer
        hash:
          type: string
          description: SHA-256 hash of the document content
        status:
          type: string
          enum:
            - available
            - deprecated
            - deleted
    DocumentSubmission:
      type: object
      required:
        - patientId
        - documentType
        - content
      properties:
        patientId:
          type: string
        documentType:
          type: string
          enum:
            - ccd
            - discharge-summary
            - progress-note
            - lab-report
            - radiology-report
            - referral
            - consult-note
            - operative-note
            - pathology-report
        title:
          type: string
        format:
          type: string
          enum:
            - cda
            - fhir-bundle
            - pdf
        content:
          type: string
          description: Base64-encoded document content
        metadata:
          type: object
          properties:
            authorName:
              type: string
            authorSpecialty:
              type: string
            encounterDate:
              type: string
              format: date-time
            confidentialityCode:
              type: string
              enum:
                - normal
                - restricted
                - very-restricted
    DocumentContent:
      type: object
      properties:
        id:
          type: string
          format: uuid
        metadata:
          $ref: '#/components/schemas/DocumentMetadata'
        content:
          type: string
          description: Base64-encoded document content
        format:
          type: string
    Consent:
      type: object
      properties:
        id:
          type: string
          format: uuid
        patientId:
          type: string
        status:
          type: string
          enum:
            - active
            - inactive
            - revoked
            - expired
        scope:
          type: string
          enum:
            - opt-in
            - opt-out
        purposes:
          type: array
          items:
            type: string
            enum:
              - treatment
              - payment
              - operations
              - research
              - public-health
        grantedOrganizations:
          type: array
          items:
            type: string
          description: Organizations allowed to access data (opt-in)
        deniedOrganizations:
          type: array
          items:
            type: string
          description: Organizations denied access (opt-out)
        documentTypes:
          type: array
          items:
            type: string
          description: Document types covered by consent
        effectiveDate:
          type: string
          format: date-time
        expirationDate:
          type: string
          format: date-time
        createdAt:
          type: string
          format: date-time
        updatedAt:
          type: string
          format: date-time
    ConsentCreate:
      type: object
      required:
        - patientId
        - scope
        - purposes
      properties:
        patientId:
          type: string
        scope:
          type: string
          enum:
            - opt-in
            - opt-out
        purposes:
          type: array
          items:
            type: string
            enum:
              - treatment
              - payment
              - operations
              - research
              - public-health
        grantedOrganizations:
          type: array
          items:
            type: string
        deniedOrganizations:
          type: array
          items:
            type: string
        documentTypes:
          type: array
          items:
            type: string
        effectiveDate:
          type: string
          format: date-time
        expirationDate:
          type: string
          format: date-time
    Provider:
      type: object
      properties:
        id:
          type: string
        type:
          type: string
          enum:
            - individual
            - organization
        npi:
          type: string
        name:
          type: string
        specialty:
          type: string
        organization:
          type: string
        address:
          type: object
          properties:
            line:
              type: array
              items:
                type: string
            city:
              type: string
            state:
              type: string
            postalCode:
              type: string
        phone:
          type: string
        fax:
          type: string
        email:
          type: string
        active:
          type: boolean
        supportedTransactions:
          type: array
          items:
            type: string
            enum:
              - xds-query
              - xds-retrieve
              - xds

# --- truncated at 32 KB (36 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/orion/refs/heads/main/openapi/orion-hie-openapi.yml