Skip to main content

Patient Access API Agreement

By agreeing, you verify that the App complies with the following basic privacy and security standards:

  • The App has a publicly available privacy policy, written in plain language, that has been affirmatively shared with the member prior to the member authorizing the App access to their health information. To "affirmatively share" means that the member must take an action to indicate s/he saw the privacy policy, such as click or check a box.
  • The App's privacy policy includes, at a minimum, the following important information:
    • How a member's health information may be accessed, exchanged, or used by any person or other entity, including whether the member's health information may be shared or sold at any time (including in the future);
    • A requirement for express consent from a member before the member's health information is accessed, exchanged, or used, including receiving express consent before a member's health information is shared or sold (other than disclosures required by law or disclosures necessary in connection with the sale of the application or a similar transaction);
    • Whether an App will have access to any other information on a member's device; and
    • How a member may discontinue the App's access to their data and what the App's policy and process is for disposing of a member's data once the member has withdrawn consent.