Delete Patient Data

You can use the 1up Purge endpoint to delete resources for a 1up user ID for a specific FHIR® version (DSTU2, STU3, or R4) from the 1up FHIR Server. You can delete all resources or apply parameters to delete specific resources. When you delete resources, the Purge operation also deletes the resource history versions.

The Purge operation cannot be undone and the resources you delete cannot be recovered. We recommend that you use extreme caution with the Purge operation.

You can access the Purge endpoint using either a Bearer token, or using header-based authentication.

The client ID and client secret you use in the request defined below must have created the 1up user ID which you are attempting to purge data from. You can't purge the data for a 1up user that you didn't create under your own application (client ID and client secret).

If you don’t specify the _type and or _before parameter, the Purge endpoint deletes all of the FHIR resources (all types) for the specified 1up user for a particular FHIR version (DSTU2, STU3, or R4). If you specify the _type parameter, only resource of that resource type are deleted. If you specify the _before parameter, all resources with a meta.lastUpdated date that is less than the date you specify in the _before filter are deleted.

Purge doesn’t delete the 1up user, which remains in the FHIR Server after the Purge operation completes, but without the FHIR resources you deleted.

You cannot use Purge to delete all of the resources for a user with a large volume of resources (such as 400K patients). A request of this size won’t complete because the synchronous Purge request can only run for 30 seconds before it times out.

When you receive a timeout, resources that were deleted before the request timed out remain deleted. You can run the same Purge operation again until the amount of remaining resources to purge can be deleted within the 30 second time limit.

Purge Data with Bearer Token Authentication

You can connect to the Purge endpoint and start a Purge operation using a 1up access token.

If you don’t already have an access token, follow the steps in Authentication & Authorization APIs to get a token.

After you get your access token, you can send your Purge request.

DELETE  https://api.1up.health/{fhirVersion}/purge

Use this endpoint delete all FHIR® resources for the specified fhirVersion (DSTU2, STU3, R4) for a single 1up user.

Parameters

Query    
_type string

Specify FHIR resource types to purge. Separate multiple resources with a comma.

Example — _type=Patient,Observation

_mode

 

Set the _mode query parameter to dryrun to get the number of resources that will be deleted without deleting them.

Example — _mode=dryrun

_before

 

Specify FHIR resources to purge by meta.lastUpdated in the resource. The _before filter allows users to purge all resources with a meta.lastUpdated older than the passed-in date.

For example, _before=2022-01-01 purges all resources with a meta.lastUpdated value that is older than Jan. 1, 2022. This filter works with the _type resource filter.

If you don’t include _before or _type , the Purge endpoint deletes all for the FHIR version you specify for the single 1up user ID.

Header    
Bearer   Token

Responses

200: OK 
{
    "resourceType": "OperationOutcome",
    "id": "xxxxx",
    "issue": [
        {
            "severity": "information",
            "code": "deleted",
            "details": {
                "text": "purged user data"
            }
        }
    ]
}
 
curl --location --request DELETE 'https://api.1up.health/r4/purge' \
--header 'Authorization: Bearer zzzz'

Purge Data with Header Authentication

You can connect to the Purge endpoint and start a Purge operation for a 1up user ID with header authentication.

If you don’t have the oneup_user_id for your app_user_id, follow the steps in User Management APIs to get the user ID.

After you get the user ID, you can send your Purge request.

DELETE  https://api.1up.health/{fhirVersion}/purge

Use this endpoint delete all FHIR® resources for the specified fhirVersion (DSTU2, STU3, R4) for a single 1up user.

Parameters

Query    
_type string

Specify FHIR resource types to purge. Separate multiple resources with a comma.

Example — _type=Patient,Observation

_mode

 

Set the _mode query parameter to dryrun to get the number of resources that will be deleted without deleting them.

Example — _mode=dryrun

_before

 

Specify FHIR resources to purge by meta.lastUpdated in the resource. The _before filter allows users to purge all resources with a meta.lastUpdated older than the passed-in date.

For example, _before=2022-01-01 purges all resources with a meta.lastUpdated value that is older than Jan. 1, 2022. This filter works with the _type resource filter.

If you don’t include _before or _type , the Purge endpoint deletes all for the FHIR version you specify for the single 1up user ID.

Header    
client_id    

client_secret

 

 

x-oneup-user-id

 

 

Responses

200: OK 
{
    "resourceType": "OperationOutcome",
    "id": "xxxxx",
    "issue": [
        {
            "severity": "information",
            "code": "deleted",
            "details": {
                "text": "purged user data"
            }
        }
    ]
}
 
curl --location --request DELETE 'https://api.1up.health/r4/purge' \
--header 'client_id: xxx' \
--header 'client_secret: yyy' \
--header 'x-oneup-user-id: 11111'