Patient Data Export & Portability Checklist (2026)

1Tell us where to send it
Your name and work email — nothing more.
2Check your inbox
Your checklist arrives in seconds, not days.
3Use it with your team
Editable and ready to share — make it your own.

A peek inside

See exactly what you're getting

Free PDF

Spotsaas · 2026

Patient Data Export & Portability Checklist

✓ Why this matters

✓ Right-of-Access & Legal

✓ Format & Structure

✓ Data Objects to Export & Validate

Get the checklist →

What it is

The Patient Data Export and Portability Checklist is a practical guide for getting your data out of an EHR — whether you're switching systems, building an archive, or honoring a patient's right-of-access request. Its premise is blunt: exports are harder than vendors admit. They are often partial, they lock discrete data inside rendered PDFs, and they quietly drop attachments and history. The checklist helps you demand the right formats, validate completeness, handle retention and legal obligations, and avoid being held hostage by your old system at the worst possible moment.

The document is organized around right-of-access and legal obligations, format and structure, the specific data objects to export and validate, completeness validation, and the questions to ask the outgoing vendor. On the legal side it pushes you to confirm your contractual data-export and data-return rights, formats, fees, and timelines before signing or terminating, to honor the HIPAA right of access by delivering records in the form a patient requests when readily producible, and to determine your medical-record retention obligations — which under state law often exceed federal minimums — before deleting anything.

On the technical side it insists you demand structured, discrete data — C-CDA, FHIR, or a database extract — rather than just rendered PDFs, and that you map code systems (ICD-10, CPT, LOINC, RxNorm, SNOMED) so coded data survives the move. It makes you export documents and attachments in usable formats with the metadata that links them to the right patient and encounter, and capture audit trails and version history where legally required. The vendor questions at the end — will you provide a full discrete-data export or only PDFs, are attachments and audit logs included, what are the fees and turnaround at termination, and how far back does the export reach — are designed to surface lock-in before it traps you.

What it's used for

Practices reach for this checklist at the highest-stakes data moments — choosing a vendor (to verify exit rights before entry), terminating one, archiving a legacy system, or fulfilling a patient's right-of-access request. Its job is to make sure the data that leaves is complete, usable, and legally compliant.

✓ Confirming contractual data-export and data-return rights, formats, fees, and timelines before signing a new EHR or terminating an old one — so you're never surprised at exit.
✓ Demanding structured, discrete data (C-CDA / FHIR / database extract) instead of rendered PDFs, so the exported data stays usable in the next system.
✓ Mapping code systems (ICD-10, CPT, LOINC, RxNorm, SNOMED) so coded clinical data survives the export rather than collapsing into text.
✓ Honoring the HIPAA right of access for patient requests — delivering records in the requested form and format when readily producible, within the required timeframe.
✓ Determining medical-record retention obligations, including stricter rules for minors and special-category data like behavioral health and substance use, before deleting anything.
✓ Validating completeness — confirming attachments, scanned documents, imaging, and audit logs are included and that the export reaches as far back as the record requires.
✓ Interrogating the outgoing vendor with pointed questions to expose partial exports, hidden fees, and history limits before they become a crisis.

Who uses it

Data export sits at the crossroads of health information management, IT, compliance, and the practice's leadership, and the checklist is built to coordinate all of them around a complete, lawful export.

Health information management (HIM) staffThey own the medical record and use the checklist to ensure exports are complete, properly formatted, and meet retention obligations before any data is deleted.

Practice administrators and project leadsThey negotiate export and data-return rights into contracts before signing and manage the termination logistics when leaving a vendor.

IT and data engineersThey execute and validate the technical export — C-CDA/FHIR/database extracts, code-system mapping, attachment metadata — and confirm completeness against the source.

Compliance and privacy officersThey ensure HIPAA right-of-access requests are honored correctly and that retention, minors' records, and special-category data rules are followed.

Migration teams switching EHRsThey depend on a clean, discrete export from the outgoing system as the source for a no-data-loss migration into the new one.

Context & good to know

Data portability is where EHR lock-in becomes concrete. A vendor that makes it easy to enter and painful to leave can extract significant leverage at renewal or termination, and the most common form of that leverage is a degraded export — one that delivers PDFs instead of discrete data, omits attachments and audit logs, charges steep fees, or only reaches back a limited number of years. The checklist's emphasis on confirming export rights before signing is the single most effective defense, because the time to negotiate a clean exit is before you're committed, not when you're already trying to leave.

