# Prevent

```mathml
The Prevent API returns patient-specific recommendations for healthy behavior change
```

#### How it works

{% stepper %}
{% step %}

#### Create a secure identifier <a href="#create-a-secure-identifier" id="create-a-secure-identifier"></a>

{% endstep %}

{% step %}

#### Assemble a systems view of your patient's health <a href="#assemble-a-systems-view-of-your-patients-health" id="assemble-a-systems-view-of-your-patients-health"></a>

{% endstep %}

{% step %}

#### Generate personalized lifestyle and wellness recs <a href="#generate-personalized-lifestyle-and-wellness-recs" id="generate-personalized-lifestyle-and-wellness-recs"></a>

{% endstep %}
{% endstepper %}

#### API specifications

<details>

<summary>create a unique <code>system_ID</code> for your patient</summary>

{% hint style="success" %}
System **does not store** any protected health information (PHI) or personally identifiable information (PII) in our data. [Read about our security measures](#ensuring-patient-data-security).&#x20;
{% endhint %}

</details>

<details>

<summary>submit de-identified patient data to generate recs</summary>

{% hint style="info" %}
**FHIR**-interoperable or **customized** schemas for `patient_biomarkers` & `_history`    &#x20;

* If customized, schemas will be included in user portal.&#x20;
  {% endhint %}

</details>

```python
# Example API Call using the Python requests package

requests.post(
    url=f"{<API_URL>}/{<SYSTEM_ID>}",
    headers={'x-api-key': <API_KEY>},
    data=json.dumps(
    {
      "patient_system_id": <system_id>,
      "patient_biomarkers": sample_biomarker_data,
      "patient_history": sample_questionnaire_data,
      "patient_demographics": sample_demographic_data
    }
  )
)
```

#### Data security

To make a patient-specific requests, developers must first generate a unique **`system_ID`** for each patient. This ensures that no requests include the patient’s original identifiers, which may contain or be linkable to personally identifiable information (PII). Instead, we store an **encrypted representation** of the original identifier along with the associated System ID. This is used **exclusively** to track the number of unique patient API calls and to support **traceability and observability** in case providers need to audit their use of the System Clinical Graph APIs.

{% hint style="danger" %}
Developers are responsible for maintaining a **crosswalk** between their internal patient identifiers and the corresponding System IDs. We do **not** store the original patient identifiers in any form.
{% endhint %}