Human API
Human API aggregates health data from patient-connected sources including wearables, fitness devices, consumer health apps, and insurance claims, giving AI agents a unified API to access self-reported and passively collected health data with patient consent.
Score Breakdown
⚙ Agent Friendliness
🔒 Security
HIPAA BAA available for covered entities. SOC2 Type II certified. Patient-controlled consent model with explicit per-source authorization. All data access tied to patient-granted tokens.
⚡ Reliability
Best When
You need consumer health and wellness data aggregated from wearables and patient-connected apps with patient consent, particularly for digital health, wellness, and remote monitoring use cases.
Avoid When
You need authoritative clinical records from healthcare providers rather than patient-generated or consumer device data — clinical-grade data requires EHR or HIE sources.
Use Cases
- • Aggregating wearable activity, sleep, and heart rate data from Fitbit, Garmin, and Apple Health for wellness coaching agents
- • Accessing patient-shared insurance claims and medical records for health management platform agents
- • Building personalized health insights agents using continuous biometric data streams from consumer devices
- • Integrating patient-generated data with clinical records for hybrid clinical-consumer health applications
- • Enabling remote patient monitoring workflows by pulling daily vitals from connected health devices
Not For
- • Accessing clinical EHR data directly — use Epic FHIR, Health Gorilla, or Particle Health for clinical records
- • Insurance claims processing or eligibility verification — use Availity or Change Healthcare
- • Real-time high-fidelity clinical monitoring requiring medical-grade device data
Interface
Authentication
OAuth2 with patient authorization flow — patients must explicitly connect data sources via Human API's auth widget. Access tokens are scoped per patient per connected source. BAA available for HIPAA-covered applications. Patient can revoke access at any time.
Pricing
Usage-based pricing with per-connected-user monthly fees. Enterprise plans for high-volume deployments. Insurance claims data access may have additional per-query costs.
Agent Metadata
Known Gotchas
- ⚠ Patient must actively connect each data source through the OAuth flow — agents cannot access data until the patient completes the authorization widget
- ⚠ Data freshness depends on sync frequency of connected sources — some wearables only sync periodically, so agents may receive stale data
- ⚠ Patient can disconnect a data source at any time, causing sudden data gaps that agents must handle gracefully
- ⚠ HIPAA BAA must be executed if your application is covered by HIPAA — failure to do so makes PHI access non-compliant
- ⚠ Device data quality varies significantly — consumer wearables are not medical-grade and agents must not treat them as clinically authoritative
- ⚠ Insurance claims data availability depends on which payers the patient has connected — coverage is incomplete relative to clinical sources
- ⚠ Patient identity matching between Human API records and clinical EHR records requires careful linkage logic to avoid misidentification
Alternatives
Full Evaluation Report
Detailed scoring breakdown, competitive positioning, security analysis, and improvement recommendations for Human API.
Scores are editorial opinions as of 2026-03-06.