Development of Secure API to Support ICD-10 Based Electronic Medical Records Interoperability
Abstract
Previous research in 2021 and 2022 has yielded a revolutionary health examination system. This system seamlessly integrates the World Health Organization's International Classification of Diseases-10 (ICD-10) data, ensuring diagnoses align with global standards and thereby enhancing the quality of healthcare provision. A pivotal achievement is the creation of a sophisticated doctor's examination interface, designed for precision and efficiency. Complementing this interface, a search engine autonomously generates relevant keywords, successfully passing the rigorous black-box test, which attests to its robustness and reliability in retrieving critical medical information. A new challenge arises in enabling seamless access to the stored medical record data for various stakeholders, including the Ministry of Health, BPJS, insurance companies, and other relevant entities. To address this, the research team has devised the Application Programming Interface (API). Functioning as a crucial bridge, this API facilitates interoperability among diverse systems. Adherence to the stringent security standards set by the Open Web Application Security Project (OWASP) ensures that the exchange of medical data occurs within a secure environment. Consequently, sensitive patient information can be shared across platforms without compromising confidentiality or integrity.
Downloads
Download data is not yet available.
References
[1] J. N. Olayinka, O. B. Akawa, E. K. Ogbu, A. T. Eduviere, R. I. Ozolua, and M. Soliman, “Apigenin attenuates depressive-like behavior via modulating monoamine oxidase A enzyme activity in chronically stressed mice,” Current Research in Pharmacology and Drug Discovery, vol. 5, 2023, doi: 10.1016/j.crphar.2023.100161.
[2] P. Ramos, “Compatibility studies of selected mucolytic drugs with excipients used in solid dosage forms: Thermogravimetry analysis,” Farmacia, vol. 69, no. 3, 2021, doi: 10.31925/farmacia.2021.3.22.
[3] W. Wang, C. Ren, H. Song, S. Zhang, and P. Liu, “FGL_Droid: An Efficient Android Malware Detection Method Based on Hybrid Analysis,” Security and Communication Networks, vol. 2022, 2022, doi: 10.1155/2022/8398591.
[4] M. L. Braunstein et al., “The development and electronic delivery of case-based learning using a fast healthcare interoperability resource system,” JAMIA Open, vol. 2, no. 4, 2019, doi: 10.1093/jamiaopen/ooz055.
[5] K. D. Mandl, D. Gottlieb, and A. Ellis, “Beyond One-Off Integrations: A Commercial, Substitutable, Reusable, Standards-Based, Electronic Health Record-Connected App,” Journal of Medical Internet Research, vol. 21, no. 2, 2019, doi: 10.2196/12902.
[6] M. Mugisha et al., “Integration of international classification of diseases version 11 Application Program Interface (API) in the Rwandan Electronic Medical Records (openMRS): Findings from two district Hospitals in Rwanda,” in Studies in Health Technology and Informatics, 2020. doi: 10.3233/SHTI200549.
[7] I. G. N. L. Wijayakusuma and S. C. Yowani, “WHO ICD-10 BASED ONLINE DISEASE DIAGNOSIS FOR GENERATING DIGITAL MEDICAL RECORD APPLICATION DEVELOPMENT,” SINTECH (Science and Information Technology) Journal, vol. 5, no. 1, 2022, doi: 10.31598/sintechjournal.v5i1.1040.
[8] J. M. Carson, P. Chen, and J. F. Outreville, “Foreign Direct Investment Affect the Supply of Life Insurance in Developing Countries ?,” Journal of Insurance Issues, vol. 44, no. 1, 2021.
[9] T. Chadaeva, “The Impact of Open Banking on the US Finance Industry,” Russia and America in the 21st Century, no. 3, 2019, doi: 10.18254/s207054760007179-3.
[10] V. Stefanelli and F. Manta, “Digital Financial Services and Open Banking Innovation: Are Banks Becoming ‘invisible’?,” Global Business Review, 2023, doi: 10.1177/09721509231151491.
