How can we give community physicians access to records if they're not on our EMR?

Through a standards-based portal rather than EHR accounts. The physician logs into a hospital-provided portal that draws on the records the hospital already holds (using standards like HL7 v2 and FHIR) and shows them a read-only view of their own patients. They never need to be a user of the hospital's EMR, and no data is copied into a separate system they own.

What does 'read-only' actually prevent?

It means the external clinician can view information but cannot chart, place orders, prescribe, or write back to the record. They see their patients' results and status; they can't change anything. That boundary is what makes broad community access safe to grant.

How is this kept compliant and auditable?

Access is scoped to the physician's own patients, every view is logged at the row level (who saw what, when, from where), practices are verified during onboarding (against sources like the NPI Registry, OIG-LEIE and SAM.gov), and emergency break-the-glass access is governed and audited separately. Because the system runs in the hospital's environment, the hospital's own controls apply.

Is this the same as giving them a login to our EHR?

No. EHR vendor provider portals give outside clinicians a window into that vendor's ecosystem. A standards-based read-only portal works regardless of which EMR the hospital or the physician runs, which matters when your community physicians use a mix of systems — or none.

Referrals & physician engagement

Read-only record access for community physicians

Updated June 2026 · Reviewed by David Higginson, CHIME Innovator of the Year

Your community physicians need to see their patients' results — but you can't hand out EMR accounts to every practice in the region. A governed, read-only portal is how hospitals square that circle.

Read-only access lets an external clinician view a patient's records without being able to chart, order, prescribe, or write back. For community physicians who aren't users of the hospital's EMR, a standards-based portal provides a governed, audited, read-only view of their own patients' information — drawn from the records the hospital already holds, with no EMR account required and nothing copied out of the hospital's control.

Why this problem exists

Community physicians refer patients to a hospital and then need to follow their care — but they work in their own practices, often on a different EMR than the hospital, or with limited IT of their own. Giving each of them a seat in the hospital's EHR is impractical and rarely appropriate. So results go out by fax, and the referring physician is left guessing. A read-only portal solves it by meeting the physician where they are: a simple, secure login that shows their patients, without making them part of your EHR.

What "read-only, governed" means in practice

View, not edit. No charting, ordering, prescribing or write-back — a window, not a workstation.
Their patients only. Access is scoped to the patients the physician referred or is caring for, not the hospital's whole population.
Every view audited. Row-level logging of who accessed which patient, when and from where.
Verified onboarding. Practices are checked against the NPI Registry, OIG-LEIE and SAM.gov before HIM approves access.
Emergency access is governed. Break-the-glass exists for urgent cases and is audited separately.

Why standards-based matters

An EHR vendor's own provider portal serves clinicians inside that vendor's ecosystem. A standards-based portal — built on HL7 v2 and FHIR — works regardless of which EMR the hospital or the physician runs, which is what lets a single portal serve a community of physicians using a mix of systems. It also means the portal extends the EMR rather than replacing or exporting from it. (See results routing: HL7, FHIR, Direct, TEFCA.)

Where this fits at Bluefish

HealthPoint gives community physicians exactly this: a read-only, fully audited view of their own patients — labs, medications, problems, imaging, documents — plus referral status, built on HL7 v2 and FHIR and proven in production on Altera Sunrise, with standards-based connectivity to other major EMRs. Start with what a community physician portal is.

Sources: HealthIT.gov (ONC) — standards · HHS — HIPAA Security Rule.

Frequently asked questions

How can we give community physicians access to records if they're not on our EMR?: Through a standards-based portal rather than EHR accounts. The physician logs into a hospital-provided portal that draws on the records the hospital already holds (using standards like HL7 v2 and FHIR) and shows them a read-only view of their own patients. They never need to be a user of the hospital's EMR, and no data is copied into a separate system they own.
What does 'read-only' actually prevent?: It means the external clinician can view information but cannot chart, place orders, prescribe, or write back to the record. They see their patients' results and status; they can't change anything. That boundary is what makes broad community access safe to grant.
How is this kept compliant and auditable?: Access is scoped to the physician's own patients, every view is logged at the row level (who saw what, when, from where), practices are verified during onboarding (against sources like the NPI Registry, OIG-LEIE and SAM.gov), and emergency break-the-glass access is governed and audited separately. Because the system runs in the hospital's environment, the hospital's own controls apply.
Is this the same as giving them a login to our EHR?: No. EHR vendor provider portals give outside clinicians a window into that vendor's ecosystem. A standards-based read-only portal works regardless of which EMR the hospital or the physician runs, which matters when your community physicians use a mix of systems — or none.