Integrating an application with Kanta PHR

Integrating an application with Kanta PHR

Various types of applications can be integrated with My Kanta Pages Personal Health Record (Kanta PHR):

  • Wellbeing applications aimed at citizens
    • Native application: a mobile app based directly on Kanta PHR
    • A server-based application: e.g. a web application or other application that operates on a server
  • Professional applications
    • Tools/systems for social welfare and healthcare (SOTE) service providers, which utilise (can read) the data saved in the citizen’s Kanta PHR
  • Applications that contain functionalities for both citizens and professionals

In terms of professional applications, instructions can be specified further in connection with the forthcoming parliamentary processing of the Client Data Act.

Stages for the application supplier to integrate an application with Kanta PHR

1. Familiarisation with the FHIR standard and the national data content

The application supplier must become acquainted with the HL7 FHIR standard, the OAuth 2.0 authorisation protocol and the national data content.

2. Development and own testing against Sandbox environments

If an application needs new data content from outside the national data content, the application supplier must make a proposal on the expansion of the data content to be reviewed by the HL7 Finland Personal Health SIG development community in accordance with the data content development process.

It is highly advisable to test the application supplier’s own application independently in the Sandbox environments provided by the Kanta services.

3. Certification of professional applications

An application aimed for the use of social welfare and healthcare professionals must meet the requirements of the Client Data Act (class A). For that reason, professional applications utilising Kanta PHR must pass the Kanta certification process.

The Kanta PHR service differs from previous Kanta services (e.g. Patient Data Repository and the Prescription service), and therefore application approval testing carried out in the client testing environment of Kanta PHR is used in the certification process of the professional application instead of Kanta joint testing. As professional applications currently do not record data into Kanta PHR, separate cross-testing between various applications is not required of the application.

4. Application approval testing

Approval testing for Kanta PHR means the verification of internal testing of the application and ensuring its functioning against the client testing environments of the Kanta services.

In the approval testing, the application supplier itself will test all the functionalities and data contents that the application uses against Kanta PHR. Mandatory test cases include, e.g. authorisation, functionalities by resource type/profile, compliance with the national data content, and display of data in My Kanta Pages.

Approval testing is meant for testing in the last stage of the development work.

Registration for approval testing takes place by sending an application form and the approval criteria form with their appendices to the Kanta services. The approval criteria must be met before the approval testing of the application can be started. The forms are sent by email to kanta@kanta.fi (in future via the Kanta Extranet).

Server-based applications need a test server certificate from the Population Register Centre (PRC) for approval testing.

  • Applications aimed at citizens shall apply for a wellbeing application server certificate.  The certificate cannot be applied for until the application has been approved for testing and Kela has issued the organisation’s OID code to the application supplier. More detailed instructions coming later.
  • In the testing, the PRC server certificate for professional applications must be a SOTE server certificate, which must be at the access point used by the SOTE service provider that takes part in the testing. An existing certificate can be used as the certificate or it is possible to obtain a new one.

Approval testing is carried out in the client test environments in Kanta PHR and My Kanta Pages, which are maintained by Kela. The application supplier shall carry out the testing in accordance with Kela’s instructions and report the test results to Kela, which will check the test results and provide a statement on the approval of the test. The application supplier is responsible for ensuring that testing is carried out in the sufficient scope and with a high standard of quality.

5. Start of production

Application aimed at citizens

Before production use is started:

  • The application supplier accepts the delivery terms and service description of Kanta PHR and sends the rest of the application data to be published to the Kanta services by email (in future in Kanta Extranet).
  • If the application is server-based, the application supplier shall obtain a production server certificate from PRC (wellbeing application service certificate).
  • The application is registered technically in the Kanta PHR service in the Kanta services
    • The application is added to the application list on the kanta.fi website two weeks after technical registration.
  • The application supplier ensures the functioning of production, after which the production use can be started.

Citizens start using the application by providing access rights for the application to Kanta PHR and the data contained in it and approve the terms of using Kanta PHR.

Professional application

In professional applications, the social welfare and healthcare service provider deploys the Kanta PHR service with the professional application approved for Kanta PHR via the technical access point.

Before production use is started:  

  • After certification, the application supplier will complete the information of the application to be published for the Kanta services by email (in future in Kanta Extranet)
  • The first user organisation starting production use of the application = the social welfare and healthcare service provider
    • ensures that the access point has a PRC production server certificate (SOTE server certificate)
    • notifies Kanta services that it has deployed the Kanta PHR service with the xxx application using an yyy technical access point.
  • The social welfare and healthcare service provider and the access point are technically registered by Kela in the Kanta PHR service.
  • The application supplier and the social welfare and healthcare service provider together ensure the functioning of production, after which the production use can be started.

In terms of professional applications, instructions can be specified further in connection with the forthcoming parliamentary processing of the Client Data Act.

Last updated 11.06.2018