[11] M. Ul Alam, M. A. K. Azad, and M. S. Ali, “Best Practices to Secure API Implementations in Core Banking System (CBS) in Banks,” in 2022 IEEE 12th Annual Computing and Communication Workshop and Conference, CCWC 2022, 2022. doi: 10.1109/CCWC54503.2022.9720840.
[12] A. Bris et al., “KNIGHTS, RAIDERS, AND TARGETS - THE IMPACT OF THE HOSTILE TAKEOVER - COFFEE,JC, LOWENSTEIN,L, ROSEACKERMAN,S,” Journal of Bank Finance, vol. 37, no. 1, 2021.
[13] R. Buckley et al., “Governing FinTech 4.0: BigTech, Platform Finance, and Governing FinTech 4.0: BigTech, Platform Finance, and Sustainable Development,” Fordham Journal of Corporate & Financial Law, vol. 27, no. 1, 2022.
[14] D. W. Arner, R. P. Buckley, K. Charamba, A. Sergeev, and D. A. Zetzsche, “BigTech and Platform Finance: Governing FinTech 4.0 for Sustainable Development,” SSRN Electronic Journal, 2021, doi: 10.2139/ssrn.3915275.
[15] N. A. Prasetyo and Y. Saintika, “Integration between Moodle and Academic Information System using Restful API for Online Learning,” Jurnal Ilmiah Teknik Elektro Komputer dan Informatika, vol. 7, no. 2, 2021, doi: 10.26555/jiteki.v7i2.21816.
[16] K. Abouelmehdi, A. Beni-Hessane, and H. Khaloufi, “Big healthcare data: preserving security and privacy,” Journal of Big Data, vol. 5, no. 1, 2018, doi: 10.1186/s40537-017-0110-7.
[17] J. Kwon and M. E. Johnson, “Meaningful healthcare security: Does meaningful-use attestation improve information security performance?,” MIS Quarterly, vol. 42, no. 4, 2018, doi: 10.25300/MISQ/2018/13580.
[18] H. Huang, T. Gong, N. Ye, R. Wang, and Y. Dou, “Private and Secured Medical Data Transmission and Analysis for Wireless Sensing Healthcare System,” IEEE Transaction on Industrial Informatics, vol. 13, no. 3, 2017, doi: 10.1109/TII.2017.2687618.
[19] P. Sarosh, S. A. Parah, and G. M. Bhat, “An efficient image encryption scheme for healthcare applications,” Multimedia Tools and Applications, vol. 81, no. 5, 2022, doi: 10.1007/s11042-021-11812-0.
[20] Priyanka and A. K. Singh, “A survey of image encryption for healthcare applications,” Evolutionary Intelligence, vol. 16, no. 3, 2023, doi: 10.1007/s12065-021-00683-x.
[21] N. M. Hamed and A. A. Yassin, “Secure Patient Authentication Scheme in the Healthcare System Using Symmetric Encryption,” Iraqi Journal for Electrical and Electronic Engineering, vol. 18, no. 1, 2022, doi: 10.37917/ijeee.18.1.9.
[22] K. Munjal and R. Bhatia, “A systematic review of homomorphic encryption and its contributions in healthcare industry,” Complex and Intelligent Systems, vol. 9, no. 4, 2023, doi: 10.1007/s40747-022-00756-z.
[23] P. Sharma, N. R. Moparthi, S. Namasudra, V. Shanmuganathan, and C. H. Hsu, “Blockchain-based IoT architecture to secure healthcare system using identity-based encryption,” Expert Systems, vol. 39, no. 10, 2022, doi: 10.1111/exsy.12915.
[24] M. K. Hasan et al., “Lightweight Encryption Technique to Enhance Medical Image Security on Internet of Medical Things Applications,” IEEE Access, vol. 9, 2021, doi: 10.1109/ACCESS.2021.3061710.
[25] S. Das and S. Namasudra, “A Novel Hybrid Encryption Method to Secure Healthcare Data in IoT-enabled Healthcare Infrastructure,” Computers and Electrical Engineering, vol. 101, 2022, doi: 10.1016/j.compeleceng.2022.107991.
