Some of the wording may be confusing, but the distinction is around whether the information is provided by or is shown to the patient. As a system app, the data is expected to be shown to providers and any data written to the chart will be expected to have come from a provider authorization, even if the provider didn't enter the information directly. In our documentation around the secure sandbox [1], we actually specify it as "Non-Patient" and "Patient Access". In your case, it would be considered a Provider application.
-Aaron (Cerner)