The legal layer is as important as the technical one. The HIPAA right of access obligates covered entities to provide patients their records in the form and format they request when readily producible, within required timeframes, which means the EHR's export capabilities directly affect your ability to comply. Retention obligations cut the other way — state laws often require keeping records for years beyond federal minimums, and minors' records and special-category data such as behavioral health and substance use carry stricter rules — so the checklist insists you determine these obligations before deleting anything from a system you're leaving.

Technically, the difference between a usable export and a useless one is whether discrete data survives. Demanding C-CDA, FHIR, or a database extract preserves the coded values — diagnoses in ICD-10, procedures in CPT, labs in LOINC, medications in RxNorm, problems in SNOMED — that the next system can act on, while a PDF-only export strips that structure and turns your medical record into a stack of images. This is the same discrete-vs-document problem that breaks migrations, viewed from the export side, which is why the checklist pairs format demands with completeness validation: confirming that attachments, imaging, audit trails, and the full historical reach all come across intact whether you're exporting from Epic, eClinicalWorks, Kareo, or any other system.

✓ Independent · vendors can't pay to rank

Built on verified data, not vendor spin

Every Spotsaas resource draws on the Spotsaas Score — a blend of verified review ratings, review volume, and feature depth across 74 EHR software tools. Refreshed regularly; data as of June 2026.

FAQ

Questions, answered

Why is exporting data from an EHR harder than vendors admit?

Because exports are frequently partial. Vendors may deliver rendered PDFs instead of discrete data, omit attachments, imaging, or audit logs, charge significant fees, and limit how far back the export reaches. None of this is usually visible until you try to leave, which is why the checklist makes you confirm export rights and formats before signing, not at termination.

What is the difference between a discrete-data export and a PDF export?

A discrete-data export (C-CDA, FHIR, or database extract) preserves coded, structured values — diagnoses, medications, labs — that the next system can act on, trend, and report from. A PDF export renders the record as images or documents, stripping that structure. For a migration or any future use, discrete data is essential and PDFs alone are often inadequate.

What is the HIPAA right of access and how does it affect exports?

The HIPAA right of access requires covered entities to provide patients their records in the form and format they request when readily producible, within required timeframes. This means your EHR's export capabilities directly determine whether you can comply, so the checklist treats patient-request fulfillment as a core export use case alongside vendor switches and archives.

Do I need to keep records after leaving an EHR vendor?

Almost always, yes. Medical-record retention is governed by state law that frequently exceeds federal minimums, with stricter rules for minors' records and special-category data like behavioral health and substance use. You must determine your specific retention obligations before deleting anything, which usually means keeping a complete, validated export or legacy archive.

What code systems need to be mapped during export?

ICD-10 for diagnoses, CPT for procedures, LOINC for labs, RxNorm for medications, and SNOMED CT for problems. If these aren't mapped during export, coded clinical data can collapse into unstructured text and lose its usability in the receiving system, so the checklist makes code-system mapping an explicit requirement.

What should I ask my outgoing EHR vendor about export?

Whether they'll provide a full discrete-data export (C-CDA/FHIR/database) or only PDFs, whether attachments, scanned documents, imaging, and audit logs are included, what the export fees, format options, and turnaround time are at termination, and how far back the export reaches. These questions surface lock-in and hidden limits before they become a crisis.

How do I validate that an export is complete?

Confirm the export includes all required data objects — clinical data, documents, attachments, imaging, and audit trails — and reconcile it against the source for completeness and historical reach. Don't assume that because a file was produced, it contains everything; partial exports often look complete until a specific record is found missing later.

Should I negotiate export rights before or after signing an EHR contract?

Before. Your leverage is highest before you commit, and a vendor is far more accommodating about data-export and data-return terms, formats, fees, and timelines when they're trying to win your business than when you're trying to leave. Locking these into the contract up front is the most effective protection against future lock-in.

Are audit logs included in a standard EHR export?

Not always, which is why the checklist calls them out explicitly. Audit trails and record version history may be required for legal or compliance purposes, but vendors don't always include them by default. You should specifically confirm whether audit logs are part of the export and, if needed, require them in writing.

How does data export relate to switching EHRs?

A clean, discrete export from the outgoing EHR is the source for a no-data-loss migration into the new one. If the export is PDF-only or missing attachments and history, the migration inherits those gaps. That's why portability planning and migration planning go hand in hand — the export defines the ceiling on what the new system can receive.

Keep exploring