FHIR Gateway (Mobile)



The Australian Digital Health Agency aims to increase adoption of the My Health Record by individuals as well as healthcare professionals by connecting the My Health Record platform to mobile healthcare applications (apps) via industry standard Application Programming Interfaces (APIs). To support that, the Agency is providing relevant technical information and resources for developers who might be new or established in the mobile healthcare application space.

The Agency mobile enablement program is using the Fast Healthcare Interoperability Resources (FHIR®) Draft Standards in creating the mobile APIs. Mobile application developers can use various high level architecture approaches to integrate with the FHIR® Gateway of the My Health Record system.

What's the difference between the B2B and Mobile approaches?

The mobile enablement program has made use of the FHIR® Draft Standards in creating the mobile APIs. There is also a higher amount of granularity in the mobile solution in terms of the scope of the APIs – the APIs that have been developed for the mobile program are more detailed than the CDA which is extracted for B2B.

Access and Integration

The integration approach currently supported by the My Health Record System Operator is shown below.

For consumer access a consumer, must first log into my.gov.au and grant access to the application. This is done by redirecting to the my.gov.au login. Once the consumer has logged and granted access the token can be retrieved. 

Secure Messaging Diagram

Consumer accesses their own data without intermediate infrastructure handling the data.


Getting Started:

For developers, getting started is easy. The Australian Digital Health Agency can assist developers to connect with My Health Record by providing information about registering your organisation and access to specifications. The Agency can also provide support with development and testing including declaring your app’s conformance to mandatory requirements. 

For any questions about the process, please do not hesitate to reach out to our team at [email protected]

The following specifications enable developers to connect applications to the My Health Record system via the FHIR® Gateway.

Current Specifications: 

Technical specifications to enable developers to connect applications to the My Health Record system via the FHIR® Gateway.

External Specifications: 
FHIR Overview

This page provides an overview of the standard, and serves as a road map for first-time readers of the specification to help find your way around FHIR quickly.

FHIR Resources

This page is provided to help find resources quickly.

OWASP Application Security Verification Standard v3.0

The Application Security Verification Standard is a list of application security requirements or tests that can be used by architects, developers, testers, security professionals, and even consumers to define what a secure application is.

Introduction to HL7 FHIR

By operation of the Public Governance, Performance and Accountability (Establishing the Australian Digital Health Agency) Rule 2016, on 1 July 2016, all the assets and liabilities of NEHTA will vest in the Australian Digital Health Agency. In this website, on and from 1 July 2016, all references to "National E-Health Transition Authority" or "NEHTA" will be deemed to be references to the Australian Digital Health Agency. PCEHR means the My Health Record, formerly the "Personally Controlled Electronic Health Record", within the meaning of the My Health Records Act 2012 (Cth), formerly called the Personally Controlled Electronic Health Records Act 2012 (Cth).

Back to Top