Skip to Main Content

Improving Patient Access

Connecting Your Healthcare

New Options For Managing Your Digital Medical Records

Imagine:

  • You go to a new healthcare provider because you don’t feel well and that provider can pull up your health history from the past five years.
  • The provider uses that information to diagnose you and quickly finds the right specialist by checking an up-to-date provider directory.
  • You have a question about a claim, so you go to your computer and see if it’s paid, denied, or still being processed.

Starting in 2021, a new federal rule will make it easier for MHS members* to do all of this and more.

The Interoperability and Patient Access rule (CMS-9115-F) puts members first by giving you control and easy access to your health information when you need it most. Access to your health information lets you better manage your health and know what care resources are available to you.

THE NEW RULE MAKES IT EASY TO FIND INFORMATION** ON:

  • claims (paid and denied)               
  • provider appointments
  • past test results                                
  • health status
  • your cost of care                              
  • specific parts of your clinical information
  • healthcare providers                        
  • pharmacy directory data***

Patient Demographics

  • first name
  • last name
  • previous name
  • middle name
  • suffix
  • birth sex
  • date of birth
  • race
  • ethnicity
  • preferred language

Allergies & Intolerances

  • substances (medications)
  • substances (drug class)
  • reactions

New Demographics

  • current address
  • previous address
  • phone number
  • phone number type
  • email address

Clinical Notes

  • consultation notes
  • discharge summary notes
  • history & physical notes
  • imaging narrative
  • laboratory report narrative
  • pathology report narrative
  • procedure notes
  • progress notes

Vital Signs ****

  • body height
  • body weight
  • BMI percentile
  • blood pressure
  • heart rate
  • respiratory rate
  • body temperature

Health Concerns

Immunizations

Procedures

Medications

Laboratory Tests & Results

Assessment & Treatment Plan

Care Team Members

* Applies to Medicare Advantage, Medicaid and CHIP Managed Care, and federally funded ACA exchange plans.

** Data will be available for dates of service on or after Jan. 1, 2016.

*** For Medicare Advantage Prescription Drug (MAPD) plans.

**** Vital Signs maintained by the Health Plan will be available.

Having your health information in one place helps you and your providers understand your health better so you can make more informed decisions. This can help improve your health outcomes and often reduces care costs. This information will follow you to any provider or health plan in the future.

At MHS, your privacy and the security of your PHI is a top concern. The new rule allows you to look up your information using a mobile app from a third-party vendor. This vendor has no connection to MHS. We will give you information about:

  • what to consider when selecting an app
  • the ways your data can be used by the third party
  • the importance of understanding the security and privacy practices of the app.

 We will also give you information on which federal agencies you can contact if you feel your rights to privacy have not been protected.

The CARIN Alliance is a team made up of members, care providers, insurance experts and healthcare policy experts. The team does not act in favor of or against any political party, industry or business.  The team works to create standards for health application privacy. You can learn more about their standards on the on the CARIN Alliance website. The CARIN Code of Conduct is a set of best practices that some mobile app creators have agreed to adopt to protect your health information.  We will require all mobile app creators to prove they will follow privacy standards detailed in the CARIN Code of Conduct.  Visit My Health Application for a list of apps that have pledged to meet the CARIN Code of Conduct.

Find a trusted app. Visit My Health Application for a list of apps that follow the CARIN Code of Conduct. By following this, they are upholding strict privacy and security standards.

Download the app. You can find and load apps through the Google Play Store (Android) and the App Store (iOS). There are also web apps are available for computers.

Make your account. Follow the instructions in the app that you choose to sign up and link your health information.

Use your information to manage your healthcare. Now you have the information you need to make the best care decisions for yourself.

Check out the Frequently Asked Questions or call Member Services at 1-877-647-4848 (TTY 1-800-743-3333).

Call MHS at 1-877-647-4848 (TTY 1-800-743-3333) or visit mhsindiana.com.

For more information on CMS Policies and Technology for Interoperability and Burden Reduction visit the CMS website.

Any health information maintained by the Health Plan with a date of service January 1, 2016 or later will be available to you.

You will have access to your health information, no matter what health plan or provider you go to.

