Q: What patient data can I access with Medfusion’s APIs?

Accessible data includes information shared with patients that is typically included in CCDA documents such as:

  • Demographics
  • Appointments
  • And the following Data Categories including:
    • Lab & Test Results
    • Medications
    • Allergies
    • Immunizations
    • Problems
    • Procedures
    • Vitals
    • Documents (including CCDAs, PDFs, and TXT files)
Q: How do the Medfusion APIs work?

The Medfusion APIs enable your applications to connect to user healthcare data by having the users make the connection. In your system or application, you simply include a step where patients/consumers identify their providers and then enter their patient portal credentials associated with those providers. With one click, the Medfusion APIs can then gather – within minutes – all the information you seek from those portals or EMR systems.


Q: How long does it take to gather patient data?

Even the most complex patient histories can usually be gathered in under 10 minutes. Most data profiles take as little as one minute.

Q: From what EMRs and Portals can the Medfusion APIs access data?

We currently support over 30 different Medical Record and Patient Portal vendors, covering over 70% of the market. A short list includes:

  • Epic MyChart
  • Athena Communicator
  • eClinicalWorks Patient Portal
  • Allscripts FollowMyHealth
  • NextGen NextMD
  • Cerner Millennium
  • Surescripts Patient Portal
  • Veterans Affairs & TriCare
  • Meditech
  • PracticeFusion
  • RelayHealth
  • Kaiser Permanente
  • Mayo Clinic
  • Medicare
  • And more every month…
Q: What does the data look like when we receive it? Is it structured?

Yes. All data is mapped to REST resources based on the HL7 FHIR standard. Here is a sample of what the data looks:


Q: How do you gather and transmit the data?

Depending on the EMR or Portal, Medfusion leverages integrations via HL7, CSV, DB access, SOAP or REST Protocols (or a combination of those) and user-credentialed access to “pull” the data and structure it upon receipt.

Q: How is the data secured in transit and at rest?

Medfusion is PCI Level 1 and HIPAA-compliant. The data is stored securely within our servers with AES-256 encryption -- the same kind of security mechanism that banks use. Medfusion has been in the Healthcare domain and patient portal business for over 15 years and takes patient data security very seriously.

Q: What do I get with Medfusion APIs?

We will work with you to provide APIs and support suited to your user experience and data acquisition needs, but can include:

  • Single API for access to Medical Record data from 30+ EMR Vendors
  • Medfusion Connect for user-credentialed access to 10000+ Healthcare Organizations
  • Standards-based Resources mapped to HL7 FHIR
  • Data can be pulled on-demand or kept up-to-date automatically each day
  • Ongoing access to new Organizations and EMR’s
  • Developer Support (Priority Available)
  • Robust REST API Documentation
Q: How do I contact Medfusion to get more information?

Fill out our contact form and we will be in touch soon.