Data & Interoperability
Safe, secure access to your healthcare data. DWIHN provides APIs that allow beneficiaries and authorized developers to access health information in compliance with CMS and ONC standards.
Interoperable health data access built on federal standards and beneficiary control.
About
At Detroit Wayne Integrated Health Network (DWIHN), we want to give our beneficiaries safe and easy access to their healthcare data following Center for Medicare & Medicaid Services (CMS) rules. Based on the ONC 2015 Edition Cures Update (170.315(g)(10)), DWIHN makes sure beneficiaries and approved third-party developers can access health data using our secure Application Programming Interfaces (APIs).
A set of rules that help software applications talk to each other and specify how apps request and share information, making it easier for systems to work together.
A separate app made by another company that can connect with the primary system through APIs to allow more features and better communication between apps.
DWIHN provides secure APIs so you decide who can access your health information and how it is used.
HIPAA Protections
DWIHN protects your healthcare data according to the Health Insurance Portability and Accountability Act (HIPAA). HIPAA keeps your personal health information (PHI) safe by only allowing authorized people and companies to access it.
You can access your healthcare information and request copies of your medical records from health plans and providers.
If your healthcare data is incorrect, you can request changes to your records.
Your healthcare data is safe from unauthorized access. Health plans and providers must follow strict privacy rules.
For more information about your HIPAA rights, visit the official CMS webpage (opens in new tab).
Your healthcare data is protected by HIPAA when it is held by health plans or providers. However, third-party apps you use may not follow HIPAA rules. When you allow an app to access your data, it may not have the same privacy protections.
Before using a third-party app, review its privacy policy to understand how your data will be handled. Consider alternative options if you have concerns about the app privacy practices.
How We Protect You
DWIHN works with PCE Systems, our Electronic Health Record (EHR) vendor, to meet CMS standards. Together, we ensure the safe sharing of healthcare information while protecting your privacy.
All data shared via our API is encrypted to protect your information in transit.
Third-party developers must apply and be approved for access. Beneficiaries control who can access their health information.
Access to data requires token-based authentication for an added level of security.
DWIHN partners with PCE Systems, our certified EHR vendor, to implement interoperability standards and keep your data secure.
Developer Resources
DWIHN provides two API types to support beneficiary data access and provider discovery in compliance with CMS requirements.
This API helps beneficiaries find in-network healthcare providers. It allows third-party apps to show correct provider details and assists beneficiaries in finding healthcare professionals and services.
This API allows DWIHN beneficiaries to securely access their healthcare data, including claims and clinical information, to meet CMS standards for giving individuals more control over their healthcare.
Patient Access API endpoints are available to approved application developers only. Review the Web Service API Documentation to apply. (opens in new tab)
Beneficiary Guidance
When selecting a third-party app to access your healthcare data, keep these important considerations in mind.
Learn how the app lets you access your health info. Review any guides provided by the developer.
The app should use strong passwords or multi-factor authentication for added security.
Ensure the app privacy policy clearly explains how your information will be used and shared.
Check what information the app collects beyond your healthcare data. Be cautious if it requests too much personal info.
Understand where your data will be stored and if it will be accessed outside the U.S.
Look into how the app shares your data. Ensure you can opt out of sharing with third parties.
Choose apps that let you control how much data you share and with whom.
Verify that the app uses encryption and other security protocols to protect your data.
The app should have a clear process for addressing privacy concerns and complaints.
Ensure you can easily stop the app from accessing your data when you no longer need it.
For Developers
Review our Web Service API Documentation for full details on security protocols and technical requirements. Submit a written request using the PCE API Access Request Form to apply for developer access.