EHR Connections for Organizations
Overview
Learn how to configure and manage Electronic Health Record (EHR) connections for your Ambient Scribe organization.
What is EHR Integration?
EHR integration connects Ambient Scribe with your organization's electronic health record system, enabling:
Single Sign-On: Launch from EHR with automatic authentication
Patient Context: Receive patient information when launching from EHR
Direct Note Transfer: Send completed notes to patient charts
Seamless Workflow: Reduce copy/paste and manual entry
Accessing EHR Settings
Sign in as an organization admin
Navigate to Organization
Click the EHR Connections tab
View and manage integration settings
Organization Remote Authentication
At the top of the EHR Connections page is the Organization Remote Authentication toggle:
Setting | Description |
Remote Authentication Enabled | Users can manually authenticate to configured EHR systems |
Remote Authentication Disabled | Users can only access EHR via SSO integration |
This is a master switch for all EHR connections. When disabled:
- Users cannot manually authenticate to any EHR
- SSO-based authentication still works
- Individual connection settings are overridden
Warning: Disabling this will prevent all manual EHR authentication for your organization.
EHR Connections Table
Below the master toggle, a table shows all configured EHR connections:
Column | Description |
Connection Name | Display name for this connection |
EHR Type | System type (VEHR, TWEHR, FHIR, etc.) |
Client ID | Friendly identifier used in URL parameters |
Remote Auth | Whether this connection allows manual authentication |
Actions | Edit or delete the connection |
Adding an EHR Connection
Step 1: Open the Modal
Click Add EHR Connection
The connection configuration modal appears
Step 2: Configure Connection Details
Fill in the following fields:
Field | Description | Example |
Connection Name | Display name shown to users | "VEHR - Main Clinic" |
EHR Type | Select from dropdown | VEHR, TWEHR, FHIR, Epic, Cerner, Athena |
Client ID | Friendly name used in URL parameters | "VEHR-PTE", "keena" |
API Endpoint URL | EHR API endpoint |
Step 3: Configure Service Account Credentials
EHR connections require service account credentials stored as SST secrets:
Field | Description | Common Values |
Username Secret Key | SST secret name for username | VEHR_UNITY_USERNAME, TWEHR_UNITY_USERNAME |
Password Secret Key | SST secret name for password | VEHR_UNITY_PASSWORD, TWEHR_UNITY_PASSWORD |
Note: Most organizations can use the shared secrets. Only create custom secrets for special cases.
Step 4: Set Remote Auth Permission
Toggle Allow Remote Authentication for this Connection to control whether users can manually authenticate to this specific EHR.
Step 5: Save
Click Create Connection to save. The connection appears in the table immediately.
Supported EHR Systems
EHR Type | Code | Description |
Veradigm | VEHR | Veradigm (formerly Allscripts Professional) |
TouchWorks | TWEHR | Allscripts TouchWorks |
FHIR | FHIR | FHIR R4 compatible systems |
Epic | EPIC | Epic Systems |
Cerner | CERNER | Oracle Cerner |
Athena Health | ATHENA | athenahealth |
Editing a Connection
Find the connection in the table
Click the Edit button (or three-dot menu)
Modify any fields in the modal
Click Save Connection
Changes take effect immediately for all organization members.
Deleting a Connection
Find the connection in the table
Click the Delete button (or three-dot menu > Delete)
Confirm the deletion
Warning: Deleting a connection immediately removes EHR access for all users configured to use it.
Understanding Client IDs
The Client ID is a friendly name used in URL parameters when launching from the EHR:
For VEHR (Veradigm):
- URL parameter: acct=
- Examples: VEHR-PTE, VEHR-QA, SOFHA
For TWEHR (TouchWorks):
- URL parameter: twacct=
- Examples: keena, tw-unity-vc, SOSTWTEST
The Client ID must match what's configured in your EHR's launch URL.
Pre-Chart Feature
Pre-Chart (automatic patient context) is a user-level setting, not an EHR connection setting. Users enable Pre-Chart in their personal Settings.
When Pre-Chart is enabled and EHR integration is active:
- Patient demographics are pulled from the EHR
- Data is used for note generation context
- No manual patient entry needed
See Pre-Chart: Automatic Patient Context for details.
Security and Compliance
Data Protection
All data encrypted in transit (TLS)
Service account credentials stored as encrypted SST secrets
Audit logs maintained for connection changes
HIPAA-compliant infrastructure
Access Control
Only admins can modify EHR connections
Individual users cannot bypass organization settings
Connection changes are logged
Troubleshooting
Connection Not Working
Verify credentials are correct (check SST secrets)
Confirm API endpoint URL is accurate
Check that EHR system is online
Verify Client ID matches EHR configuration
Users Can't Authenticate
Check Organization Remote Authentication is enabled
Verify the specific connection has Remote Auth enabled
Confirm user is in the organization
Have user try signing out and back in
Wrong Patient Context
Verify correct patient is open in EHR
Relaunch Ambient Scribe from the EHR
Check for multiple patient charts open
Contact support if issue persists
Common Questions
Do I need separate credentials for each connection?
Not typically. Most organizations can share the standard service account secrets (VEHR_UNITY, TWEHR_UNITY). Custom secrets are only needed for special configurations.
What if my EHR isn't listed?
Contact support to discuss integration options. We're continually adding new EHR partnerships.
Can users opt out of EHR integration?
Users can disable Pre-Chart in their personal settings, but organization-level EHR connections apply to all members when using SSO.
How do I test a connection?
Launch Ambient Scribe from your EHR with a test patient selected. If patient context appears, the connection is working.
Best Practices
Before Going Live
Test with a non-production EHR environment if available
Verify with a small user group first
Document the launch URL configuration
Train staff on the new workflow
Ongoing Maintenance
Monitor for authentication failures
Update credentials before they expire
Review connections when EHR configurations change
Audit connections quarterly
Related Articles
Need Help?
For EHR integration setup or troubleshooting, contact [email protected].