WHAT IS INTEROPERABILITY AND WHAT DOES IT MEAN FOR YOU?
Interoperability gives people access to their health information when they need it most, and in a way that they can best use it.
What does this mean for you as a member of University of Utah Health Plans? This means you will have access to your health information in a new way. This regulation requires that health Plans like University of Utah Health Plans enable patients through independent third-party applications (apps) on computer and mobile devices, and with your authorization, to access your health information maintained by University of Utah Health Plans.
HOW DOES THIS NEW REGULATION CHANGE HOW YOU GET YOUR HEALTH INFORMATION?
Interoperability allows you to access your electronic health information through a third-party app, which you can then view on a personal computer or mobile device.
WHAT ARE IMPORTANT THINGS YOU SHOULD CONSIDER BEFORE AUTHORIZING AN APP TO RETRIEVE YOUR HEALTH CARE DATA?
- What health data will this app collect?
- Will this app collect any of your non-health data from your device, such as your location?
- Will your data be stored in a de-identified or anonymized form?
- How will the app use your data?
- Will the app disclose your information to third parties?
- Will the app sell your data for any reason, such as advertising or research?
- Will this app share your data for any reason? If so, with whom? For what purpose?
- How can you limit this apps use and disclosure of your data?
- What security measures does this app use to protect your data?
- What impact could sharing your data with this app have on other, such as your family members?
- How can you access your data and correct inaccuracies in data retrieved by the app?
- Does this app have a process for collecting and responding to user complaints?
- If I you no longer want to use the app, or if you no longer want the app to have access to your health information, how do you terminate the app’s access to your data?
- What is the app’s policy for deleting your data once you terminate access? Do you have to do more than just delete the app from your device?
- How does this app inform you of changes that could affect its privacy practices?
If the app’s privacy policies and terms of conditions do not clearly answer the questions above, you should reconsider using the app to access your health information. Health information is very sensitive, and you should be careful to choose apps with strong privacy and security standards to protect your health information.
CAN I USE A THIRD-PARTY APP THAT HAS NOT BEEN REGISTERED WITH UNIVERSITY OF UTAH HEALTH PLANS?
You can download any third-party app, but it will not be able to access your health data until it has completed a registration process with University of Utah Health Plans. If that app does not meet our security standards, we will not share your health information.
How do you access your health information?
How to access your health information?
As a member of University of Utah Health Plans, you can access your health information by following the steps outlined below:
- Register in “MyChart” if you do not already have an account.
- Download an application using either the Google Play Store or the iStore.
- Once you’ve chose and downloaded a third-party app, you will be directed to sign into your “MyChart” account using your “MyChart” id and password. Once you have successfully logged in, a screen will appear asking you to give the third-party app access to your health data.
- Login to the application using your “MyChart” credentials and provide consent to access your health information.
* You must check to see if the app has created a connection to University of Utah Health Plans.
HOW WILL YOUR HEALTH INFORMATION BE USED BY THE THIRD-PARTY APP?
How do you removed an app from your MyChart?
If you think, your data is unsafe with the third-party app or just want to stop accessing your data on the third-party app you can remove that app’s access by removing the apps access to your account.
You first must login to your “MyChart” account and navigate to “Share My Record”. After navigating to “Share My Record you will select “View Device Connections.” Under “Services Accessing My Account”, you will see the third-party apps that you have given permission to access your data. Click on “Remove Access.”
If you have questions, you call University of Utah Health Plans Customer Service at 888-271-5870 or the number on the back of your ID card.
Is there a cost associated with downloading and using a third-party app?
There could be. Before you download the third-party app, it should tell you if there are any associated costs.
What health information can you access?
As a University of Utah Health Plans member, you have access to the below information as long as we maintain it in our records:
- Claims submitted by your provider
- Lab and Diagnostic reports
- Medicine subscription data
- Prior Authorization requests
WHAT SHOULD YOU CONSIDER IF YOU ARE PART OF AN ENROLLMENT GROUP?
You may be part of an enrollment group where you share the same health plan as other members of your tax household. This is common for individuals who are covered by Qualified Health Plans (QHPs) on the federally facilitated Exchanges (FFEs), otherwise known as the marketplace. Often, the primary policyholder and other members of the household, can access information for all members of an enrollment group unless a specific request is made to restrict access to member data. You should be informed about how your data will be accessed and used if you are part of an enrollment group based on the enrollment group policies of your health plan in your state. If you share a tax household but do not want to share an enrollment group, you have the option of enrolling individual household members into separate enrollment groups, even while applying for Exchange coverage and financial assistance on the same application however, this may result in higher premiums for the household and some members, (i.e. dependent minors, may not be able to enroll in all QHPs in a service area if enrolling in their own enrollment group) and in higher out-of-pocket expense if each member has to meet a separate annual limitation non cost sharing (i.e., Maximum Out-of-Pocket (MOOP)).
WHAT ARE YOUR RIGHTS UNDER THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT (HIPAA) AND WHO MUST FOLLOW HIPAA?
The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) enforces the HIPAA Privacy, Security, and Breach Notification Rules, and the Patient Safety Act Rule. You can find more information about patient rights under HIPAA and who is obligated to follow HIPAA here:
You may also want to refer to the HIPAA FAQs for Individuals which can be found here:
ARE THIRD-PARTY APPS COVERED BY HIPAA?
The FTC provide information about mobile app privacy and security for consumers here:
How Websites and Apps Collect and Use Your Information.
WHAT SHOULD YOU DO IF YOU THINK YOUR DATA HAS BEEN BREACHED OR AN APP HAS USED YOUR DATA INAPPROPRIATELY?
University of Utah Health Plans (UUHP) Notice of Privacy Practices can be found here:
Notice of Privacy Practices
UUHP’s Notice of Privacy Practices provides guidance to file a complaint with our internal privacy office.
You can learn more about filing a complaint with OCR under HIPAA here:
You may also file a complaint with OCR using the OCR complaint portal:
You may file a complaint with the FTC using the FTC complaint assistant: