Interoperability

Interoperability

Currently Available to PrimeTime Health Plan Medicare Advantage Members and Marketplace Members.

You may find a mobile app or computer program that requests access to your health information to help you monitor your personal health goals. As your health plan, we need to provide a way for you to download or pass along your health information to share that information with the app or program. Your health information must be able to move seamlessly between our programs and the programs you select. This process is called interoperability. Please review the key points below that further describe the functionality of interoperability and our responsibilities to meet those needs.

App Tutorial

 

 

Interoperability allows health information systems to work together within and across organizations. This ability will support effective delivery of healthcare for individuals and communities. It requires insurance companies to provide patient health information — things like claims, clinical information, and pharmacy and provider directories — in an electronic format that can be shared.

Interoperability allows members access to their health information on a mobile device or other electronic devices in a secure way for personal use. 

This information will be available to current members of PrimeTime Health Plan and AultCare Marketplace/Exchange health plans.

You are in control of your health information. You will have the ability to authorize the release of your data to a specified application (an app) designed for a mobile device of your choice so that you can view your data. Keep in mind, these apps are not owned and operated by AultCare. The AultCare website will have a link, which will allow an app to access an Application Programming Interface (API) in order to get to your information.

Health information is a private matter. You should be careful to choose apps with strong privacy and security standards to protect your information. AultCare have provided some questions, guidelines and suggestions for what members should consider when authorizing an app to access their information.

It is important for you to take an active role in protecting your health information. You should look for an easy-to-read privacy policy that clearly explains how the app will use your data. If an app does not have a privacy policy, you may not want to use the app.

You should consider:

  • What health data will this app collect? Will this app collect non-health data from my device, such as my location?
  • Will my data be stored in a de-identified or anonymized form?
  • How will this app use my data?
  • Will this app disclose my data to third parties?
    • Will this app sell my data for any reason, such as advertising or research?
    • Will this app share my data for any reason? If so, with whom? For what purpose?
  • How can I limit this app’s use and disclosure of my data? ‍
  • What security measures does this app use to protect my data?
  • What impact could sharing my data with this app have on others, such as my family members?
  • How can I access my data and correct inaccuracies in data retrieved by this app?
  • Does this app have a process for collecting and responding to user complaints?
  • If I no longer want to use this app, or if I no longer want this app to have access to my health information, how do I terminate the app’s access to my data?
  • What is the app’s policy for deleting my data once I terminate access? Do I have to do more than just delete the app from my device?
  • How does this app inform users of changes that could affect its privacy practices?

If the app’s privacy policy does not clearly answer these questions, you should reconsider using the app to access your health information. Health information is very sensitive information, and you should be careful to choose apps with strong privacy and security standards to protect it.

Here is a list of applications. Please visit "What to keep in mind when choosing an App" above, for more details.

 

You may have heard of HIPAA (Health Insurance Portability and Accountability Act). Many of us see HIPAA Privacy Policies when we go to our provider’s offices, etc. It is important for you to know that these Apps will not be covered by HIPAA. Most third party apps will instead fall under the FTC (Federal Trade Commission) and the FTC Act. This Act protects you against deceptive acts (like if an app shares personal data without permission). If you feel your data has been used inappropriately, you can contact AultCare at the bottom of the page. In addition, you can submit a complaint to the Office of Civil Rights (OCR) or FTC, as appropriate.

