Skip to main content
Legitimate Relationship Service - HL7 V3 API

Access patients' Legitimate Relationships using our HL7 V3 API.

Overview

Use this API to access a patient's legitimate relationships. You might want to do this as part of your information governance approach when accessing the Summary Care Record.

You can:

  • create legitimate relationships
  • change the status of a legitimate relationship
  • query legitimate relationships
  • batch query legitimate relationships
  • identify user role profiles
  • manage user workgroup membership

Who can use this API

This API can only be used where there is a legal basis to do so. Make sure you have a valid use case before you go too far with your development.

You must do this before you can go live (see ‘Onboarding’ below). 


API status

This API is stable.


Technology

This API is an HL7 V3 API. It is a mixture of:

  • synchronous interactions, using HL7 V3 SOAP web services
  • asynchronous interactions, using HL7 V3 ebXML messaging

For more details, see HL7 V3.

Message Handling System (MHS) adaptor

To remove the complexity of building your own Message Handling System, we offer a pre-assured, client side MHS adaptor that you can integrate into your own infrastructure.

It makes it easier to connect to the NHS Spine and perform business operations by exposing a RESTful API that confirms to the HL7 V3 standard


Network access

You need a Health and Social Care Network (HSCN) connection to use this API.

For more details, see Network access for APIs.


Security and authorisation

Authentication

This API is user-restricted, meaning an end user must be present and authenticated to use it.

The end user must be:

We support the following security patterns:

  • user-restricted HL7 V3 API, using NHS Care Identity Service 2 (NHS CIS2)
  • user-restricted HL7 V3 API, using CIS

For more details see user-restricted APIs.

Authorisation

For some activities, the end user must be authorised to perform that activity.

The API itself does not perform any authorisation checks. Rather, the calling system is expected to perform them. The authorisation rules are specified in our national Role Based Access Control (RBAC) database.

For more details see our national Role Based Access Control (RBAC) database on the registration authorities and smartcards page.


Testing

You can test this API using our Path to Live environments.


Onboarding

You must get your software onboarded before it can go live.

As part of onboarding, this API uses the Common Assurance Process (CAP), which is tailored for each NHS service. For more details, contact us.


Interactions

For a full list of interactions for this API, see the 'Legitimate Relationships (LRs)' domain in the Spine Message Implementation Manual (MIM).

For details on the general structure of the interactions, see HL7 V3.

Last edited: 16 September 2021 1:19 pm