Health Gorilla provides secure APIs that enable clinical data exchange, event-driven notifications, diagnostic ordering, and patient record retrieval across national interoperability networks.

The platform follows a FHIR-first architecture, using HL7 FHIR R4 as the primary standard for clinical data access and representation. In addition to standard FHIR REST APIs, Health Gorilla provides specialized operations and services that support common healthcare interoperability workflows such as document retrieval, event notifications, and diagnostic ordering.

These APIs support organizations building healthcare applications, integrating with interoperability networks, or implementing care coordination, population health, and compliance workflows aligned with standards such as USCDI and TEFCA.

How the APIs Are Organized

Health Gorilla APIs are organized by interoperability workflow.

Platform and authentication APIs: Provide secure access to the platform using OAuth 2.0. Client credentials issued during onboarding are used to obtain access tokens required for all API requests.
Record retrieval APIs: Support longitudinal patient record access across participating data sources. Services such as Patient360 and the Individual Access Service (IAS) retrieve clinical documents and return FHIR representations of the retrieved data.
FHIR R4 APIs: Provide direct access to clinical data such as patients, encounters, observations, medications, immunizations, and documents. These APIs follow the FHIR R4 standard for resource structure and search behavior.
Subscription services APIs: Deliver event-driven notifications when qualifying patient activity is detected through document exchange. Notifications may be delivered using FHIR subscriptions, HL7 v2 ADT messages, or SFTP depending on configuration.
Orders and results APIs: Support diagnostic ordering and results delivery. The Requisition API enables submission of laboratory orders and retrieval of results from participating laboratory partners.

Common Use Cases

Health Gorilla APIs support scenarios such as:

Retrieve longitudinal patient records using $p360-retrieve or $everything
Generate clinical document exports in C-CDA or PDF format using $export-ccda
Access clinical data such as lab results, medications, immunizations, and vital signs
Subscribe to event-driven notifications using FHIR subscriptions
Receive admission, discharge, and transfer notifications using HL7 v2 ADT messages when configured
Submit and manage diagnostic orders through the Requisition API
Build interoperable applications or private health information exchanges using FHIR R4 standards
Support care coordination, population health, and compliance workflows aligned with USCDI and TEFCA

Getting Started

Using the Health Gorilla APIs involves a small set of standard steps.

Request sandbox credentials for your organization
Review authentication and authorization requirements
Explore supported FHIR R4 resources and operations
Reference example requests and responses using samples or Postman collections

All requests require OAuth 2.0 authentication using the client ID and secret issued during onboarding.