Implementation Guide for the Egde Health Gateway including platform and service implementations

This project is maintained by EgdeConsulting

Egde Health Platform - Gateway Implementation Guide

1 About the IG

Individual FHIR service IGs under this IG

  1. Egde Health Gateway (EHG) FHIR Facade Egde Health Gateway IG and profiles also in Simplifier.
  2. Tigeni FHIR Facade Tigeni FHIR facade IG
  3. Lifeness FHIR Facade Lifeness FHIR facade IG
  4. Godt Begynt (GB service) Godt begynt IG
  5. StaySafe (STS service) Staysafe IG
  6. Flåttsjekk-app (EM service) Flåttsjekk IG
  7. Evjeklinikken (VJ service) Evjeklinikken IG

:hatching_chick: 1.1 Overview - Egde Health Gateway/Egde Health Platform

The Egde Health Gateway is a key component in Egde’s Health Platform architecture. It provides the following functionality:

  1. Connectors for
    • FHIR REST;
    • EDI messaging;
    • other endpoints.
  2. A FHIR converter with the following functions:
    • Convert;
    • Map;
    • Validate;
    • Terminology referencing.
  3. Authentication

Egde Health Gateway - diagram June 2021

1.2 Scope

This IG covers the overall guide for the Egde Health Gateway.

We plan to develop IGs in English but they may contain references in Norwegian where we feel this is more appropriate to the use case.

The Egde Health Gateway is developed in compliance with the recommendations from “Målarkitektur for datadeling i helse- og omsorgssektoren fra Direktoratet for e-helse.”​ :link:

1.3 Purpose

Egde Health Gateway is a hybrid cloud based Software as a Service (SaaS) offering that includes a data converter to and from FHIR to other specified formats as well as a FHIR Server. The goal of the Egde Health Platform is to be a standards-based, cost effective and patient-centric platform for health services.

The Egde Health Gateway realises the following:

The gateway is designed by the following principles:

For further details on security see section 8 Security

1.4 Intended audience

Example 1: Godt Begynt

The Egde Health Platform provides the backend for a control app and data integration between Checkware and the Municipality’s EPJ systems.

Godt Begynt (GB service) Godt begynt IG

Example 2: Zyberia

The Egde Health Platform provides the patient data backend, secure and compliant data storage and authentication for the service.

Example 3: StaySafe

The Egde Health Platform provides the backend for data integration between senors and EDI messages.

StaySafe (STS service) Staysafe IG

Example 4: Evjeklinikken

The Egde Health Platform provides the patient data backend, clinic admininstration, secure and compliant data storage and authentication for the service. Thjis project used Smile CDR, the commercial implementation of HAPI FHIR.

Evjeklinikken (VJ service) Evjeklinikken IG

Example 5: EM-app

The Egde Health Platform provides the backend for a service to citizens in Norway to submit a photo of a potential tick bite skin rash (Erythemia Migrans) for evaluation and response from a qualified doctor to help prevent lyme disease.

EM-app (EM service) EM IG

Use Case 2: Integration platform with national and private digital infrastructure

This use case is for customers requiring data integration with external data sources and sinks. This can be for legacy connection and conversion of EDI/XML interfaces, priorietary RESTful APIs or existing FHIR APIs.

Example 1: Zyberia

Example 2: Godt Begynt

Use Case 3: Authentication of patients, users, health personell in the public and private sectors

This use case covers the authentication of system users via required mechanisms, usually OIDC (OpenID Connect).

In the public sector for Norway this is usually via IDPorten :link:.

In the provate sector for Norway this is usually BankID or VippsID and can be via the third-party service from Signicat AS.

Example: all customers

:hatching_chick: 3 Module overview and roadmap

3.1 Modules

Module System Status Roadmap
FHIR Server HAPI FHIR Available -
Private Cloud NO & DE Kubernetes Available Continuous improvement
Monitoring Azure devops & security Available Continuous improvement
Identity Provider IAM Azure AD, Identity Server Available -
Admin portal Azure deployments Available Q1 2021
OIDC/OAuth2 - Available + solution customisation Continuous improvement
SMART App Launch - Available Continuous improvement
NoFHIR to FHIR Converter FHIR Facade Avaiable Continuous improvement
FHIR to NoFHIR Converter Egde Available Continuous improvement