[26] A. Ali et al., “An Industrial IoT-Based Blockchain-Enabled Secure Searchable Encryption Approach for Healthcare Systems Using Neural Network,” Sensors, vol. 22, no. 2, 2022, doi: 10.3390/s22020572.
[27] M. Singh and A. K. Singh, “Security of Medical Images Using a Key-Based Encryption Algorithm in the RDWT-RSVD Domain: SeMIE,” Journal of Database Management, vol. 34, no. 2, 2023, doi: 10.4018/JDM.318413.
[28] S. Schmeelk and L. Tao, “A Case Study of Mobile Health Applications: The OWASP Risk of Insufficient Cryptography,” Journal of Computer Science Research, vol. 4, no. 1, 2022, doi: 10.30564/jcsr.v4i1.4271.
[29] I. G. Anugrah and M. A. R. I. Fakhruddin, “Development Authentication and Authorization Systems of Multi Information Systems Based REst API and Auth Token,” INNOVATION RESEARCH JOURNAL, vol. 1, no. 2, 2020, doi: 10.30587/innovation.v1i2.1927.
[30] A. Elanda and R. L. Buana, “Analisis Keamanan Sistem Informasi Berbasis Website Dengan Metode Open Web Application Security Project (OWASP) Versi 4: Systematic Review,” CESS (Journal of Computer Engineering, System and Science), vol. 5, no. 2, 2020, doi: 10.24114/cess.v5i2.17149.
[31] M. Mehrtak et al., “Security challenges and solutions using healthcare cloud computing,” Journal of medicine and life, vol. 14, no. 4. 2021. doi: 10.25122/jml-2021-0100.
[32] B. Gao, F. Liu, S. Du, and F. Meng, “An OAuth2.0-Based Unified Authentication System for Secure Services in the Smart Campus Environment,” in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 2018. doi: 10.1007/978-3-319-93713-7_73.
[33] A. Chatterjee, M. W. Gerdes, P. Khatiwada, and A. Prinz, “SFTSDH: Applying Spring Security Framework with TSD-Based OAuth2 to Protect Microservice Architecture APIs,” IEEE Access, vol. 10, 2022, doi: 10.1109/ACCESS.2022.3165548.
[34] N. A. J. De Witte et al., “Online consultations in mental healthcare during the COVID-19 outbreak: An international survey study on professionals’ motivations and perceived barriers,” Internet Interventions, vol. 25, 2021, doi: 10.1016/j.invent.2021.100405.
[35] K. Bennett, A. J. Bennett, and K. M. Griffiths, “Security considerations for e-mental health interventions,” Journal of Medical Internet Research, vol. 12, no. 5, 2010, doi: 10.2196/jmir.1468.
[36] L. Yin, A. Zhang, X. Ye, and X. Xie, “Security-aware department matching and doctor searching for online appointment registration system,” IEEE Access, vol. 7, 2019, doi: 10.1109/ACCESS.2019.2904724.
[37] W. Sun, Z. Cai, Y. Li, F. Liu, S. Fang, and G. Wang, “Security and Privacy in the Medical Internet of Things: A Review,” Security and Communication Networks, vol. 2018. 2018. doi: 10.1155/2018/5978636.
[38] S. K. Woody, D. Burdick, H. Lapp, and E. S. Huang, “Application programming interfaces for knowledge transfer and generation in the life sciences and healthcare,” npj Digital Medicine, vol. 3, no. 1. 2020. doi: 10.1038/s41746-020-0235-5.
[39] M. Y. P. Mahendra, I. N. Piarsa, and D. Putra Githa, “Geographic Information System of Public Complaint Testing Based On Mobile Web (Public Complaint),” Lontar Komputer : Jurnal Ilmiah Teknologi Informasi, 2018, doi: 10.24843/lkjiti.2018.v09.i02.p04.
[40] N. M. D. Febriyanti, A. A. K. O. Sudana, and I. N. Piarsa, “Implementasi Black Box Testing pada Sistem Informasi Manajemen Dosen,” Jurnal Ilmiah Teknologi dan Komputer, vol. 2, no. 3, 2021.