Yes, you can use an app to see what shots you’ve had with a date of service January 1, 2016 or later.

No, the app you use will not be affiliated with MHS.  You may also visit My Health Application for a list of apps that have agreed to follow to the CARIN Code of Conduct. Attesting to follow the code means they meet strict privacy and security guides. Follow the instructions on the app to link it with your health record.

There may be some apps that don’t follow all the privacy guides. We will let you know which apps follow the CARIN guidelines. If you have already chosen an app prior to us getting a response from the app creator on their privacy policies, you will have a chance to choose another app within a certain timeframe. We suggest that you request a Notice of Privacy Practices from the app. If the app does not provide you with a Notice of Privacy Practices, we recommend that you choose a different app. You may also visit My Health Application for a list of trusted apps.

Starting July 1, 2021, you will be able to access your MHS information through the apps.

No, you do not have to use an app to access this info. You can contact your provider or health plan for the information you need.

The app will collect your health data including, but not limited to:

  • your claims
  • medications
  • diagnoses
  • procedures
  • doctor visits

When you enroll in the app, you are giving your permission for the app to collect this information.

Apps do have the ability to track and store non-health data such as location. Some give you a choice whether or not to provide that information. We recommend that you ask your app provider.

Asking for your health data via an app could possibly include the health data of family members who are linked with your health account.

To correct mistakes, you will need to reach out to your provider or health insurance company. The health app only makes data available from healthcare sources. The app does not create this data.  If the app is showing incorrect information that was not sent to the app then the app must correct this problem.

We recommend that you ask the app provider for their notice of privacy and security practices.

Most apps will not be covered by HIPAA. Most apps will fall under the authority of the Federal Trade Commission (FTC) and the protections provided by the FTC Act. The FTC Act, among other things, protects against deceptive acts. An example of this would be, if an app shares personal data without your permission, even though they have a privacy policy that says it will not do so.

The FTC provides information about mobile app privacy and security for consumers on the FTC consumer information website

For apps that are subject to HIPAA, you can find more information about patient rights under HIPAA and who is obligated to follow HIPAA

You can also see the HIPAA FAQs for Individuals.

We recommend that you ask for a Notice of Privacy Practices from the app provider to understand your rights.

We recommend that you request a Notice of Privacy Practices from the app creator. This will outline what that company does when there has been a privacy or security breach. You have the right to file a complaint with enforcement agencies including the Office for Civil Rights (OCR) and the Federal Trade Commission (FTC).

Most apps will not be considered covered entities under HIPAA. Most apps will instead fall under the jurisdiction of the Federal Trade Commission (FTC) and the authority of the FTC Act. The FTC Act protects against deceptive acts.  An example of this would be if an app shares personal data without permission, even though they have a privacy policy that says they will not do so.

Learn more about filing a complaint with OCR under HIPAA.

You can file a complaint with OCR using the OCR complaint portal.

You can file a complaint with the FTC using the FTC complaint assistant

Although the purpose of the app is for you to be able to see your data in one place, we suggest that you request a Notice of Privacy Practices. The Notice of Privacy Practices will outline how the app will use your data.

We recommend that you request a Notice of Privacy Practices from the app provider to understand if the app will share your data with third parties.

We recommend that you request a Notice of Privacy Practices from the app provider to understand what happens to your data after you stop using the app.

We recommend that you request a Notice of Privacy Practices from the app provider to understand what happens to your data after you stop using the app.

The best way to stop sharing data is through the Third Party Application or by reaching out to the Third Party Application support team. If you are not able to stop sharing data through the Third Party Application or using the Third Party Application Support then you may call MHS member services for assistance.

We recommend that you request a Notice of Privacy Practices from the app provider to understand if the app will share your data with third parties for advertising and research.

App providers may respond to user complaints in different ways. We recommend that you ask this question to your app provider.

We recommend that you request a Notice of Privacy Practices from the app provider to understand how the app stores your data.

We recommend that you request a Notice of Privacy Practices and additional information on security practices from the app provider to understand how they handle a security incident.

We recommend that you request a Notice of Privacy Practices from the app provider to understand how you can limit the use and release of your data.

Last Updated: 08/05/2021