3.2 Public health components & services

Connector Format Status Roadmap
VKP FHIR Available Operational
NHN Persontjenesten EHG integration Available Operational
NHN Adresseregisteret EHG integration Available Operational
NHN Adresseregisteret service via proxy In test Operational
NHN ASP service EHG qualified Available Operational
NHN Samsvartest EHG integration In development 2023
Pasientens prøvesvar (NILAR) FHIR Candidate  
Norsk helsenett - Journal EDI XML In development Q3 2021
Norsk helsenett - Sysvak EDI XML In development Q3 2021
Helsenorge FHIR Under consideration Q4 2021
Helseregistre ? Under consideration ?
UiO TSD CSV In development Q2 2021
NAV Hjelpemidler ? Under consideration 2022

3.3 Public & Private health systems

Connector Format Status Roadmap
Visma HsPro EDI Ready for test Q4 2023
Infodoc Helsestasjon EDI Planned ?
Infodoc Fastlege EDI Ready for service 2023
CGM EDI Planned 2023/2024
Checkware SOAP XML In sevice Operational
DIPS Arena FHIR In development 2023/2024
SSHF StaySafe ? In development ?
Extensor integration EDI Ready for service 2023

3.4 Authentication Systems

|Connector |System/Format |Status |Roadmap| |————|———–|———–|-| |Signicat |OIDC |Complete |Operational| |ID-Porten |OIDC |Complete |Operational| |NHN HelseID|EHG service & integration|Available|Continuous improvement| |BankID |OIDC |via Signicat |?| |Sykehuspartner federingstjeneste (IAM)| |In service |Operational| | | | | | n Guides (IG’s) <!– Examples - “There has to be a diabetes control document once every three months”.

Each technical implementation guide will be published as a specifc set of artifacts.

:chicken: 5 Profiles / Extensions

Egde aims to use International standards whereever possible. For National use Egde uses or bases all profiles on existing national profiles and is committed to working with the community to develop and qualify new profiles.

Refer to the overall Egde Health Gateway IG: Egde Health Gateway IG and profiles. <!– ### Usage

Official URL

Must support

Rendered data structure (diff/snapshot)



:chicken: 6 Terminology

Terminology references can be found in individual IG’s.


ValueSets are provided in individual IG’s.

:chicken: CodeSystems

The following code systems are currently in use:

:chicken: 7 Capability Statement

Please see indivdual IG’s.

:chicken: 8 Security

The Egde Health Gateway is designed to support the hightest levels of Norwegian, European and US security best practices as applied to patient and other health data.​

This includes the following:


Compliance with the “Norm for informasjonssikkerhet og personvern I helse og omsorgssektoren (Normen)”​.

For further details refer to: :link:

For an English version refer to: :link:


Compliance with HIPAA (Goal: 2023)​

Schrems II

The Schrems II Decision is a key ruling by the Court of Justice of the European Union (CJEU), in July 2020 they declared that Privacy Shield, the EU-US personal data transfer mechanism, was no longer lawful. This decision will have significant impacts on EU-US data transfers, and many organizations will need to update their programs to rely on alternative transfer mechanisms.

The following challenges arise that may impact Egde Health Platform customers:

The Egde Health Platform & Gateway are built on the Microsoft Azure Stack technology. Development and test systems where there is no personal or health data used can be deployed to public Azure instances. Production systems for Norwegian customers are deployed to a private data centres in Norway and are therefore compliant with the Schrems II ruling.

(TODO: 2023 update needed here)

Norwegian Patient Journal law

The Egde Health Platform helps customer solutions to comply with the Norwegian Patient Journal law :link: covering issues such as duty of confidentiality and security including logging and auditing requirements. Egde can provide technical advisory services and technical components to allow customers to comply with this law. Egde does provide legal advice. The full customer solution or service must be designed for compliance including those parts of the solution that lie outside of the remit of the Egde Health Platform and/or Gateway.


GDPR covers privacy requirements for individuals including:

The full customer solution or service must be designed for GDPR but the Egde Health Platform & Gateway is designed to help customers confiorm to this requirement.

Egde Lupe - DevSecOps environment

:egg: Available - description to follow

:hatching_chick: 9 General Help and Support

Communication - Contact

General help on this document: Andy Harrison Technical help: Jan Ivar Øyulvstad

:egg: FAQ

:egg: Tools

:egg: Downloads

Versioning info

Key to published status of each section: