Knogin
[Developers]

ePCR National Health Record Connectors

The national health record connectors let an ambulance service resolve and anchor every patient against the Irish national health system at the moment a call is dispatched, so a crew never starts from a blank page.

Back to All Modules
Category: Data IntegrationLast Updated: May 26, 2026
data-integration

Overview#

The national health record connectors let an ambulance service resolve and anchor every patient against the Irish national health system at the moment a call is dispatched, so a crew never starts from a blank page.

When a 999 or 112 call is assigned, the platform looks up the patient's Individual Health Identifier, pulls their existing summary from the National Shared Care Record, and pre-populates the encounter with known conditions, allergies, and a current medication list. There is no manual transcription and no demographic guesswork. Once the crew has finished care, the completed electronic patient care report is contributed back to the patient's lifetime One Health Record, so the full pathway from the roadside through hospital admission lives in one longitudinal view.

These connectors are built to fail safe. Every connector logs each call to a dedicated national-service audit trail, never writes patient identifiers into the request payload it records, and refuses to invent a result when credentials are absent. An offline or unconfigured environment reports a record as unavailable rather than falsely reporting success, which keeps clinical trust intact.

Key Features#

  • Verified Patient Identity Resolution: Resolve a patient's Individual Health Identifier from name, date of birth, and sex, then confirm the identifier is active before any record is read, so downstream work runs off a verified key rather than fuzzy demographic matching.

  • National Shared Care Record Summary Retrieval: Read a patient's standards-based summary, including the current medication list, from the national shared care record using delegated service authorisation, ready for clinical review at the scene.

  • Lifetime One Health Record Access: Pull the full lifetime record for a patient and review prior encounters across emergency, hospital, general practice, and community care for a complete longitudinal picture.

  • Closed-Loop Encounter Contribution: Once care is complete, contribute the finished report back to the patient's lifetime record as a standards-based transaction, preserving the whole care pathway in a single place.

  • Care-Continuity Subscriptions: Register a standards-based subscription so the platform can be notified of later changes to a patient's record, supporting follow-up, outcome feedback, and continuity of care.

  • Live Hospital EHR Registry: Maintain a per-organisation registry of hospital endpoints across major vendor systems, keyed by hospital, with capability information so a crew can pick the right receiving unit and confirm it can take the patient.

  • Configuration-Driven Hospital Onboarding: Add a new receiving hospital with a registry entry and its authorisation credentials, with no software release required, so coverage grows operationally rather than through engineering work.

  • Fail-Safe, Audited Operation: Every connector records each call to a national-service audit trail without writing patient identifiers into the logged payload, and degrades gracefully when credentials or endpoints are missing.

Use Cases#

Time-Critical Cardiac and Stroke Pathways#

STEMI and stroke crews can identify the receiving hospital from a live registry that exposes each endpoint's capabilities, then confirm the chosen unit can accept and treat the patient before the ambulance arrives. The verified identifier means the receiving team can match the inbound patient to their existing record without re-keying details under time pressure.

Pre-Populated Pre-Hospital Encounters#

A crew arriving on scene sees the patient's known conditions, allergies, and active medications drawn from the national shared care record, so assessment starts from an accurate baseline. This is particularly valuable for unconscious, confused, or non-verbal patients who cannot give a reliable history.

Longitudinal Care and Outcome Feedback#

By contributing the completed report back to the lifetime record and subscribing to later updates, a service can follow what happened after handover. This supports clinical audit, outcome feedback to crews, and a joined-up view of repeat callers and long-term conditions.

Referrals, Handover, and Research#

Because the verified identifier acts as a stable cross-system key, every downstream workflow that depends on identity, including referrals, hospital handover, and approved research exports, works off one consistent patient identity rather than re-matching demographics at each step.

Audiences#

  • Ambulance and emergency medical services contributing to a national shared care programme
  • Receiving hospitals integrating field-originated records into their own systems
  • Clinical governance and audit teams reviewing the full pre-hospital to hospital pathway
  • Development teams that need to onboard new receiving hospitals without a code change

Integration#

The connectors are designed to plug into an existing national health system using widely supported interfaces, so a customer connects to the channels they already operate.

  • Identity Service Integration: Patient identity resolution connects to the national health identifiers service over a standard authenticated REST interface and caches the verified identifier against the patient so later lookups reuse it.

  • Shared Care and Lifetime Record Integration: Summary and lifetime record reads use a standards-based healthcare REST model with delegated service authorisation, returning structured resources the platform maps straight into the clinical workspace.

  • Hospital Connector Registry: Each receiving hospital is described by a registry entry holding its endpoint, vendor, capability list, and authorisation configuration. The connector acquires a per-hospital token and supports both reading standards-based resources and posting completed bundles, so adding a hospital is configuration rather than engineering.

  • Care-Continuity Webhooks: A standards-based subscription can be registered against a patient so later updates are delivered to a customer endpoint over a webhook channel, enabling follow-up workflows without polling.

  • Normalised Clinical Model: Inbound and outbound records use a normalised, standards-based representation rather than a private proprietary schema, which means the same data feeds the encounter, handover, audit, and reporting workflows the customer already uses.

The benefit to a customer is that the same patient identity and record model flows through dispatch, on-scene care, handover, and post-incident review, so the integration effort is paid once and reused across every clinical workflow.

Open Standards#

  • HL7 FHIR R4: patient summaries, medication lists, encounter history, and submitted reports all use the HL7 FHIR Release 4 resource model and REST interactions for healthcare interoperability.

  • HL7 FHIR R4 Bulk Data Access: lifetime record retrieval uses the standard whole-record operation pattern so a full patient record can be pulled in one structured response.

  • HL7 FHIR R4 Subscription (rest-hook channel): care-continuity notifications are registered as standards-based subscriptions delivered over the rest-hook webhook channel.

  • application/fhir+ndjson (FHIR Newline Delimited JSON): large-scale and bulk healthcare exchange uses the Newline Delimited JSON media type expected by FHIR bulk data consumers.

  • OAuth 2.0 client_credentials grant (RFC 6749): shared care record, lifetime record, and per-hospital connections obtain service-to-service access tokens using the standard client-credentials grant.

  • SMART on FHIR 2.1: hospital EHR connections align to the SMART launch and authorisation context expected by major vendor systems, so a customer can connect using the same standards their hospital partners already support.

Security & Compliance#

  • Fail Closed on Missing Credentials: When an endpoint or its credentials are not configured, a connector reports the record as unavailable and never fabricates a successful national-record read, so offline or partially configured environments cannot mislead a clinician.

  • Audited Access to Special-Category Data: Every connector call is written to a dedicated national-service audit trail capturing the operation, organisation, status, and timing, giving a complete record of who accessed national health data and when.

  • No Patient Identifiers in Audit Payloads: The audit trail deliberately excludes patient identifiers from the logged request payload, recording only the operation and organisation, which keeps special-category health data out of operational logs.

  • Tenant Isolation: Identifier caching, hospital registries, and record submissions are scoped to the owning organisation, so one service can never read or write another service's patient data or hospital configuration.

  • Delegated, Short-Lived Authorisation: Connections use service-level access tokens acquired per request rather than long-lived shared secrets embedded in the workflow, reducing the exposure of any single credential.

Last Reviewed: 2026-05-26 Last Updated: 2026-05-26

Ready to Build?

Get started with our APIs or contact our integration team for support.