Patient Access Information for Providers

Giving patients easy electronic access to their health information can engage patients, improve health outcomes, and increase the efficiency of your practice, saving money. Below, find resources on patients’ rights to access their health information, privacy and security protections for patient information under HIPAA, federal payment incentive programs for using electronic health records (EHRs), and implementing technology solutions that ensure convenient, secure access for individuals.

Patient Access Resources for Providers

Use these training tools and technical guidance resources to optimize the use of EHRs in your practice or clinic.

Training Tools

What is an API?

Adding application programming interfaces (APIs) to your EHR allows you to easily share health information with your patients through applications they choose. Learn how with this interactive educational tool.

API Task Force Recommendations

These recommendations will help enable consumers to leverage API technology to access patient data, while ensuring the appropriate level of privacy and security protection for the data in the EHR.

Guide to Privacy & Security

Everyone plays a role in protecting the privacy and security of electronic health information. Learn from this guide what role you play.

Improving the Health Records Request Process for Patients

Patients and caregivers still face challenges in accessing their health records. This report, based on research with real people, can help you improve the health record request process for patients.

Access Right, Health Apps, and API FAQs

Find answers to frequently asked questions about Health IT and HIPAA from the HHS Office for Civil Rights.

Technical Guidance

Use APIs to Ease Information Exchange

APIs can help you exchange health information efficiently with other providers and see data from multiple sources in one place.

Draft U.S. Core Data for Interoperability

Your EHR needs to capture information for a common set of data classes so it can support effective exchange of health information with patients and other providers. Learn more about ONC’s  Draft U.S. Core Data for Interoperability (USCDI).

Model Privacy Notice for Apps

A model privacy notice (MPN) is like a nutrition label for web applications, displaying a company’s privacy practices in a clear, transparent way to help patients make informed decisions when selecting health applications and products that would use or store their health information.

Technical Implementation Guides for Health Apps and APIs

This guide explains the key considerations for implementing and managing APIs in health care with privacy and security of health information in mind.