To build analytics dashboards on Epic or Cerner EHR data, connect to reporting layers such as Epic Clarity, Caboodle, or Cerner ODS instead of the live transactional database. Use FHIR APIs for standards-based access where appropriate. Enforce HIPAA controls through on-prem deployment, row-level security, audit logging, and minimum-necessary dataset design.
Quick Summary (TL;DR)
- Never query Epic Chronicles or Cerner Millennium directly for analytics; use Clarity, Caboodle, ODS, or HealtheIntent instead.
- FHIR R4 APIs provide standards-based, cross-vendor access for targeted use cases and portability.
- FHIR resources use deeply nested JSON, which many traditional BI tools require to be flattened before analysis.
- Healthcare breaches remain the most expensive across industries, making PHI sprawl across ETL layers a material risk.
- On-prem or private cloud deployment, RBAC, row-level security, and audit logging are foundational HIPAA controls.
- Platforms like Knowi can connect directly to Clarity/Caboodle databases and FHIR REST APIs without requiring ETL pipelines or data flattening.
Table of Contents
- Why You Should Never Query the Live EHR for Dashboards
- How to Use FHIR APIs for EHR Analytics
- Key Clinical KPIs and Where to Find the Data
- HIPAA Compliance Architecture for EHR Dashboards
- How to Choose an Analytics Platform for EHR Data
- Step-by-Step: Building Your First EHR Dashboard
- AI and Natural Language Queries on EHR Data
- Frequently Asked Questions
Why You Should Never Query the Live EHR for Dashboards
Epic stores clinical data in Chronicles, a proprietary hierarchical database. Cerner uses Millennium as its transactional store. Both are optimized for clinical workflows, not analytical queries.
Running dashboard queries against these systems risks degrading clinician response times and may violate vendor support guidance. Analytics workloads should be isolated to dedicated reporting layers.
- Epic Clarity: A relational SQL database refreshed nightly for detailed operational reporting and historical analysis.
- Epic Caboodle: A dimensional warehouse built for dashboards, with pre-built subject areas across clinical and financial domains.
- Cerner ODS: Near-real-time relational views of Millennium data for operational reporting.
- Cerner HealtheIntent: A population health analytics platform for longitudinal, cross-facility analysis.
When to Use Which Data Source
| Data Source | Best For | Refresh Frequency | HIPAA Considerations |
|---|---|---|---|
| Epic Clarity | Detailed SQL reporting and custom joins across clinical domains | Nightly batch refresh | Typically on-prem, governed by Epic role-based security |
| Epic Caboodle | Dashboard-friendly dimensional analytics with curated subject areas | Nightly or configurable near-real-time | Inherits Epic security model |
| Cerner ODS | Operational dashboards requiring near-real-time visibility | Near-real-time | Runs within Cerner environment, governed by internal access controls |
| Cerner HealtheIntent | Population health and longitudinal analytics | Batch by data domain | Cloud-hosted, requires BAA and data governance review |
| FHIR R4 APIs | Standards-based integration and cross-vendor portability | Real-time or Bulk FHIR batch export | OAuth scopes and app-level controls required under Cures Act compliance |
How to Use FHIR APIs for EHR Analytics
The 21st Century Cures Act requires certified EHR vendors to expose standardized APIs. Epic and Cerner support FHIR R4 endpoints, enabling programmatic access to Patient, Encounter, Observation, and other resources.
FHIR for Analytics: What Works and What Does Not
Use FHIR APIs when you need standards-based access to specific resources and cross-vendor portability.
Avoid FHIR-only architectures when you need high-volume historical analytics across large encounter populations. Use Bulk FHIR ($export) or combine FHIR with Clarity, Caboodle, or ODS for performance at scale.
The Nested JSON Challenge
FHIR resources are deeply nested JSON documents. A single Encounter may contain arrays for diagnoses, participants, and locations.
Many traditional BI tools assume flat tables and require JSON flattening before ingestion. This adds ETL complexity and risks breaking encounter-level context.
Knowi natively queries REST APIs and handles nested, semi-structured JSON without pre-flattening. Queries run directly against source systems, and results can be joined across SQL, NoSQL, and API sources without an intermediate warehouse.
