slug: smart-on-fhir title: SMART on FHIR: The Future of Health Apps titleZh: SMART on FHIR:健康应用的未来 category: fhir description: SMART on FHIR enables developers to build apps that seamlessly integrate with any FHIR-compatible electronic health record system. descriptionZh: SMART on FHIR 使开发者能够构建与任何兼容 FHIR 的电子健康记录系统无缝集成的应用。 keywords: [SMART on FHIR, FHIR apps, EHR integration, OAuth healthcare, health API] last_updated: January 2025 difficulty: intermediate readTime: 10 relatedArticles: [what-is-fhir, fhir-vs-hl7]
SMART on FHIR: The Future of Health Apps
SMART on FHIR (Substitutable Medical Apps, Reusable Technology, Fast Healthcare Interoperability Resources) is a set of open specifications that enable developers to build healthcare applications that work with any FHIR-compatible electronic health record (EHR) system.
What Makes SMART on FHIR Different?
Traditional healthcare app development required:
- Custom integrations for each EHR vendor
- Proprietary APIs and authentication methods
- Expensive and time-consuming certification processes
SMART on FHIR provides:
- Universal integration: Write once, run on any compatible EHR
- Standardized authentication: OAuth 2.0 for secure access
- App marketplace model: Easy distribution to healthcare providers
- Patient access: Patients can grant apps access to their own data
How It Works
1. OAuth 2.0 Authentication
SMART on FHIR uses OAuth 2.0 for secure, delegated access:
┌─────────────┐ ┌─────────────┐ ┌─────────────┐
│ Patient │ │ App │ │ EHR │
│ (Resource │ grants │ (Client) │ requests │ (Resource │
│ Owner) │ ────────→ │ │ ────────→ │ Server) │
└─────────────┘ └─────────────┘ └─────────────┘
│ │ │
│ │ ←───────────── │
│ │ Access Token │
│ └───────────────────────┘
2. Scopes and Permissions
Apps request specific access through scopes:
| Scope | Description |
|-------|-------------|
| patient/*.read | Read all patient data |
| patient/Patient.read | Read patient demographics |
| patient/Observation.read | Read observations (lab results, vitals) |
| launch/patient | App launches in patient context |
| launch/encounter | App launches in encounter context |
Core Components
SMART Launch
Two launch contexts:
Patient Launch: Patient accesses an app through their patient portal
- Patient selects app in EHR portal
- EHR redirects to app with launch context
- App requests authorization
- Patient approves access
- App receives access token
Provider Launch: Provider launches app during clinical workflow
- Provider selects app within EHR
- App receives provider and patient context
- Provider approves access (if needed)
- App receives access token
FHIR Resources
Apps access standard FHIR resources:
// Get patient demographics
GET /Patient/{id}
// Get conditions
GET /Condition?patient={id}
// Get medications
GET /MedicationRequest?patient={id}
// Get observations (lab results, vitals)
GET /Observation?patient={id}
Building Your First SMART on FHIR App
Step 1: Register Your App
Register with EHR vendors or use public test servers:
- SMART Health IT: Public sandbox
- Logica: FHIR server for testing
- Epic: Developer portal (production)
Step 2: Implement OAuth 2.0
// Authorization flow example
const authUrl = `https://ehr.example.com/authorize?
response_type=code
&client_id=${clientId}
&scope=patient/*.read
&redirect_uri=${redirectUri}
&state=${state}
&aud=${fhirServiceUrl}`;
// Exchange code for token
const tokenResponse = await fetch(tokenUrl, {
method: 'POST',
body: JSON.stringify({
grant_type: 'authorization_code',
code: authorizationCode,
redirect_uri: redirectUri,
client_id: clientId
})
});
Step 3: Access FHIR Resources
// Use access token to get patient data
const response = await fetch(`${fhirServiceUrl}/Patient/${patientId}`, {
headers: {
'Authorization': `Bearer ${accessToken}`
}
});
const patient = await response.json();
Popular Use Cases
Clinical Decision Support
Apps that provide:
- Drug interaction checking
- Clinical guideline reminders
- Diagnostic support tools
Patient-Facing Apps
- Patient portals
- Wellness tracking apps
- Chronic disease management
- Medication adherence tools
Population Health
- Disease registries
- Quality measurement
- Reporting dashboards
EHR Vendor Support
| Vendor | SMART on FHIR Support | Notes | |--------|----------------------|-------| | Epic | ✅ Full | Requires developer registration | | Cerner | ✅ Full | Code management platform | | Allscripts | ✅ Full | Developer program available | | Athenahealth | ✅ Full | Open API | | Oracle Health | ✅ Partial | Growing support |
Certification
SMART on FHIR apps can be certified through:
- HL7 FHIR Core: Basic FHIR conformance
- ONC Health IT Certification: For US market
- EHR vendor programs: Vendor-specific certification
Best Practices
- Start with public sandboxes before production integration
- Handle token refresh proactively
- Implement proper error handling for expired tokens
- Follow SMART guidelines for UI/UX
- Test with multiple EHR systems for compatibility
- Document your scopes clearly for users
Resources
- SMART Health IT - Official documentation
- HL7 FHIR - FHIR specifications
- SMART App Gallery - Example apps
Summary
SMART on FHIR represents a paradigm shift in healthcare application development:
- One integration works across multiple EHR systems
- Standard authentication reduces development complexity
- Patient-controlled data access improves privacy
- Growing ecosystem of tools and libraries
Whether you're building patient-facing apps or clinical tools, SMART on FHIR provides the foundation for the next generation of healthcare applications.