[41] C. S. Kruse, B. Smith, H. Vanderlinden, and A. Nealand, “Security Techniques for the Electronic Health Records,” Journal of Medical Systems, vol. 41, no. 8, 2017, doi: 10.1007/s10916-017-0778-4.
[2] P. Ramos, “Compatibility studies of selected mucolytic drugs with excipients used in solid dosage forms: Thermogravimetry analysis,” Farmacia, vol. 69, no. 3, 2021, doi: 10.31925/farmacia.2021.3.22.
[3] W. Wang, C. Ren, H. Song, S. Zhang, and P. Liu, “FGL_Droid: An Efficient Android Malware Detection Method Based on Hybrid Analysis,” Security and Communication Networks, vol. 2022, 2022, doi: 10.1155/2022/8398591.
[4] M. L. Braunstein et al., “The development and electronic delivery of case-based learning using a fast healthcare interoperability resource system,” JAMIA Open, vol. 2, no. 4, 2019, doi: 10.1093/jamiaopen/ooz055.
[5] K. D. Mandl, D. Gottlieb, and A. Ellis, “Beyond One-Off Integrations: A Commercial, Substitutable, Reusable, Standards-Based, Electronic Health Record-Connected App,” Journal of Medical Internet Research, vol. 21, no. 2, 2019, doi: 10.2196/12902.
[6] M. Mugisha et al., “Integration of international classification of diseases version 11 Application Program Interface (API) in the Rwandan Electronic Medical Records (openMRS): Findings from two district Hospitals in Rwanda,” in Studies in Health Technology and Informatics, 2020. doi: 10.3233/SHTI200549.
[7] I. G. N. L. Wijayakusuma and S. C. Yowani, “WHO ICD-10 BASED ONLINE DISEASE DIAGNOSIS FOR GENERATING DIGITAL MEDICAL RECORD APPLICATION DEVELOPMENT,” SINTECH (Science and Information Technology) Journal, vol. 5, no. 1, 2022, doi: 10.31598/sintechjournal.v5i1.1040.
[8] J. M. Carson, P. Chen, and J. F. Outreville, “Foreign Direct Investment Affect the Supply of Life Insurance in Developing Countries ?,” Journal of Insurance Issues, vol. 44, no. 1, 2021.
[9] T. Chadaeva, “The Impact of Open Banking on the US Finance Industry,” Russia and America in the 21st Century, no. 3, 2019, doi: 10.18254/s207054760007179-3.
[10] V. Stefanelli and F. Manta, “Digital Financial Services and Open Banking Innovation: Are Banks Becoming ‘invisible’?,” Global Business Review, 2023, doi: 10.1177/09721509231151491.
[11] M. Ul Alam, M. A. K. Azad, and M. S. Ali, “Best Practices to Secure API Implementations in Core Banking System (CBS) in Banks,” in 2022 IEEE 12th Annual Computing and Communication Workshop and Conference, CCWC 2022, 2022. doi: 10.1109/CCWC54503.2022.9720840.
[12] A. Bris et al., “KNIGHTS, RAIDERS, AND TARGETS - THE IMPACT OF THE HOSTILE TAKEOVER - COFFEE,JC, LOWENSTEIN,L, ROSEACKERMAN,S,” Journal of Bank Finance, vol. 37, no. 1, 2021.
[13] R. Buckley et al., “Governing FinTech 4.0: BigTech, Platform Finance, and Governing FinTech 4.0: BigTech, Platform Finance, and Sustainable Development,” Fordham Journal of Corporate & Financial Law, vol. 27, no. 1, 2022.
[14] D. W. Arner, R. P. Buckley, K. Charamba, A. Sergeev, and D. A. Zetzsche, “BigTech and Platform Finance: Governing FinTech 4.0 for Sustainable Development,” SSRN Electronic Journal, 2021, doi: 10.2139/ssrn.3915275.
[15] N. A. Prasetyo and Y. Saintika, “Integration between Moodle and Academic Information System using Restful API for Online Learning,” Jurnal Ilmiah Teknik Elektro Komputer dan Informatika, vol. 7, no. 2, 2021, doi: 10.26555/jiteki.v7i2.21816.