Key Clinical KPIs and Where to Find the Data
Engineering teams often know the KPI but not the system of record. The table below maps common operational metrics to Epic, Cerner, and FHIR sources.
| KPI | Epic Source | Cerner Source | FHIR Resource |
|---|---|---|---|
| Average Length of Stay | Clarity PAT_ENC_HSP, Caboodle EncounterFact | ODS ENCOUNTER | Encounter period |
| ED Throughput | Clarity ED tables, Caboodle EDFact | ODS CLINICAL_EVENT and ENCOUNTER | Encounter with emergency type |
| 30-Day Readmissions | Caboodle ReadmissionFact or custom Clarity query | HealtheIntent measures | Encounter with readmission indicators |
| Medication Administration Compliance | Clarity MAR tables | ODS medication events | MedicationAdministration |
| Revenue Cycle Metrics | Clarity ARPB, Caboodle ClaimFact | ODS charge and transaction tables | Claim, ExplanationOfBenefit |
HIPAA Compliance Architecture for EHR Dashboards
The HIPAA minimum necessary standard requires limiting PHI access to what is required for the purpose. Architecture decisions directly impact compliance posture.
Five Controls Every Architecture Needs
- On-prem or private cloud deployment: Keep PHI inside your controlled infrastructure boundary.
- Row-level security: Restrict patient-level visibility by department or role.
- Role-based access control: Separate dashboard viewing, authoring, and data export permissions.
- Audit logging: Log every query, export, and dashboard access event.
- De-identification controls: Apply Safe Harbor or Expert Determination methods where appropriate.
Architectures that copy PHI across multiple ETL stages increase risk exposure. According to IBM’s 2025 Cost of a Data Breach Report, healthcare remains the most expensive industry for breaches. Minimizing data movement reduces breach surface area and governance complexity.
How to Choose an Analytics Platform for EHR Data
| Capability | Tableau / Power BI | Epic SlicerDicer | Health Catalyst / Arcadia | Knowi |
|---|---|---|---|---|
| Direct SQL connection to reporting layers | Supported via connectors | Native to Epic | Via proprietary ingestion pipelines | Direct SQL connectivity without ETL requirement |
| FHIR REST API connectivity | Requires custom connectors or middleware | Not designed for external FHIR analytics | Vendor-specific implementations | Native REST API connectivity |
| Nested JSON handling | Typically requires flattening before ingestion | Not applicable | Handled inside managed pipelines | Native nested JSON querying and array expansion |
| On-prem deployment | Supported via server editions | Epic-hosted environments | Varies by contract | Cloud-managed, on-prem, or hybrid deployment options |
| AI/NLQ without external LLM calls | Cloud-routed AI features | No native NLQ | Vendor-dependent | Private AI runs entirely inside deployment |
| Cross-source joins | Requires warehouse consolidation | Epic-only data | Within managed warehouse | Joins SQL, NoSQL, and APIs without intermediate warehouse |
Step-by-Step: Building Your First EHR Dashboard
Step 1: Define a Single Operational Use Case
Start with a focused dashboard such as ED throughput or length of stay. Confirm the KPI definition with clinical stakeholders before querying data.
Step 2: Select the Appropriate Data Layer
Use Clarity, Caboodle, or ODS for operational reporting. Use FHIR APIs for standards-based integration or cross-vendor portability.
Step 3: Connect Without Adding Unnecessary ETL
Choose a platform that queries reporting layers or APIs directly. This reduces time to deployment and limits PHI replication.
Step 4: Configure HIPAA Controls First
Enable row-level security, define roles, and activate audit logging before expanding user access.
Step 5: Validate With Clinical Stakeholders
Validate calculations against trusted benchmarks. Iterate on filters, drill-downs, and alerts based on workflow needs.
AI and Natural Language Queries on EHR Data
Healthcare teams increasingly want NLQ and predictive analytics. Many AI-enabled BI tools route queries to external cloud LLMs, creating additional PHI governance considerations.
Knowi offers Private AI that runs entirely inside the deployment environment. No PHI is sent to external LLM providers, and NLQ queries are processed locally with audit logging.
Schedule a healthcare analytics demo to see how direct SQL and FHIR connectivity can be deployed within your HIPAA boundary.
Frequently Asked Questions
What is the safest way to query Epic data for analytics dashboards?
Use Epic Clarity or Caboodle, not Chronicles. Apply row-level security and audit logging within your analytics platform.
Can I build dashboards using only FHIR APIs?
Yes for targeted use cases. For high-volume analytics, combine FHIR with Clarity, Caboodle, or ODS.
Do I need a separate data warehouse?
Not always. Caboodle and HealtheIntent function as built-in warehouse layers, and some analytics platforms can query reporting databases directly.
How do I reduce PHI sprawl in analytics?
Minimize ETL copies, limit exports, and enforce row-level security and audit logging at the analytics layer.
Can I run AI queries on PHI without sending data to a third party?
Yes, if the analytics platform supports fully on-prem AI execution. Private AI deployments process NLQ inside your environment without external LLM calls.
What is the difference between Chronicles, Clarity, and Caboodle?
Chronicles powers live clinical workflows. Clarity is a relational reporting database refreshed from Chronicles. Caboodle is a dimensional warehouse optimized for dashboards.