Patient Data API

The Patient Data API allows you to send both non-sensitive and sensitive patient information. All patient data is processed through HiQOR's AWS environment. HiQOR securely ingests, processes, and makes results available through structured API responses.

Data Format

HiQOR processes patient data using camelCase formatting for standardization. While HiQOR enforces a structured data model, we support flexible formatting options to accommodate client needs. For specific format requests, contact our API team at api@hiqor.com.

Send Patient Data

There are two endpoints for sending patient data, explicitly distinguishing between non-sensitive and sensitive data:

Non-Sensitive Data

POST /patient/savePatientData?dataType=non-sensitive

Sensitive Data

POST /patient/savePatientData?dataType=sensitive

Required Fields

The following fields are required for all API calls:

  • assessmentType
  • funnelID
  • email
  • patientUUID

Request Body

The request body will vary depending on whether you're sending non-sensitive or sensitive data. Note that while we process data in camelCase, our API can accept various formats in the request body.

Non-Sensitive Data Example

{
  "assessmentType": "FaceScan",
  "funnelID": "example-funnel-id",
  "patientUUID": "11884643-42a0-499c-bafd-2b9a9617a5a6",
  "IPAddress": "192.168.0.1",
  "email": "patient@example.com",
  "lastName": "Doe",
  "firstName": "John",
  "phone": "1234567890",
  "zip": "12345",
  "contactConsent": true,
  "biologicalSex": "male",
  "age": 35,
  "dateOfBirth": "1988-01-01",
  "city": "New York",
  "state": "New York",
  "formCompleted": true,
  "assessmentCompleted": false
}

Sensitive Data Example

{
  "assessmentType": "FaceScan",
  "funnelID": "example-funnel-id",
  "patientUUID": "11884643-42a0-499c-bafd-2b9a9617a5a6",
  "email": "patient@example.com",
  "IPAddress": "192.168.0.1",
  "heightFt": 5,
  "heightIn": 10,
  "heightCm": 178,
  "weightLb": 160,
  "weightKg": 72.5,
  "diabetic": false,
  "smoker": false,
  "hypertension": false,
  "hypertensionMedication": false,
  "heartRateBpm": 72,
  "heartRateVariabilityMs": 50,
  "irregularHeartBeats": false,
  "systolicBloodPressureMmhg": 120,
  "diastolicBloodPressureMmhg": 80,
  "breathingRateBpm": 14,
  "riskTotalCholestrol": 180,
  "riskHdl": 50,
  "riskLdl": 100,
  "riskTriglycerdies": 150,
  "smokerRiskStatus": "low",
  "riskBmi": 22.9,
  "oxygen": 98,
  "riskTenYrCvd": 2,
  "riskFraminghamScore": 5,
  "riskBapwv": 7,
  "riskRestingHeartRate": 65,
  "riskMetSComp": 0,
  "rmssd": 35,
  "ibi": 830,
  "assessmentCompleted": true
}

Note: The formCompleted field in the non-sensitive data payload indicates that the initial form has been completed. The assessmentCompleted field indicates whether the assessment has been completed.

UUID Handling

The UUID serves as a unique identifier for each patient, paired with their respective assessment type. Our system processes incoming data as follows:

  • If a patientUUID is provided along with an assessmentType, we check for an existing record.
  • If a match is found, we update the existing lead instead of creating a new one.
  • If no matching record exists, we proceed with lead creation.
  • If a lead is received with only an email (without a UUID), we check whether an existing record exists for that email under the same assessmentType.
  • If found, we update the existing lead.
  • If not, we create a new lead.

This process ensures that patient data remains accurate and up-to-date while preventing unnecessary lead duplication.

Example Response

{
  "message": "Patient data received successfully",
  "patientUUID": "11884643-42a0-499c-bafd-2b9a9617a5a6"
}

Receiving Processed Data

After sending patient data, HiQOR will process it and route it based on the funnelID. You will receive the processed results via webhooks or SNS subscriptions.

To receive these results, you need to:

  1. Set up a webhook endpoint on your server to receive the processed data
  2. Or, set up an SNS subscription to receive notifications when new data is available

Contact our API team at api@hiqor.com to set up your webhook or SNS subscription and discuss any specific data format requirements for outgoing data.

Validation Rules

The API includes validation rules to ensure data integrity and security. You may encounter the following validation errors:

Invalid Funnel ID

If the provided funnelID is not valid or recognized:

{
  "message": "Invalid Client"
}

Missing or Invalid Data Type

If the dataType parameter is missing or invalid:

{
  "message": "Invalid data type. Use 'sensitive' or 'non-sensitive'"
}

Note: All requests to the Patient Data API require authentication. Make sure to include the Authorization header with a valid token, prefixed with "Bearer ".