EMIS and SystmOne Integration

When we set out to build Medelic, we knew that seamless EHR integration would be essential. A triage system that requires manual data entry is a triage system that won't get used. Here's how we built bi-directional integration with the two dominant GP clinical systems in England.

The Integration Landscape

EMIS Web and SystmOne between them serve over 95% of GP practices in England. They're mature, complex systems with decades of development history - and correspondingly complex integration surfaces. Neither was designed with modern API-first principles in mind, which creates interesting challenges for third-party developers.

The good news is that both suppliers now offer Partner APIs that enable meaningful integration. The less good news is that the APIs differ significantly in their capabilities, authentication mechanisms, and data models.

What We Needed to Build

For Medelic to work effectively, we needed to:

• Read patient demographics - verify the caller's identity and retrieve relevant details
• Read medical history - understand relevant past conditions, medications, and allergies
• Write consultation notes - document the triage interaction in the patient record
• Create tasks - add items to clinician workflows for follow-up
• Book appointments - where appropriate, schedule follow-up directly

The SNOMED-CT Challenge

Both systems use SNOMED-CT for clinical coding, which is great for interoperability but requires careful handling. When a patient says "I've got a bad headache and feel sick," we need to map that to appropriate SNOMED concepts while capturing the nuance of their description.

Our approach uses a two-layer model. First, we capture the patient's free-text description exactly as they gave it. Then, we apply clinical NLP to suggest appropriate SNOMED codes, which are reviewed by the clinician before being committed to the record. This preserves clinical accuracy while ensuring the structured data is correct.

"The biggest learning was that integration isn't just a technical problem - it's a workflow problem. You can have perfect API integration and still fail if you don't fit into how clinicians actually work."

Authentication and Security

NHS clinical systems, understandably, have stringent security requirements. Both EMIS and SystmOne require IM1 accreditation for suppliers, which involves rigorous security assessments and compliance checks. We went through a 6-month accreditation process for each platform.

The authentication models differ: EMIS uses OAuth 2.0 with smartcard-based clinician authentication, while SystmOne uses a proprietary token system. We built an abstraction layer that handles both, so our application code doesn't need to know which EHR it's talking to.

Lessons Learned

After 18 months of integration work, here are our key takeaways:

• Start the accreditation process early - it takes longer than you think
• Build abstraction layers from day one - you'll thank yourself later
• Test with real practices as early as possible - sandbox environments don't capture real-world complexity
• Invest in monitoring and logging - integration failures need to be caught and fixed quickly

EHR integration is hard, but it's also essential. The practices that get the most value from Medelic are those where the integration is invisible - where patient data flows seamlessly, and clinicians can focus on care rather than data entry.