Close
In this section
See all services See all Locations
Dismiss Modal
Close

Services

See all services
Bariatrics Behavioral Health Cancer Care Heartburn Heart & Lung Emergency Care LifeCenter Neurosciences Orthopedic Care Primary Care Surgical Services Urgent Care Virtual Primary Care Women's Health

Locations

See all Locations
Emergency Room Urgent Care Primary Care Surgical Center Pharmacy Hospital

Patients & Visitors

For Patients For Visitors Spiritual Support Parking Important Phone Numbers 1-888-569-1000 Campus Maps Pay a Bill Online Visitor Information

More

News Blog For Our Community For Healthcare Professionals AtlantiCare Foundation About Us Giving Options Explore Careers

Allowing Applications to Access Your Health Records

Happy healthcare professional

Welcome to our comprehensive guide on authorizing third-party applications to access your health records. Here, patients will find essential information and step-by-step instructions for granting access to various types of health information, including personal details, diagnostics, allergies, and more. Patients have the flexibility to decide whether to allow third-party applications to view or manage their data for specific durations, empowering them to harness healthcare-related features offered by these applications. Rest assured, patients retain complete control over the shared data and can adjust or revoke access as needed. We prioritize your data security through robust measures like encryption and data validation. It's important to exercise caution, particularly when authorizing access on public computers, to safeguard personal information. Additionally, we demystify the distinction between "Unknown app" and "Validated" statuses, underscoring the significance of trust in the third-party app developer or source. In essence, this page serves as your go-to resource for responsibly managing and securing your health data access.

Allowing Applications to Access Your Health Records

Information Shared with Applications

When applications request access to your health information, applications may request access to the following:

  1. Name and email address of the logged-in user
  2. Health records that belong to the selected people
  3. Health information types (for example: Care Plan or Allergies)

Applications can request to view health information, manage your health record, or both.

  • View allows the application to read your health information for a specified period of time.
  • Manage allows the application to read and write information to your health record for a specified period of time.

You manage what data you share and can modify it or revoke access at any time. Select or deselect the information you authorize your application to access.

Access your Patient Portal

Applications may request access to your health records for the following specific periods of time:

  • Ten minutes (default)
  • Until you log out
  • Until you revoke access for an application

Note

  • You can review or revoke access on the Manage Authorization page. If one of your devices is ever lost, stolen, or compromised, you can use that page to revoke the access of this application to personal health information.
  • Do not approve applications on a public computer or device, because it may be able to access personal health information (PHI) even when you are not personally using the application.
  • Access will be automatically revoked after 100 days of application inactivity.

Application Checks

When allowing an application to access your health records information, the security of your data is important to ensure the following:

  • Your data is being securely transmitted using modern transport layer security and encryption protocols.
  • You can easily understand what legal entity you are sharing your data with.
  • Detailed information about the application is knowable (application name, environment name, organization name and its location).

Your application status is displayed in the banner under the application name when the Authorization Needed page opens.

  • Validatedcheckmark- The application is validated by Cerner.

In addition to the above information about the application, a series of technical checks is run to display information about the application to users to help you make informed decisions.

When Cerner can verify the information, the following is displayed:

  • Application name
  • Domain name
  • Organization name
  • Organization location

If Cerner cannot verify the information about your application using the available Internet resources, the application is displayed with the status Unknown app.

 

You can also review the status of your applications at any time on your Manage Authorization Page.

Note

Applications with the Unknown app status may pose risks to your personal data. Allow access only if you trust the app developer or publisher or have downloaded the application from a store that you trust.

Authorizing Access to your Health Records

Based on the health information types (for example Care Plan or Diagnostics) selected, confirm whether you agree to authorize access to your health record.

  1. Review the health information requested by the application.
  2. Select or deselect the information shared with the application as appropriate.

Note

Deselecting the information shared with applications can affect the way applications work. For example, if you decide not to share your appointments with an appointment setting application, the application might not work correctly.

Select Allow Access. The health application is displayed with access active until you revoke it.

Note

You can select Go Back to cancel the authorization and return to the application.

You can review all active applications with allowed access on the Manage Authorization page.

