The Case for (and Against) Opening Up EHR Data — Epic at the Center of the Debate
Electronic Health Records (EHRs) are the digital backbone of modern healthcare, and few systems have as much influence as Epic. With over 250 million patients' records stored in its system, Epic plays a critical role in shaping how data flows across the healthcare ecosystem.
One of the most contentious and consequential issues today? Whether (and how) Epic and other EHR platforms should allow external vendors access to their databases.
???? The Case for Open Access:
Interoperability and Innovation: Allowing third-party vendors secure access to EHR data can supercharge innovation—supporting AI diagnostics, digital twins, remote monitoring, and personalized care pathways.
Patient-Centered Care: When data can move seamlessly across platforms, patients benefit from coordinated care, fewer redundant tests, and faster insights.
Ecosystem Growth: An open API economy around EHR data can stimulate a healthier digital health marketplace, encouraging nimble startups to bring valuable solutions to the point of care.
⚠️ The Risks and Realities:
Data Security & Compliance: More access points mean more vulnerabilities. Ensuring HIPAA compliance and robust data governance becomes exponentially more complex.
Fragmentation and Quality Control: Not all vendors are created equal. Variability in how third parties interpret and use data can lead to inconsistent outcomes—or worse, patient safety risks.
Business Models vs. Public Good: Epic has invested heavily in its infrastructure. Should it be compelled to open access in ways that undercut its competitive position? Where do we draw the line between private IP and public utility?
????Epic has traditionally taken a guarded stance on external access—prioritizing stability, security, and compliance. Critics argue this slows innovation. Supporters contend it's necessary to protect both patients and the integrity of care delivery.
???? As we move toward a more integrated and intelligent health system, these tensions will only grow. The real question isn’t if data should be shared—but how, with whom, and under what conditions.
Overthinker - 4 weeks ago
Yes, all EHR vendors should provide data access. Like others are saying, healthcare software should improve the patient's experience and their care - all of which are furthered by data sharing.
However, there's a reasonable caveat that EHRs should not have to share that data in the format it lives in now. They need to protect their intellectual property, and data storage (tables, column names, everything) can all give competitors insight into the way that EHR is coded and its capabilities. That means data should be shared if we can agree on a data-neutral format - and that's always where the hang-up is. Push the government to make a vendor-neutral format of all the data patients and these "competing applications" might want.
Dev Watson - 4 weeks ago
Let's remember, it is the patient's data. Additionally how would any EHR vendor prove a competing vendor is a security or compliance risk. EHRs became "a thing" originally due to funding to support interoperability.
Brendan Keeler - 4 weeks ago
Information blocking law and regulation means only two of these answers are valid (starting with "Yes")
Travis Bond - 4 weeks ago
How did we get here? This question is absurd if you think about the role of software. It’s like saying should we share information across Word or Excel. Software is a tool. The tool should NOT dictate its utility.
Yes to Data - if permitted by the customer and does not contain any CareEverywhere data from entities that have not given permission to share data.
System Access- No, never, ever… No way….
The Case for (and Against) Opening Up EHR Data — Epic at the Center of the Debate
Electronic Health Records (EHRs) are the digital backbone of modern healthcare, and few systems have as much influence as Epic. With over 250 million patients' records stored in its system, Epic plays a critical role in shaping how data flows across the healthcare ecosystem.
One of the most contentious and consequential issues today? Whether (and how) Epic and other EHR platforms should allow external vendors access to their databases.
???? The Case for Open Access:
Interoperability and Innovation: Allowing third-party vendors secure access to EHR data can supercharge innovation—supporting AI diagnostics, digital twins, remote monitoring, and personalized care pathways.
Patient-Centered Care: When data can move seamlessly across platforms, patients benefit from coordinated care, fewer redundant tests, and faster insights.
Ecosystem Growth: An open API economy around EHR data can stimulate a healthier digital health marketplace, encouraging nimble startups to bring valuable solutions to the point of care.
⚠️ The Risks and Realities:
Data Security & Compliance: More access points mean more vulnerabilities. Ensuring HIPAA compliance and robust data governance becomes exponentially more complex.
Fragmentation and Quality Control: Not all vendors are created equal. Variability in how third parties interpret and use data can lead to inconsistent outcomes—or worse, patient safety risks.
Business Models vs. Public Good: Epic has invested heavily in its infrastructure. Should it be compelled to open access in ways that undercut its competitive position? Where do we draw the line between private IP and public utility?
????Epic has traditionally taken a guarded stance on external access—prioritizing stability, security, and compliance. Critics argue this slows innovation. Supporters contend it's necessary to protect both patients and the integrity of care delivery.
???? As we move toward a more integrated and intelligent health system, these tensions will only grow. The real question isn’t if data should be shared—but how, with whom, and under what conditions.
Yes, all EHR vendors should provide data access. Like others are saying, healthcare software should improve the patient's experience and their care - all of which are furthered by data sharing.
However, there's a reasonable caveat that EHRs should not have to share that data in the format it lives in now. They need to protect their intellectual property, and data storage (tables, column names, everything) can all give competitors insight into the way that EHR is coded and its capabilities. That means data should be shared if we can agree on a data-neutral format - and that's always where the hang-up is. Push the government to make a vendor-neutral format of all the data patients and these "competing applications" might want.
Let's remember, it is the patient's data. Additionally how would any EHR vendor prove a competing vendor is a security or compliance risk. EHRs became "a thing" originally due to funding to support interoperability.
Information blocking law and regulation means only two of these answers are valid (starting with "Yes")
How did we get here? This question is absurd if you think about the role of software. It’s like saying should we share information across Word or Excel. Software is a tool. The tool should NOT dictate its utility.