A new way to access your health data
Providence Health Assurance is now providing members a secure way to access and share health information through a third party application (app) of their choosing.
Providence Health Assurance has created a streamlined process to access your health data electronically with a third party app of your choosing.
This new streamlined process will allow you to easily access your claims information including cost, clinical/case management data and your plan’s drug list and provider directory.
It is important for you to take an active role in protecting your own health data when choosing a third party app.
You should review their privacy policy to understand how the app will use your data. If an app does not have a privacy policy, you should reconsider using the app to access your health information. Health information is very sensitive information, it is important to choose an app with strong privacy and security standards to protect your health data.
What you should consider when choosing a third-party app:
- What health data will this app collect?
- Will this app collect non-health data from my device, such as my location?
- Will my data be stored in a de-identified or anonymized form?
- How will this app use my data?
- Will this app disclose my data to third parties?
- Will this app sell my data for any reason, such as advertising or research?
- Will this app share my data for any reason? If so, with whom? For what purpose?
- How can I limit this app’s use and disclosure of my data?
- What security measures does this app use to protect my data?
- What impact could sharing my data with this app have on others, such as my family members?
- How can I access my data and correct inaccuracies in data retrieved by this app?
- Does this app have a process for collecting and responding to user complaints?
- If I no longer want to use this app, or if I no longer want this app to have access to my health information, how do I terminate the app’s access to my data?
- What is the app’s policy for deleting my data once I terminate access?
- Do I have to do more than just delete the app from my device?
- How does this app inform users of changes that could affect its privacy practices?
At Providence, we ask for attestations from third-party apps.
Understanding the Health Insurance Portability and Accountability Act (HIPAA) and your rights
What are a patient’s rights under the Health Insurance Portability and Accountability Act (HIPAA) and who must follow HIPAA?
The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) enforces the HIPAA Privacy, Security, and Breach Notification Rules, and the Patient Safety Act and Rule. You can find more information about patient rights under HIPAA and who is obligated to follow HIPAA here: https://www.hhs.gov/hipaa/for-individuals/guidance-materials-for-consumers/index.html
Additionally you can find HIPAA FAQs for Individuals here: https://www.hhs.gov/hipaa/for-individuals/faq/index.html
Are third-party apps covered by HIPAA?
Most third-party apps will not be covered by HIPAA. Most third-party apps will instead fall under the jurisdiction of the Federal Trade Commission (FTC) and the protections provided by the FTC Act. The FTC Act, among other things, protects against deceptive acts (e.g., if an app shares personal data without permission, despite having a privacy policy that says it will not do so).
The FTC provides information about mobile app privacy and security for consumers here: https://consumer.ftc.gov/articles/how-protect-your-privacy-apps
What should a member do if they think their data has been breached by a third-party app or has used their data inappropriately?
You may report your concern to Providence Health Assurance by calling the Privacy Program at: 503-574-7770
Contacting support outside of Providence Health Assurance
You may notify the Office for Civil Rights, U.S. Department of Health and Human Services if you believe your privacy rights have been violated. We will not take any action against you for filing a complaint.
You may file the complaint at the Office for Civil Rights at:
Office for Civil Rights
U.S. Department of Health and Human Services
200 Independence Avenue, S.W.
Room 509F, HHH Building
Washington, D.C. 20201
OCR Hotline-Voice: 1-800-368-1019
E-mail: OCRComplaint@hhs.gov
Website: Office for Civil Rights https://www.hhs.gov/ocr/index.html.
To learn more about filing a complaint with OCR under HIPAA, visit: https://www.hhs.gov/hipaa/filing-a-complaint/index.html
Individuals can file a complaint with OCR using the OCR complaint portal:
https://ocrportal.hhs.gov/ocr/smartscreen/main.jsf
Individuals can file a complaint with the FTC using the FTC complaint assistant:
https://www.ftccomplaintassistant.gov/#crnt&panel1-1
Medicare Provider Directory API:
https://fhir.phtech.com/php/provider/v1/fhir/swagger-ui/
Additional Questions?
myProvidence Help Desk
Toll free: 877-569-7768
Hours of operation:
Monday through Friday 8 a.m. to 5 p.m. PT
Webpage is current as of: 06/24/2024