For more information about Human API security and privacy, we recommend that you visit: https://www.humanapi.co/data-security-privacy/
Is my data secure with Human API?
Human API is HIPAA-compliant service, meaning it meets or exceeds U.S. government standards for medical data security, akin to those employed by national banks. More information about our Security measures can be found on our Security page.
Who has access to my data and for how long?
The philosophy behind Human API is that you, the consumer, are always in control of your data. Therefore, Human API will never share your data with any other party unless you explicitly indicate you want to.
In this case, by authenticating to your provider(s) via Human API, you are explicitly authorizing Human API to retrieve your health data on your behalf and make it available to you, only for as long as you want.
What kind of information will Human API have access to?
The information contained in your connected data sources varies by type and provider; your healthcare provider’s Electronic Health Record (EHR) system likely contains details on encounters, conditions, medications, test results, immunizations, etc.
In other words, whatever information you have access to or can download on your provider's portal, Human API can access as well.
Can I revoke access?
Yes you can disconnect your data at any time by emailing firstname.lastname@example.org and requesting to have your account terminated and data disconnected.