To learn more about filing a complaint, visit OCR under HIPAA

‍Individuals can file a complaint with OCR using the OCR complaint portal

‍Individuals can file a complaint with the FTC using the FTC complaint assistant

Health Plan Member Page

This page describes the CMS Patient Access API Mandate for Health Plan members, why it is a benefit to members, and outlines support channels for issues with sharing member data with 3rd party apps.
The 21st Century Cures Act and the CMS Patient Access API
In December 2016, a bill called the 21st Century Cures Act was signed into law, with several important goals, including improved interoperability between health information systems, and increased patient access to their own health data. This law also empowered the Centers for Medicare & Medicaid Services to create regulations to further this goal, which it did with the creation of the CMS Interoperability and Patient Access final rule (CMS-9115-F). In order to increase patients' access to their health data, the rule prohibits information blocking and requires health insurance plans to give members access and the ability to share their health plan data via an API endpoint with third-party applications of their choice. The deadline for health plans to comply with this mandate is July 1st, 2021.
What Does This Mean for You and Your Health Plan?
What this set of regulations means is that your health plan must make available all of your claims and clinical data contained in their systems via an API endpoint, where you can share this data with third-party applications of your choosing. Your health plan has contracted with 1upHealth, an industry leader in healthcare data integrations, and a cutting-edge data standard called FHIR, to give you access and the ability to share your data. When you wish to integrate your healthcare data with 3rd-party applications, such as MyCharts, Apple Health, or FitBit, you will connect through these applications to the 1upHealth platform, where you will confirm your identity to 1upHealth and your health plan by answering a few demographic questions and providing your email that is on file with your health plan. Once your identity is authenticated, your health plan will share your healthcare data with the 3rd-party application you have chosen, through the 1upHealth platform.
Why Share Your Data? Benefits and Risks
There are a host of benefits to this new ability to access and share your data. Take a look at our App Gallery, for a sampling of the 3rd party applications that are being developed to help you leverage this information. Some apps allow you to aggregate your data from multiple health systems to create a complete record of your interactions with different doctors and hospitals and even combine it with data you generate on your own from wearable devices like glucose meters, pedometers, or heart rate monitors. Some other common uses include prescription drug management, chronic disease management, nutrition tracking, and care coordination. Data sharing empowers you to have greater ownership of and visibility into your health data, and has the potential to improve both your health and the quality of care you receive from the health care system.
As with any interaction over the internet, these tremendous benefits are not without some level of risk. Your health plan takes your privacy and the security of your health information as seriously as you do. That's why your data will never be shared without your express permission. Your health plan safeguards your data throughout the process of sharing it in several ways, including using challenge questions and multi-factor authentication to confirm you - and no one else - can access and share your data. It is important to understand though, that once your data is shared with a 3rd party application, your health plan is no longer responsible for the security of that data. This is why it is important to read the privacy and security policies for any application you choose to share your data with, to ensure you understand how it is protected and used by that application.
How to Report Identity Theft and Fraud
If you believe an application that you've shared your data with is misusing that information in violation of their stated privacy policy, contact the Federal Trade Commission to investigate the matter by going to ReportFraud.ftc.gov or calling (877)-382-4357.
If you believe the privacy of your health care data has been violated, contact the federal Department of Health and Human Services Office of Civil Rights at: www.hhs.gov/ocr/complaints

Frequently Asked Questions

Common questions by Health Plan Members interested in providing access to their data.

What information do I need to authorize an application to see my health plan data?
There are two possible methods of authorizing an application to see your health plan data:
To provide access to your data to an application, you must create an account by providing your First Name, Last Name, Date of Birth, Member Plan ID, Zip code, and a unique email address.
If your health plan supports integration with their member portal, you will be presented with an authentication screen to enter your portal credentials, and a link to your health plan site in order to create a portal account.
If I have already authorized one application to see my health plan data, will I have to create another account to authorize a second application?
No. Once you have authorized one application to see your health plan data, you only have to authenticate using your email address and corresponding code to allow a second application to see the data.
What email is used to authorize an application to see my health plan data?
You must use the unique email address that you initially used to authorize and allow access to your data. An authorization code will be sent to the email address, and you will be required to enter it into the Health Plan application. If you do not remember the email address, contact your health plan to obtain the information.
Are the name fields case sensitive?
No.
How can I find my Member ID?
It is the member ID listed on the member ID card provided to you by your health plan. If you do not have this card, or if the number entered resulted in an error, contact your health plan support team.
I have authenticated and authorized successfully but I don't see any data or see a discrepancy in the data.
Contact the application developer via the support mechanism that they have provided on the application. The application developer will try to resolve the issue and if they are unable to, they will contact 1upHealth to troubleshoot together until the issue is resolved. Your application developer will provide progress of the issue until resolution.
What data can I share?
Your health plan has made available all claims, encounters, and clinical data (including laboratory results) that they control and maintain in their systems related to you as an individual. The availability of this data varies by health plan and individual member, and 3rd party applications will pull certain aspects of the data depending on the application's use. In general, the types of data you can expect to be available from your health plan might include: fully adjudicated medical and pharmacy claims, clinical lab results, care management documentation (e.g.health assessments, care goals), clinical measures such as vital signs (blood pressure, weight, height, smoking status, etc.), and provider and organization information related to care you have received. Review the app's documentation or contact your application support team in order to determine exactly what data they utilize from your health plan. Currently, you cannot choose to share only certain aspects of your data; if you authorize data-sharing, the app will have full access to any data your health plan makes available.
I am not able to see data from within the last week.
Recent updates to your claims or clinical data may not appear right away. Check again in one week. If you still cannot find the data, contact the application developer via the support mechanism they have provided. The application developer will try to resolve the issue or contact 1upHealth to troubleshoot together until the issue is resolved. Your application developer will provide progress of the issue until resolution.
Where can I find available applications?
Here is a list of applications Please visit "What to consider when choosing an App" above for more information.
I am a personal representative for another member (parent of a child, legal power of attorney, etc). How do I obtain access to the member's data?
Contact your health plan to find out what is required to obtain access to the dependent member's data.

For Third-Party Developers interested in connecting to AultCare’s Interoperability APIs, please click here for more information.