Individual Access Services (IAS)

Powering Individual Access Services

As the nation's only dual-designated QHIN and QHIO, Health Gorilla maximizes your success in retrieving data for Individual Access Services, enabling individuals to access their own health information securely.

Maximize responses for Individual Access

As a Participant in Health Gorilla’s QHIN and QHIO, your organization can unlock the following benefits:
  • Comply with information blocking by responding to IAS requests
  • Differentiate your product functionality as an IAS provider
  • Tap into an ever-growing national network of health data as TEFCA and DxF exchange expands
Contact our team to get started.
Thank you.
Your download will begin shortly.
Share this page on LinkedIn
Oops! Something went wrong while submitting the form.

IAS exchange is required in CA's DxF.

In California, Individual Access Services is one of the 4 mandated exchange purposes under the state-wide Data Exchange Framework, enabling the comprehensive retrieval of consumer health information.

Download our QHIO one pager to learn more.

Our Patient Access solution allows organizations to gain patient-mediated access to medical records

Organizations can enable patients to submit queries to our QHIN and QHIO under the Individual Access purpose of use and securely share their medical records with the sponsoring organization.
Enable patients to submit IAS requests
Patient Access facilitates real-time queries to TEFCA and CA's DxF on behalf of verified patients.
Plug-n-play record retrieval workflow
Easily integrate Health Gorilla’s patient-mediated record retrieval workflow into your product.
Secure and compliant
Accurately verify patient identities with our IAL2-compliant service or SMART-on-FHIR workflow.

Is your organization ready for TEFCA and CA's DxF?

As the nation’s only dual-designated QHIN and QHIO, Health Gorilla helps health care organizations comply with state mandates for data sharing, capture federal regulatory incentives, and share health information under permitted exchange purposes, including individual access.

Secure and trusted


We’re HITRUST R2 certified, which means that we successfully manage cybersecurity risks by exceeding industry-defined information security requirements.

SOC 2 Type 2

SOC 2 Type 2 is a stamp of approval on our controls relevant to data security, availability, processing, integrity, confidentiality, and privacy.


Complying with applicable health data laws, including HIPAA, is ingrained in our culture, processes, and staff training.