Health Data Rules and What They Do
Known as the Interoperability and Patient Access Rules, the new regulations have two goals:
- Update how health plans, providers, and patients share information.
- Let you decide who can see your health information.
What This Means for You
You control who can see your information. That includes health care claims, doctor visits, health care benefits, and more.
Why Share Your Data
It can help health plans and providers get on the same page. The new rule allows you to use apps to see data we have from providers. When they can freely — and safely — share data, it allows all parts of your care to work together. And that may help you get better care at lower costs.
Third parties may not be subject to HIPAA or other federal or state privacy laws. They may use your data in ways you don't know about or don't want. So take time to think about who you want to have access to it. Only share it with third parties that you trust.
Medica won't share your data unless you authorize it or unless otherwise required or permitted by law. If you ask Medica to share your data with a third party, Medica can no longer protect or control what happens to the shared data. We encourage you to read and understand the privacy policies of any third party before authorizing Medica to send your data to the third party.
Note: Not everyone can choose to share their health-care data.
You can choose to share your data if you have one of these health insurance plans:
- Individual and family
- Medicare Advantage
Things You Should Consider When Selecting an App to Share Your Data
- Will this app sell my data for any reason?
- Will this app disclose my data to third parties for purposes such as research or advertising?
- How will this app use my data? For what purposes?
- Will the app allow me to limit how it uses, discloses, or sells my data?
- If I no longer want to use this app, or if I no longer want this app to have access to my health information, can I terminate the app's access to my data? If so, how difficult will it be to terminate access?
- What is the app's policy for deleting my data once I terminate access? Do I have to do more than just delete the app from my device?
- How will this app inform me of changes in its privacy practices?
- Will the app collect non-health data from my device, such as my location?
- What security measures does this app use to protect my data?
- What impact could sharing my data with this app have on others, such as my family members?
- Will the app permit me to access my data and correct inaccuracies?
- Does the app have a process for collecting and responding to user complaints?
What You Need To Do
As you're using your favorite apps, you may be asked to share your health information. If you decide to share your information with any third-party apps, here's an easy process to let you choose when and where you want to share your health data.
- Step 1: Sign in to your Medica member account
- Step 2: Share your data through your third-party app
See where your data is being shared
- You can access your data-sharing preferences through the Help Center in the member portal navigation.
- Find the question, "How can I see which apps I'm sharing data with?"
- Then click on the "data sharing preference" link.
- This link will take you directly to the page where you can opt to stop sharing your data.
How an authorized personal representative can ask for access to health data
If you're an approved personal representative* for a member, you can set up an account to see their health data on any connected apps. It’s an easy two-step process. First, create a personal representative user account. Then call Member Services at 1 (800) 952-3455 (TTY: 711) to set up permissions.
*Before we can grant permission, we’ll need to make sure the correct forms are on file or confirm you’re an authorized family member. If you have questions, contact Member Services at 1 (800) 952-3455 (TTY: 711).
How to Stop Sharing Data
Your data will be shared for one year after authorizing the app. At one year, your data sharing will automatically stop. The apps will likely ask you if you'd like to continue sharing your data. At that time, you need to make a decision.
There are two ways to stop sharing your data:
- To stop sharing data with an app, simply go to your Medica.com account, find the data sharing page under My Account, and uncheck the permission sharing box. Once you save your changes, you're no longer sharing your health data. The change is immediate.
- You may also be able to stop data sharing via the third party app – each app will have a different method to stop sharing data.
If Medica has already shared data based on your authorization, your request to stop sharing will not work for data already shared.
Covered Entities and HIPAA Enforcement
The U.S. Department of Health and Human Services' Office for Civil Rights (OCR) enforces the HIPAA Privacy, Security, and Breach Notification Rules. Medica Health Plans is subject to HIPAA as are most healthcare providers, such as hospitals, doctors, clinics, and dentists. You can find more information about your rights under HIPAA and who is obligated to comply with HIPAA for individuals. To learn more about filing a complaint with OCR related to HIPAA requirements, visit U.S. Department of Health & Human Services website.
Apps and Privacy Enforcement
An app generally will not be subject to HIPAA. An app that publishes a privacy notice is required to comply with the terms of its notice, but generally is not subject to other privacy laws. The Federal Trade Commission Act protects against deceptive acts (such as an app that discloses personal data in violation of its privacy notice). An app that violates the terms of its privacy notice is subject to the jurisdiction of the Federal Trade Commission (FTC). The FTC provides information about mobile app privacy and security for consumers. If you believe an app inappropriately used, disclosed, or sold your information, you should contact the FTC. You may file a complaint with the FTC using the FTC complaint assistant.