Types of Health Information Connected Applications 
Can View and Manage

Below is a master list of the types of information available in your health record. An application can request to view or manage one or more of the following types of information in your health record, subject to your approval to allow the application access in the workflow depicted above:

Health Information Description
Source Tracks the source of the information and is used to assess the trustworthiness and reliability of that information.
Diagnostics
  • The interpretation of your test results by a clinician. For example, the determination of a fractured bone by a radiologist when viewing your x-ray.
  • All clinically observed data, for example, laboratory results, vital signs, diagnostic images, social history, and core traits such as pregnancy status or a death assertion.
Nutrition Nutrition can include requests or orders to supply a diet or supplement to a patient.
Demographics
  • Information that identifies an individual outside of a specific healthcare setting, providing a way to link people across different facilities or organizations.
  • Personal information such as names, address, telephone number, associated contacts, gender, birth date, race, ethnicity, and your applicable language.
Documents
  • Files stored with your chart that can include images, videos, .PDF files, or .ZIP files.
  • Ability to read documents and files that include text, images, or both, specific to your health record. This can include notes, commentary, and summaries recorded by a healthcare provider.
Contracts Details about who has permission to view your health information electronically.
Consents Details about who has permission to view your health information electronically.
Related Persons Details about the people who have been recorded as having a relationship with you such as a spouse, guardian, or parent.
Allergies Details about substances that you are allergic to and the reactions you had to the substance. This can include medications, food, or substances in the environment such as dust or dogs.
Conditions Details about problems, diagnoses, health concerns, or health issues recorded by your healthcare provider. These may include both confirmed and unconfirmed conditions.
Organizations Details about places where healthcare services are provided. This can include hospitals, physician offices, and locations in a hospital.
Physicians Details about people that provide care at a healthcare facility. This is not limited to physicians, and may include other healthcare providers such as nurses and therapists.
Orders Details about orders, procedures, and requests for services or activities to be performed. This can include a wide range of requests including nursing care activities, referrals, and consults. This does not include medication, or nutrition or dietary orders.
Procedures Details about medical and surgical procedures performed.
Medical Devices Details about implanted medical devices. The unique device identifier is stored here, and can be used to uniquely track devices that have been implanted or removed. Examples include a pace maker or insulin pump.
Immunizations Details about immunizations or vaccinations received or not given and reason not given. Self-reported immunizations are included.
Appointments
  • Details about appointments. This includes information on appointment date and time, appointment location, and who participated in the appointment.
  • Ability to schedule new appointments on your behalf. This includes information on the date and time of the new appointment, the location of the appointment, and the person with whom the appointment is made.
  • Details about previous admissions and visits to a healthcare provider, and the reason for the visit, if available. The admissions may include urgent, emergency, and preventative visits, but is not limited to those types of visits.
  • The time period that a provider or a location is available to schedule an appointment.
  • The time period for which the appointment slots are available.
Care Plans
  • Care team members that can include friends, family, providers, and even yourself.
  • The plans that your care team has documented to help improve your health.
  • Outcomes you want to achieve in the future and have discussed with your healthcare provider.
Questionnaires and Answers A list of questions, a list of possible answers to the questions, and your answers. This can include your social or family history.
Medications
  • A history of specific dates and times when a medication was consumed or administered.
  • A record of ordered medications.
  • A list of medications previously taken, currently being taken, or scheduled to be taken, including the dosage and schedule.
  • A record of dispensed medications.

FAQ: Allowing Applications To Access Your Health Records

A list of the health information types (for example: Care Plan or Diagnostics) that is available in the health record will be displayed on the screen. You can deselect any health information type, then the application will not have access to them.

See Types of Health Information Connected Applications Can View and Manage for a full list of health information types.

The application can read, write, or read and write data to the health records that belong to the selected patients.

According to the healthcare organization, you may have access to health records for multiple patients.

According to the healthcare organization that holds the health records, you have access only to the health records of those who are listed under Allow Access to the Records of and not your own. You may not have a personal healthcare record at the healthcare organization.

You should ask your healthcare organization to authorize you to provide access for the records of other patients.

This allows the application to read the health records that belong to the selected patients according to the selected health information types (for example: Care Plan or Diagnostics).

This allows the application to read and write information to the health records that belong to the selected patients according to the selected health information types (for example: Care Plan or Diagnostics).

The health information types may be grouped under a parent type. 

See Types of Health Information Connected Applications Can View and Manage for a full list of health information types.

The time is specified in the footer of the Right of Access page. One of the following options may be specified:

  • 10 minutes (default)
  • Until you log out
  • Until you revoke access for an application

Access for the application can be revoked on your Manage Authorization page. Follow the revoke access instructions.

No, it will not have access to your records after you select Go Back. You need to confirm your permission by selecting Allow Access.

The application name cannot be verified through internet resources. Check for more details about the status of the application before allowing access to the application.

Very little information about the application can be verified through internet resources. Allow access only if you trust the application developer or publisher or have downloaded the application from a store that you trust.

The application has been validated by Cerner. Check for more details about the status of the application before allowing access to the application.