Connect your EHR. Skip the chart-to-form copy-paste.
DenialHelp ships a live, vendor-neutral SMART-on-FHIR client. Patient demographics, conditions, medications, and prior denials prefill the appeal — your staff edits and signs, not retypes.
What we connect to
Six EHR vendors registered. New vendors take ~1 business day to wire up against an existing FHIR R4 endpoint.
Active integration. Production registration in progress.
DrChrono Marketplace →Client ID configured. SMART-launched + standalone modes ready.
Cerner CODE →Client ID configured. USCDI patient + condition + medication scopes.
Athena Marketplace →Client ID configured. Production onboarding on practice request.
eCW Developer Portal →Client ID configured. SMART backend services supported.
MEDITECH Expanse FHIR →Don’t see your EHR? If it exposes a FHIR R4 endpoint and supports SMART authorization, we can wire it up. Tell us what you use.
What you get from connecting
The same appeal-drafting product, with chart data prefilled instead of retyped.
Prefill from the chart
Patient demographics, diagnoses (ICD-10), active medications (RxNorm), encounter dates. No retyping; no transcription errors.
Clinical context the letter needs
USCDI v1 data classes — conditions, medication orders, observations, procedures — surface as click-to-include exhibits in the letter editor.
Standards-compliant auth
SMART App Launch v2, PKCE on every flow, confidential-client JWT assertions (RS384, RSA-2048), public JWKS endpoint with key rotation.
Technical specifications
For your EHR security team and integration engineers.
- • SMART App Launch v2 (EHR-launched + standalone)
- • OAuth 2.0 + PKCE (mandatory, no client-secret-only flows)
- • Confidential clients via JWT client assertions (RS384, RSA-2048)
- • Public JWKS at
/.well-known/jwks.json - • Per-vendor allowlist on issuer (iss) — fail-closed SSRF defense
- • State + nonce + iss-binding to prevent session fixation
- •
patient/Patient.read - •
patient/Condition.read - •
patient/MedicationRequest.read - •
patient/Observation.read - •
patient/Encounter.read - • Read-only. We never write to your EHR.
- • AWS Lightsail Sydney (ap-southeast-2), BAA-covered
- • PHI at rest on LUKS-encrypted volume (AES-XTS-256)
- • SQLCipher on top of LUKS (defense in depth)
- • Tailscale tailnet between gateway and home server
- • Cloudflare DNS-only — PHI never traverses CDN proxy
- • Every USCDI field passes through in-house redaction (regex + Presidio)
- • Outbound gate refuses if any identifier survives
- • LLM only ever sees de-identified text
- • Rehydration happens in-process after the response
- • Token-mapping never logged or persisted
How to connect
From practice signup to first auto-prefilled appeal.
- 1Create a Pro account
Magic-link or Google / Microsoft OAuth. Pick the Provider ($149/mo) or Practice ($499–999/mo) tier — Enterprise has unlimited.
- 2Connect your EHR
EHR-launched flow: install DenialHelpfrom your vendor’s marketplace, launch from a patient chart. Standalone flow: paste your organization’s FHIR base URL in
/fhir/connect, authorize, done. - 3Draft your first appeal
When you start a new appeal for a connected patient, demographics + diagnoses + medications prefill. Click-to-include any USCDI item as an exhibit. Prescriber signs. Packet PDF auto-assembles.
- • HIPAA-compliant — designated Privacy Officer, signed Security Risk Analysis on file
- • AWS BAA signed for AWS PHI sub-processors (Textract, S3, Lightsail)
- • PHI text inference uses Anthropic subscription Claude over de-identified inputs
- • Immutable audit log with BEFORE-UPDATE / BEFORE-DELETE triggers
- • 7-year retention policy with automated purge cascade
- • 60-day breach notification clock with T-30 / T-7 / T-1 alerts
Full detail at /security.
Ready to connect?
Start with the Pro tier and connect your EHR yourself, or talk to us about an Enterprise integration with a custom BAA and dedicated onboarding.