[16] K. Abouelmehdi, A. Beni-Hessane, and H. Khaloufi, “Big healthcare data: preserving security and privacy,” Journal of Big Data, vol. 5, no. 1, 2018, doi: 10.1186/s40537-017-0110-7.
[17] J. Kwon and M. E. Johnson, “Meaningful healthcare security: Does meaningful-use attestation improve information security performance?,” MIS Quarterly, vol. 42, no. 4, 2018, doi: 10.25300/MISQ/2018/13580.
[18] H. Huang, T. Gong, N. Ye, R. Wang, and Y. Dou, “Private and Secured Medical Data Transmission and Analysis for Wireless Sensing Healthcare System,” IEEE Transaction on Industrial Informatics, vol. 13, no. 3, 2017, doi: 10.1109/TII.2017.2687618.
[19] P. Sarosh, S. A. Parah, and G. M. Bhat, “An efficient image encryption scheme for healthcare applications,” Multimedia Tools and Applications, vol. 81, no. 5, 2022, doi: 10.1007/s11042-021-11812-0.
[20] Priyanka and A. K. Singh, “A survey of image encryption for healthcare applications,” Evolutionary Intelligence, vol. 16, no. 3, 2023, doi: 10.1007/s12065-021-00683-x.
[21] N. M. Hamed and A. A. Yassin, “Secure Patient Authentication Scheme in the Healthcare System Using Symmetric Encryption,” Iraqi Journal for Electrical and Electronic Engineering, vol. 18, no. 1, 2022, doi: 10.37917/ijeee.18.1.9.
[22] K. Munjal and R. Bhatia, “A systematic review of homomorphic encryption and its contributions in healthcare industry,” Complex and Intelligent Systems, vol. 9, no. 4, 2023, doi: 10.1007/s40747-022-00756-z.
[23] P. Sharma, N. R. Moparthi, S. Namasudra, V. Shanmuganathan, and C. H. Hsu, “Blockchain-based IoT architecture to secure healthcare system using identity-based encryption,” Expert Systems, vol. 39, no. 10, 2022, doi: 10.1111/exsy.12915.
[24] M. K. Hasan et al., “Lightweight Encryption Technique to Enhance Medical Image Security on Internet of Medical Things Applications,” IEEE Access, vol. 9, 2021, doi: 10.1109/ACCESS.2021.3061710.
[25] S. Das and S. Namasudra, “A Novel Hybrid Encryption Method to Secure Healthcare Data in IoT-enabled Healthcare Infrastructure,” Computers and Electrical Engineering, vol. 101, 2022, doi: 10.1016/j.compeleceng.2022.107991.
[26] A. Ali et al., “An Industrial IoT-Based Blockchain-Enabled Secure Searchable Encryption Approach for Healthcare Systems Using Neural Network,” Sensors, vol. 22, no. 2, 2022, doi: 10.3390/s22020572.
[27] M. Singh and A. K. Singh, “Security of Medical Images Using a Key-Based Encryption Algorithm in the RDWT-RSVD Domain: SeMIE,” Journal of Database Management, vol. 34, no. 2, 2023, doi: 10.4018/JDM.318413.
[28] S. Schmeelk and L. Tao, “A Case Study of Mobile Health Applications: The OWASP Risk of Insufficient Cryptography,” Journal of Computer Science Research, vol. 4, no. 1, 2022, doi: 10.30564/jcsr.v4i1.4271.
[29] I. G. Anugrah and M. A. R. I. Fakhruddin, “Development Authentication and Authorization Systems of Multi Information Systems Based REst API and Auth Token,” INNOVATION RESEARCH JOURNAL, vol. 1, no. 2, 2020, doi: 10.30587/innovation.v1i2.1927.
[30] A. Elanda and R. L. Buana, “Analisis Keamanan Sistem Informasi Berbasis Website Dengan Metode Open Web Application Security Project (OWASP) Versi 4: Systematic Review,” CESS (Journal of Computer Engineering, System and Science), vol. 5, no. 2, 2020, doi: 10.24114/cess.v5i2.17149.
