Connect

hello@6bdigital.com
0113 350 1290
Contact us

 

Integrating with: The EMIS Transaction Interface API

For digital health innovators in the UK, integrating effectively with EMIS Web is often a key step towards delivering enhanced clinical solutions that work seamlessly within the primary care workflow. The EMIS Transaction Interface API offers precisely this capability. Understanding its structure, requirements and technical considerations is vital for any technical leader – whether you are a CTO, technical director or lead engineer – looking to build an EMIS integration that supports clinicians and improves patient care.

Overview of the EMIS Transaction Interface API

The EMIS Transaction Interface API, often referred to as Transaction IM, is a well-defined mechanism designed to allow accredited third-party systems to interact with the EMIS Web client and back-end databases. Its primary purpose is to support transactional data exchanges between external systems and the EMIS Web platform. These interactions are either server-side – enabling the retrieval and filing of patient data – or client-side – enabling dynamic interactions with the EMIS Web client itself.

There are two levels of integration supported by the API:

  • Entry Level
  • Standard Level.

Each has distinct capabilities and requirements and they often complement one another in a complete integration solution.

Entry Level Requirements: Server-Side Data Transactions

The Entry Level specification focuses on server-side calls, which are SOAP-based web service requests wrapped in an ITK Distribution Envelope. Through these calls, accredited systems can retrieve patient demographics, medical records and attachments, search for patients, file clinical data into the patient record and track registration changes. Security is enforced through the use of X509 certificates and digital signatures, ensuring message integrity and trust between parties.

A typical request involves crafting a SOAP message with a correctly formatted ITK envelope, addressing and audit identity elements aligned with EMIS configuration. The payload includes service calls such as Trace, Search or FileRecord, among others. Each message must be signed and must pass validation checks that include signature integrity, digest matching and correct addressing. For developers, there is a learning curve around constructing compliant XML payloads and managing certificate installation, but these are well documented within EMIS’s supporting materials.

Integrations using this level are generally designed to support background operations, such as synchronising patient data, filing new clinical content or retrieving attachments for display in an external system.

Standard Level Requirements: Real-Time Client Interactions

The Standard Level requirements expand the integration to include client-side interactions through a Windows named pipe mechanism. This level enables real-time interactions with the running EMIS Web client and is especially powerful for applications that need to augment the clinician’s live workflow.

Through this interface, an accredited application can programmatically swap the active patient, change the selected EMIS module, delete attachments from a patient record and receive live notifications about patient selection changes, module changes or session status changes. This enables scenarios where an external system responds in real time to events in EMIS Web, improving usability and clinical safety.

Security at this level is also carefully considered. The integration requires an accredited application identifier and uses an asymmetric key exchange mechanism: the external application requests a public key from the EMIS Web client, uses it to encrypt its own symmetric key and provides this in its subscription request. Once subscribed, the application receives a Subscriber Identifier which must be provided with each subsequent request, allowing EMIS Web to validate the requestor and decrypt the encrypted payload.

The named pipe interface is restricted to local communications only – requests must originate from the same machine running EMIS Web. This enforces a secure deployment model and eliminates risk from remote attacks.

Typical Workflow for Integration

For technical leads planning an integration, the typical workflow starts with gaining accreditation from EMIS, which involves proving that your application handles security and patient data correctly. You will need to obtain an X509 certificate and configure your product identity in EMIS Web via the EMAS manager module.

For server-side calls, you will develop a SOAP client capable of generating compliant requests, handling responses and gracefully managing error codes – of which there is a detailed taxonomy covering success states, known errors and edge cases. EMIS provides a test harness to support this phase.

For client-side interaction, you will build a named pipe client, handle symmetric key encryption and manage subscription lifecycle events. A .NET-based test harness is available to accelerate this process, and there is even a Java version for teams using cross-platform stacks.

Once the integration is live, your system will need to manage subscription state carefully – for example, re-subscribing when an EMIS Web session ends – and implement robust error handling for situations such as multiple EMIS Web clients being detected or user privileges changing.

Security, Configuration and Audit Considerations

Security is a core principle of the Transaction IM API. Digital signatures and key exchange protect all communications, and access control is tightly managed by configuration settings within EMIS Web. Only accredited applications are permitted to connect, and user-level permissions and RBAC (Role Based Access Control) codes further constrain access to sensitive data.

From a configuration perspective, system administrators can control availability of Transaction IM at an organisation level, set limits on concurrent connections and specify which applications are accredited. This ensures scalability and performance are protected in busy practices.

Audit logging is comprehensive. Every subscribe, unsubscribe, swap patient, swap module, delete action and notification is recorded in EMIS Web’s audit trail, providing transparency and accountability – essential for compliance with clinical safety and data governance standards.

