Introduction
RED medical provides third-party systems with an interface to Telematik-Infrastruktur. This interface allows third-party systems to interact with TI components and to send and receive data to/from the central TI servers.
RED telematik API provides a third-party system with functions
- to execute transactions with the Telematik-Infrastruktur such as basic Konnektor operations (e.g. PIN verification)
- to execute all functions for electronic prescriptions such as fetching, accepting and rejecting tasks
- to create and verify electronic signatures
The RED Interchange API uses the XML-based FHIR format for data exchange. Data to be sent to RED must be separated and packaged into FHIR bundles, and data queried from RED will be returned in FHIR bundles.
In order to ensure the secrecy of person-related data (as required by German criminal law) RED uses end-to-end encryption of all person-related data stored in its data-centers. In order to access data in RED Users must authenticate during login and obtain the cryptographic keys necessary to decrypt and encrypt data. Therefore the RED Interchange API cannot be a server interface, as encryption keys are in the possession of the users only, and data cannot be encrypted or decrypted server-side. By requirement the RED Interchange API expects to communicate with an application installed on the local machine or a locally installed server reachable via localhost.
After a user has logged in successfully and obtained his cryptographic keys a local FHIR server is started by RED on the users machine. If the FHIR server is running RED will act as recipient and listen to POST and GET requests from the sending third-party application.
