To enhance patient safety and privacy, Athena's Hospital Visitor Managment System (HVMS) integrates directly with Epic. This integration allows your hospital to sync patient data and visitor restrictions in real-time from your EPIC instance to Athena's EPIC Visitor Management System SHOWROOM APP.
Follow these steps to set up the connection between your Epic environment and the Athena HVMS.
EPIC SHOWROOM API CALLS USED:
Patient $match (R4)
Encounter.search (R4)
Flag.search (patient FYI) (R4)
List.read (paient list (R4)
list search (patient list) (R4)
Patient.read (R4)
Paient.Search (R4)
1. Download the App via the Epic Showroom
Before going live, you must test the integration in a non-production environment.
Visit the official listing: Athena Security at Epic Showroom.
Important: Download and install the app into your Testing/Sandbox environment first. Do not install directly into your Production environment until the configuration is verified.
2. Establish Secure Connectivity (IP Whitelisting)
Athena Security prioritizes the protection of Protected Health Information (PHI). Our servers are not open to the public internet. To establish a handshake between systems, a secure connection is required:
Static IP Exchange: You must provide Athena with your hospital’s Static IP addresses so we can whitelist them in the HVMS EPIC SERVER. In return, Athena will provide our Static IPs for you to whitelist on your firewall.
VPN Alternative: If your organization cannot provide Static IPs, you must be prepared to connect via a VPN Relay Server.
Credentials: Once the network path is secure, contact your Athena representative to receive the necessary API keys and security tokens to link the two systems.
3. Configuring the "FYI" Field for Visitor Access
One of the primary points of integration is the Epic FYI field. This field determines who is permitted to visit a patient. Athena’s system decodes this field based on three specific rule formats:
Rule 1: PIN Code Access
If a patient wishes to restrict access to a specific group, they can set a PIN.
How it works: The visitor must enter the correct PIN at the Athena kiosk.
Result: If the PIN is missing or incorrect, the system will block the visitor from printing a badge.
Rule 2: "Everyone But..." (Exclusion List)
Use this when a patient is comfortable with general visitors but wants to block specific individuals.
Best Practice: When entering names to be excluded, include both legal names and known nicknames to ensure the system catches the individual even if they check in with a variation of their name.
Rule 3: "No One But..." (Inclusion List)
This is the most restrictive setting, used for high-privacy patients.
How it works: Access is denied to everyone except those explicitly named in the FYI field.
Best Practice: Again, ensure you list nicknames and full names for the authorized visitors to prevent accidental lockouts of family members.
Get Started with the Athena-Epic Team
Configuring PHI-compliant integrations requires precision. We recommend scheduling a technical deep-dive with our specialized team.
To set up a consultation: Contact your Athena Security Specialist and request a meeting with the EPIC-Athena Implementation Team for your Hospital Visitor Management System.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article