Common Challenges and Integration Tips

For technical teams approaching this integration, several common challenges are worth preparing for. Constructing fully compliant ITK envelopes requires careful attention to detail, especially in canonicalising XML before hashing. Managing X509 certificates securely and correctly matching them to product identity can also trip up first-time integrators.

On the client side, managing named pipe interactions and cryptographic operations may require lower-level coding than typical REST API integrations. Real-time responsiveness is essential – missing a notification due to incorrect callback handling can lead to workflow issues.

Finally, remember that the API requires the EMIS Web client to be running and logged in for client-side interactions to succeed. Automated testing and robust retry logic are important for ensuring a smooth clinician experience.

Why Integrate with Transaction IM?

For innovators building digital health products, the ability to interact with EMIS Web in a transactional way unlocks enormous value. Whether synchronising structured data, surfacing key attachments, presenting contextual insights during a consultation, or reacting to clinician actions in real time, Transaction IM makes it possible to embed your solution deeply into EMIS Web.

Done well, this leads to improved clinical workflow, better patient safety, reduced double entry of data and enhanced interoperability. It also positions your product as a first-class citizen within the GP IT estate – something that is increasingly expected in a modern integrated NHS.

Conclusion

Integrating with the EMIS Transaction Interface API is a strategic opportunity for digital health innovators. It requires a solid understanding of its architecture, security model and operational constraints – but for technical leads prepared to make the investment, the rewards are significant. By enabling seamless, secure and real-time interactions with EMIS Web, Transaction IM helps innovators deliver more effective and clinician-friendly solutions in the heart of primary care.

FAQs

What is the difference between the EMIS Partner API and Transaction IM?

The EMIS Partner API is a cloud-based REST API designed primarily for population-level data access, analytics and integration with cloud-first applications. The Transaction IM API, in contrast, operates locally and supports transactional, patient-level interactions in real time, often during an active clinical session. Both have their place – choosing between them depends on your use case.

Does the EMIS Transaction Interface API support HL7 FHIR?

No. Transaction IM is based on SOAP and ITK messaging standards, not FHIR. If your architecture relies on FHIR resources, you may need to implement a mapping layer within your application to translate between FHIR and the Transaction IM data structures.

Can we host our integration in the cloud?

The Standard Level interface (client-side named pipe communication) requires a local process running on the same machine as the EMIS Web client. While server-side calls (Entry Level) use web services, they still rely on certificates and local configuration. Hybrid models (local agent plus cloud service) are often the most effective architecture.

How are errors reported and what’s the best way to debug them?

Transaction IM has a rich set of event codes for both success and error scenarios. For client-side issues, the EMIS monitoring database and the Transaction IM audit trail in System Audit will show detailed logs. For server-side calls, SOAP responses will contain error codes and descriptive messages. EMIS also provides test harnesses that allow controlled reproduction of edge cases.

Can we develop a cross-platform (non-Windows) client?

For the Standard Level API (client-side), this is tricky because communication relies on Windows Named Pipes, a native Win32 feature. While it is possible with advanced cross-platform libraries, in practice this interface is best approached with a Windows process. For server-side calls, any platform that can generate compliant SOAP and ITK messages can participate.

Is there a sandbox environment for Transaction IM?

Yes, EMIS provides a test environment for both Entry and Standard Level integrations, including test certificates and test harnesses. Access to this requires agreement with EMIS, typically via an accreditation process.

How long does an integration project typically take?

Depending on the complexity of your product, familiarity with EMIS APIs, and regulatory requirements, a typical Transaction IM integration project might range from 2-3 months for a well-resourced team. Adding features like dynamic patient swapping or attachment management often increases this timeline.

What happens if EMIS Web is upgraded? Will our integration break?

Transaction IM is versioned and EMIS is committed to backward compatibility. However, you should test your integration against major EMIS Web releases and monitor notifications from EMIS for deprecations or changes to supported modules.

Are there any licensing costs associated with Transaction IM?

The Transaction IM1 can be accessed for free via NHS England IM1 (https://digital.nhs.uk/services/gp-it-futures-systems/im1-pairing-integration), or via the EMIS Partner Programme (https://www.emishealth.com/our-assured-partners).

Is there a certification or approval process for Transaction IM integrations?

Yes. For both IM1 and EMIS Partner Programme integrations before going live in production, all integrations must be accredited by EMIS. This involves demonstrating compliance with security, privacy and clinical safety standards, as well as functional testing against a provided test harness.

Ready to accelerate your technology project?

Chat to our team of experts and let's see how we can help you.