Create a destination for GCP + Cloud Healthcare API or HDE

To populate your GCP Cloud Healthcare API or Healthcare Data Engine (HDE) repository with healthcare data from an EHR system via Redox, you must configure a specific Redox cloud destination. A Redox destination represents where a message is delivered (e.g., like the address in the “To” line of an email header). Learn more about connecting Redox to your cloud repository.

You’ll need to perform some steps in your cloud product(s) and some in Redox. You can perform Redox setup in our dashboard or with the Redox Platform API.

• Establish a connection with your preferred EHR system. Learn how to request a connection.
• Decide which combination of cloud products to use. Redox currently supports using either one or both of these additional cloud products with your GCP repository: Re
  • Cloud Healthcare API
  • Google Healthcare Data Engine (HDE)
• Complete your GCP (and any other cloud product) configuration before creating your Redox destination. Save any downloads with secret values, since you’ll need to enter some of these details into the Redox dashboard.
• Grant access to Redox from GCP (and any other cloud product) to authorize Redox to push data to your cloud repository.

1. Navigate to the GCP dashboard and log in.
2. Create a service account in your GCP project.
3. Create a new key for your service account.
4. Download the new key file. Save this file, since you’ll need it for Redox setup later.
5. Create a new FHIR® store in your service account, or use an existing one. Enable the Allow update create setting for the FHIR® store.
6. For your FHIR® store, add the service account as a principal with the Healthcare FHIR® Resource Editor role.

Next, create a cloud destination in your Redox organization. When the EHR system sends healthcare data to Redox, we push it on to your configured GCP cloud destination.

1. For the select destination step, follow the instructions for creating a cloud destination.
2. From the Product type drop-down field, select Cloud Healthcare API. This is the correct selection for both Cloud Healthcare API and HDE.
3. For the configure destination step, populate these fields.
   1. Project ID: Enter the GCP project ID. Locate this value in the GCP dashboard.
   2. Location: Enter the GCP location name for your FHIR® store (e.g., us-west1).
   3. Dataset ID: Enter the ID of the dataset that contains your FHIR® store.
   4. FHIR® Store ID: Enter the ID of the FHIR® store you created in GCP. Locate this value in the GCP dashboard.
4. Click the Next button.
5. For the auth credential step, either a drop-down list of existing auth credentials displays or a new auth credential form opens. Learn how to create an auth credential for JWT Bearer.

   Existing or new auth credential

   Your existing auth credentials will only display if they're supported for the cloud product type you selected. If you don't have any supported auth credentials for the cloud type in the current Redox environment, you'll have to create a new auth credential.

   Different Client ID

   Keep in mind that the client ID value is a little different for GCP destinations. Make sure to set the client ID value to the client email (e.g., "clientId": "<client_email>").

6. For the verify step, follow the instructions for verifying a destination.

1. Review the Create auth credential endpoint.
2. In your terminal, prepare the /v1/authcredentials request.
3. Specify these values in the request.
   • Locate the private_key_id, private_key_id, client_email values in the downloaded key file from GCP.

     Example: Create auth credential for GCP

     json

     Copy

     1
     curl 'https://api.redoxengine.com/platform/v1/authcredentials' \
     2
     --request POST \
     3
     --header 'Authorization: Bearer $API_TOKEN' \
     4
     --header 'accept: application/json' \
     5
     --header 'content-type: application/json' \
     6
     --data '{
     7
         "organization": "<Redox_organization_name>"
     8
         "name": "<human_readable_name_for_auth_credential>"
     9
         "environmentId": "<Redox_environment_ID>"
     10
         "authStrategy": "JWT_Bearer"
     11
         "url": "https://healthcare.googleapis.com/"
     12
         "algorithm": "RS256"
     13
         "clientId": "<client_email_from_GCP>"
     14
         "keyId": "<private_key_id_from_GCP>"
     15
         "privateKey": "<private_key_from_GCP>"
     16
       }
4. You should get a successful 200 response and a payload populated with the details of the new auth credential.
5. Review the Create destination endpoint.
6. In your terminal, prepare the /v1/environments/{environmentId}/destinations request.
7. Specify these values in the request.
   • Set authCredential to the auth credential ID from the response you received in step #4.
   • Populate cloudProviderSettings with the settings below (adjust values based on the FHIR® store setup in the GCP configuration).

     Example: Values for GCP + HDE or Cloud Healthcare API cloudProviderSettings

     json

     Copy

     1
     {
     2
       "cloudProviderSettings": {
     3
         "typeId": "gcp",
     4
         "productId": "cloud-healthcare-api", 
     5
         "settings": {
     6
           "location": "us-west1", 
     7
           "fhirStoreId": "my-fhir-store",
     8
           "projectId": "fhir-test-123456", 
     9
           "datasetId": "fhir-test"
     10
          }
     11
       }
     12
     }
8. You should get a successful 200 response with a payload populated with the details of the new GCP cloud destination. Specifically, the verified status of the destination should be set to true.
9. Your new cloud destination can now receive data from Redox. We convert those messages into a transaction bundle, which are ingested into Cloud Healthcare API.