Make it easy with the technologies provided by

It is hard to implement all the standards and technologies required for Healthcare IT applications

Flexible REST API

FHIR Compliant Data Model
onFHIR enables you to store FHIR compliant resources either complying to any version of the base specification or further FHIR profiles (extensions and restrictions) on base spec.
onFHIR implements the RESTfull FHIR API with all of its services; CRUD services, 'search', 'vread', 'history', 'conformance', 'batch' and 'transaction'.
Content Validation
onFHIR validates the content of the resources for conformance to FHIR base resource definitions and further FHIR resource profiles automatically for each create or update operation.
Configurable Search Mechanism
onFHIR provides a FHIR compliant search service supporting both resource or compartment based searching. Moreover, you can configure the search mechanism by FHIR conformance resources (Conformance, SearchParameter, CompartmentDefinition) and select which type of mechanism you will allow and which search parameters you will support for each resource.

Performance & Scalability

Horizontal Scalability
onFHIR uses MongoDB as persistency mechanism and use its sharding mechanism for horizontal scalability of the system. So you can support thousands of records in a single machine or millions/billions of records scattered to several machines.
Performance Tuning
onFHIR enables to tune the write and search performance for each resource type (optimum sharding and database index creation) according to your use case
Redundancy and Availability
onFHIR uses MongoDB replication capabilities to enable replications of data in multiple replica set and provides data redundancy and data availability.
System Monitoring
onFHIR provides an administrative dashboard to monitor your onFHIR deployment; shards, # of records, storage capacity, avg. search times, etc.

Privacy & Security

You can integrate with your existing Authorization servers over popular privacy and security standards and enforce your privacy and security policies accordingly.

Authorization complies with the authorization standards; User Managed Access (UMA) as 'Resource Server' and specifically OAuth 2.0 and Heart WG UMA and OAuth profiles.


Each Rest API call uses HTTPS/TLS to protect the data transfers, while the data persisted (at rest) in is encrypted by AES-256.

Audit Logging creates and stores audit records compliant with FHIR AuditEvent Resource definition for all data accesses and operations. You can configure it to store all audit events locally.

De-identification & Anonymization enables sensitive patient data to be processed in compliance with GDPR. A configuration tool is provided where data controllers can analyse the data structures to be processed, and selects de-identification method alternatives such as Substitution, Fuzzing, Redaction and Generalization. The tool also support anonymization methods such as k-anonymity.

Use + together to have a complete healthcare IT architecture; while storing and protecting health data, protect your user identity data and act as an Authorization Server.

Authentication implements OpenID Connect protocol for client and end-user authentication by complying with Heart WG profile for OpenID Connect. You can provide 2-factor or 3-factor strong authentication for your users.

User Identity Management implement OpenID Connect for identity management and provides you administrative panels to register and manage your users.

Access Control Policies enables you to define your Enterprise Access Control Policies (represented by OASIS XACML) from a GUI and make authorization decisions based on these policies.

Patient Consents

You can further enable patients to define their consents and manage their privacy. implements UMA as "Authorization Server" enables patient managed access control where is the "Resource Server"

Secure Audit Repository provides an secure audit repository server to store your audit records in compliance with FHIR AuditEvent. It also provides audit view UIs for your users.

Data Integration

CCD/CDA Integration provides integration of Consolidated CDA (C-CDA) compliant document instances to the corresponding FHIR resources, wherever possible implementing the U.S. Data Access Framework (DAF) FHIR Implementation Guide.
Push based integrations supports push based integrations with popular standart based communications like IHE Cross Enterprise Document Reliable Interchange (IHE XDR) as well as direct integration with Apache Kafka's publish/subscribe mechanism.
HealthKit Integration provides integration with HealthKit data and enable you to convert and store these data in the repository as FHIR compliant resources.
Pull based integrations allows integration with your APIs or 3rd party Cloud APIs (e.g. Fitbit API, Open mHealth API, etc) as a pull based approach where you can configure the frequency of data synchronization.
Google Fit Integration provides integration with Google Fit data and enable you to convert and store these data in the repository as FHIR compliant resources.
Extending Integrations (Custom and Cloud APIs)
We are planning to extend our integrations with a number of existing data formats and Cloud API like Fitbit, Open mHealth, iHealth, etc. We can also easily develop custom integrations for your specific needs...