Skip to main content

Healthcare Data Solutions

A modular, API-first "headless EHR" platform built on FHIR standards. Eliminate months of backend development with our open source infrastructure that scales from prototype to production.

MedBackend Fast Track Implementation

Healthcare Data Infrastructure

FHIR Data Store

Built on FHIR R4 standards, our platform connects to Azure FHIR Service to store clinical data with versioning, audit trails, compartments, and other FHIR-native functionalities.

Documentation ->

GraphQL API Layer

Django + GraphQL via Graphene generates a complete schema for all CRUD operations, covering all FHIR R4 resources with adaptations from the official FHIR GraphQL reference.

Documentation ->

Role-Based Access Control

Flexible RBAC system with configurable rules that define user roles, compartments, and validator logic. Supports multi-organization use cases and nested org hierarchies.

Documentation ->

GraphQL Integration Example

# Create a new patient with GraphQL mutation

import httpx

import asyncio

from medbackend.client import MedBackendClient

from medbackend.resources import Patient

from medbackend.auth import get_access_token

# GraphQL mutation for creating a patient

mutation = """

mutation CreatePatient($input: PatientCreateInput!) {

createPatient(resource: $input) {

id

name {

given

family

}

meta {

lastUpdated

}

}

}'''

# Initialize the client with your API key

client = MedBackendClient(

base_url="https://api.medbackend.com/fhir/r4",

token_provider=get_access_token

)

# Create a patient record

async def create_patient():

# Create patient using our helper class

new_patient = Patient.builder()

.with_name("Smith", "John")

.with_birth_date("1970-01-01")

.with_gender("male")

.with_phone_contact("555-0123")

.with_email_contact("john.smith@example.com")

.build()

try:

result = await client.create(new_patient)

print(f"Created patient with ID: {result.id}")

return result

except Exception as error:

print(f"Error creating patient: {error}")

# Run the async function

if __name__ == "__main__":

asyncio.run(create_patient())

High-Level Architecture

MedBackend acts as a middleware between your front-end applications (or microservices) and a fully compliant FHIR server, with these key components:

Django + GraphQL

Graphene generates a GraphQL schema for all CRUD operations, covering all FHIR R4 resources. Python was chosen for its large community and maintainability.

FHIR Server (Azure)

Stores clinical data, handles versioning, audit trails, compartments, and other FHIR-native functionalities while enabling direct access if needed.

Authentication & Authorization

Azure AD B2C manages identities and issues OAuth 2.0 tokens. SMART on FHIR flow for secure authorization and RBAC for access control.

File Storage (Azure Blob)

Allows uploading of binaries and storing them as references in FHIR resources such as Media or DocumentReference resources.

Security & Authorization

MedBackend enforces SMART on FHIR security principles, including:

1

OAuth 2.0

Delegated authorization flow using Azure AD B2C for secure identity management.

2

Compartment Validation

Patient, Practitioner, Organization compartments ensure users only access resources in their domain.

3

RBAC

A flexible engine that checks roles against allowed resource types and operations.

4

Validators

Predefined checks such as patient_compartment, allowed, forbidden, and more for precise access control.

# Example RBAC rules configuration in Python

rbac_rules = [

{

"client_role": "Practitioner",

"entity_name": "Observation",

"operation": "create",

"validator": "practitioner_compartment"

},

{

"client_role": "Patient",

"entity_name": "DocumentReference",

"operation": "delete",

"validator": "forbidden"

}

]

# Register rules with the RBAC service

from medbackend.security import RBACService

rbac_service = RBACService()

rbac_service.register_rules(rbac_rules)

Our Healthcare Solutions

FHIR Server & Data Repository

A complete FHIR R4 server implementation with advanced search capabilities, validation engine, and versioning. Supports all resource types with custom extensions and profiles, including US Core for regulatory compliance.

Healthcare Interoperability Hub

Connect legacy healthcare systems with modern applications through our comprehensive integration platform. Supports bidirectional conversion between HL7v2, CDA, X12, DICOM and FHIR with advanced mapping tools and transaction processing.

SMART on FHIR App Framework

The fastest way to build and deploy SMART on FHIR applications with our end-to-end framework. Includes authentication flows, context handling, and pre-built UI components designed specifically for healthcare applications.

Compliance & Security Framework

Build with confidence using our HIPAA-ready security framework. Features comprehensive audit logging, encryption at rest and in transit, and fine-grained access controls to protect patient data. Compliant with GDPR and the 21st Century Cures Act.

Solutions at a Glance

FHIR-ready Backend - Complete FHIR R4 server implementation
SOC-2 & ISO Ready - Fast-track regulatory approval with pre-certified components
Plugin Marketplace - Extensible framework for custom healthcare applications

Why Choose MedBackend?

Features MedBackend Traditional EHR SaaS Solutions
Open Source
100% FHIR Compliant
Modular Architecture
Self-Hosted Option
Developer-First Approach
Initial Implementation Cost $ $$$ $$

Ready to modernize your healthcare IT infrastructure?

Join hundreds of healthcare organizations building with MedBackend's open source healthcare data platform. Get started free today and only pay when you scale to production.