1up Patient Access

Enable members to share their health data with trusted applications using FHIR®-based APIs.

Benefits

Patient Access, Simplified

Gaining access to their health data shouldn’t be complicated for your members or burdensome for you. 1up Patient Access gives your members a secure, digital, and easy way to access and share their health data with third-party apps of their choice.

1up Patient Access goes beyond simply enabling APIs. It manages the entire patient access experience – from data ingestion and member authentication to app onboarding and API usage reporting. You meet CMS requirements with less effort, while giving members easy access to their health information.

Reduced Administrative Burden

Eliminates manual data requests and custom integrations, easing the administrative burden on your team.

Improved Member Experience

Provides members a clear, easy way to access and share their health data using apps they trust.

Better Member Engagement

Empowers members to make more informed decisions based on a holistic view of their health information.

Ebook

2026-2027 Payer Interoperability Guide

CMS-0057 deadlines are fast approaching. Download our new Interoperability Guide to learn what CMS requires, how to avoid costly vendor mistakes, and how to generate value beyond compliance.

Compliance

CMS Compliance Made Easy

Everything you need to meet CMS-0057-F and CMS-9115-F Patient Access requirements.

Patient Access FHIR APIs

FHIR-based APIs with secure OAuth2 authorization that let members securely access and share their health data with authorized third-party apps.

Member Auth App

A patient-mediated authentication experience that supports IdP integration or secure email-based authorization.

Patient Access API Usage Reporting

Pre-built dashboards that track API usage, data access trends, and member engagement to simplify compliance reporting.

Compliance

Value Driven Beyond Compliance

1up Patient Access goes beyond basic requirements by lowering operational effort, simplifying app integrations, and giving members more control over how their data is shared.

Lower integration costs

Third-Party App Network

Connects to a growing ecosystem of vetted third-party apps, without the need for one-off integrations.

Less operational burden

Third-Party App Registration & Onboarding

Enables third-party apps to onboard and obtain OAuth2 credentials via a secure, self-service portal.

Increased member satisfaction

Data Sharing Controls

Gives members control over what information is shared with third-party apps.

How It Works

A simple flow that gives members easy access to their health data.

Data Ingestion & Availability

Member data is securely ingested and made available through the Patient Access API.

App Registration

Third-party apps register once and are approved for read-only, patient-authorized access.

Member Authorization

Members use their health plan credentials (or email) to authorize data sharing with the app of their choice.

Data Sharing

Once authorized, the app securely pulls the member’s data through the API.

Reporting & Oversight

Payers can view API usage, app activity, and member engagement in the 1up Console.

We completed a state audit session during which the auditors reviewed all our technology offerings and how we support our members. The auditors made strong statements about how impressed they were with 1upHealth's tool and its role in supporting our members.

Analyst/Coordinator, September 2025, collected by KLAS Research

FAQs

How does 1up Patient Access authenticate members?

Members authenticate using their existing Identity Provider (IdP) or 1up’s secure email-based authentication. Both support patient-mediated consent, giving members a familiar login experience while meeting CMS authentication and authorization requirements.

What health data is available through the Patient Access API?

The API supports clinical, claims, encounter, and prior authorization data required under CMS-9115-F and CMS-0057-F. Built-in data-sharing controls enable members to choose which patient data is shared with third-party apps during authorization.

Do we need to manage third-party app onboarding ourselves?

No. 1up manages third-party app registration, vetting, credentialing, and access. Approved apps receive read-only, patient-mediated access, reducing operational effort and risk for payer teams.

How does member consent and data sharing work?

Members authenticate, review what data will be shared, and approve access for a specific app. Once authorized, the app can securely retrieve data through the Patient Access API. Members can revoke access at any time.

What visibility do payers have into third-party app usage?

Payers can see which third-party apps are accessing member data in the 1up Console, along with app-specific usage metrics and data-sharing volumes. This visibility supports CMS compliance, oversight, and a better understanding of member engagement.

What third-party applications do you support today?

1up Patient Access supports a growing list of vetted third-party applications. You can view the current list of supported payer, provider, and member apps on our Help Center.

Additional Resources

Ready to Empower Members with Data?

Deliver secure, compliant data access with less effort. Build trust with members. Meet CMS-0057-F and CMS-9115-F with 1up Patient Access.