[31] M. Mehrtak et al., “Security challenges and solutions using healthcare cloud computing,” Journal of medicine and life, vol. 14, no. 4. 2021. doi: 10.25122/jml-2021-0100.
[32] B. Gao, F. Liu, S. Du, and F. Meng, “An OAuth2.0-Based Unified Authentication System for Secure Services in the Smart Campus Environment,” in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 2018. doi: 10.1007/978-3-319-93713-7_73.
[33] A. Chatterjee, M. W. Gerdes, P. Khatiwada, and A. Prinz, “SFTSDH: Applying Spring Security Framework with TSD-Based OAuth2 to Protect Microservice Architecture APIs,” IEEE Access, vol. 10, 2022, doi: 10.1109/ACCESS.2022.3165548.
[34] N. A. J. De Witte et al., “Online consultations in mental healthcare during the COVID-19 outbreak: An international survey study on professionals’ motivations and perceived barriers,” Internet Interventions, vol. 25, 2021, doi: 10.1016/j.invent.2021.100405.
[35] K. Bennett, A. J. Bennett, and K. M. Griffiths, “Security considerations for e-mental health interventions,” Journal of Medical Internet Research, vol. 12, no. 5, 2010, doi: 10.2196/jmir.1468.
[36] L. Yin, A. Zhang, X. Ye, and X. Xie, “Security-aware department matching and doctor searching for online appointment registration system,” IEEE Access, vol. 7, 2019, doi: 10.1109/ACCESS.2019.2904724.
[37] W. Sun, Z. Cai, Y. Li, F. Liu, S. Fang, and G. Wang, “Security and Privacy in the Medical Internet of Things: A Review,” Security and Communication Networks, vol. 2018. 2018. doi: 10.1155/2018/5978636.
[38] S. K. Woody, D. Burdick, H. Lapp, and E. S. Huang, “Application programming interfaces for knowledge transfer and generation in the life sciences and healthcare,” npj Digital Medicine, vol. 3, no. 1. 2020. doi: 10.1038/s41746-020-0235-5.
[39] M. Y. P. Mahendra, I. N. Piarsa, and D. Putra Githa, “Geographic Information System of Public Complaint Testing Based On Mobile Web (Public Complaint),” Lontar Komputer : Jurnal Ilmiah Teknologi Informasi, 2018, doi: 10.24843/lkjiti.2018.v09.i02.p04.
[40] N. M. D. Febriyanti, A. A. K. O. Sudana, and I. N. Piarsa, “Implementasi Black Box Testing pada Sistem Informasi Manajemen Dosen,” Jurnal Ilmiah Teknologi dan Komputer, vol. 2, no. 3, 2021.
[41] C. S. Kruse, B. Smith, H. Vanderlinden, and A. Nealand, “Security Techniques for the Electronic Health Records,” Journal of Medical Systems, vol. 41, no. 8, 2017, doi: 10.1007/s10916-017-0778-4.
Published
2025-06-05
How to Cite
WIJAYAKUSUMA, I Gusti Ngurah Lanang et al.
Development of Secure API to Support ICD-10 Based Electronic Medical Records Interoperability.
Lontar Komputer : Jurnal Ilmiah Teknologi Informasi, [S.l.], v. 16, n. 1, p. 65-76, june 2025.
ISSN 2541-5832.
Available at: <https://ojs.unud.ac.id/index.php/lontar/article/view/124102>. Date accessed: 12 aug. 2025.
doi: https://doi.org/10.24843/LKJITI.2025.v16.i01.p06.
Section
Articles
This work is licensed under a Creative Commons Attribution 4.0 International License.
The Authors submitting a manuscript do so on the understanding that if accepted for publication, the copyright of the article shall be assigned to Jurnal Lontar Komputer as the publisher of the journal. Copyright encompasses exclusive rights to reproduce and deliver the article in all forms and media, as well as translations. The reproduction of any part of this journal (printed or online) will be allowed only with written permission from Jurnal Lontar Komputer. The Editorial Board of Jurnal Lontar Komputer makes every effort to ensure that no wrong or misleading data, opinions, or statements be published in the journal.
This work is licensed under a Creative Commons Attribution 4.0 International License.
