Interoperability FAQs
What is interoperability?
Interoperability is the ability for different information systems, devices, and third-party applications (apps) to access, exchange, integrate, and use health care data in a coordinated way.
The Centers for Medicare & Medicaid Services (CMS) have given specific rules for interoperability. These rules require data from health insurance companies to be formatted and presented in a consistent way, so that systems that are allowed to use the data can do so in a standard format.
What are third-party apps?
Third-party apps are companies or organizations that aren’t related to CHPW.
What is a Patient Access Application Programming Interface (API)?
Interoperability requires CHPW to implement a Patient Access Application Programming Interface (API) for your health information. An API enables apps to communicate with each other and share data. APIs are a set of defined rules that explain how apps communicate with each other and act as an intermediary layer that processes the data transfer between systems easily and securely.
You can take advantage of this capability by downloading a web-enabled app on your smart phone, tablet, computer, or other similar device and checking to see if the app has a connection to CHPW. If the app has a connection, you can authorize the app to access your health information.
What are some benefits of interoperability?
The goal of you controlling your health information is to provide options for how you can make better use of your information. For example:
- You might install an app that shows you where to find your prescription for the lowest price in your area, or a list of nearby pharmacies that accept your insurance.
- You could install an app that tracks your fitness
- You might install an app that shows your plan benefits, prior authorization status for services you’ve requested, and more plan information
Basically, interoperability lets you share health care data from your providers with a third-party app, so you can access and use that data.
How do I give an app access to my health data from CHPW?
Third-party apps cannot access your CHPW health information unless you give permission.
Here’s how to set up a third-party app to access to your health information:
- The app will prompt you to allow access.
- A CHPW logon page will pop up, where you’ll enter your username and password for the Interoperability Access Portal.
- You will then be prompted to allow the app to access your health information.
- Once you’ve allowed access, you ‘will see your health information within the app.
If you don’t have a username and password for the Interoperability Access Portal, you’ll need to create an account before you allow a third-party app access.
Can other people access my data?
Only the people you authorize can access your health information through a third-party app. Interoperability provides certain controls CHPW must implement around access to your health information.
No one else can authorize this access unless they have legal authority to act on your behalf (e.g., a power or attorney, legal guardian).
What does CHPW do to protect my health information?
The Health Insurance Portability and Affordability Act (HIPAA) requires CHPW to protect your health information within our systems. We do that by strictly controlling who can access your information, and by encrypting all our data.
In addition, CHPW ensures that health information is protected by strong authentication and encryption while transmitting to third-party apps.
You can learn more about your rights under HIPAA and how CHPW uses and protects your health information by reviewing our Notice of Privacy Practices.
How does an app protect my personal health data?
Unlike CHPW, third-party apps do not follow HIPAA.
Instead, each third-party app creates a Privacy Policy or other policies that explain how they will use your health information and whether they can sell your health information to others. These policies control what they will do with your data, so it is importation that you understand what you are agreeing to when you download a third-party app.
The Federal Trade Commission (FTC), the nation’s consumer protection agency, has issued the Health Breach Notification Rule to require certain businesses not covered by HIPAA to notify their customers and others if there is a breach of unsecured, individually identifiable electronic health information. You can find more information about this rule on the FTC website.
What kind of health information is shared to third-party apps?
By authorizing a third-party app to access your health information through the Patient Access API, you are agreeing to allow CHPW to disclose ALL your health information, which includes:
- Your name
- Your address
- Diagnoses, treatments, and claims
- Data about services given by providers
- Clinical data collected during case management and care coordination
- Sensitive information, such as information related to treatment for Substance Use Disorders, mental health treatment, HIV status, and more
How far back will this data go?
CHPW will include information collected while you’ve been enrolled with CHPW, as far back as January 1, 2016.
What do I do if I no longer want my health information shared?
You can revoke an app’s access to your health data. You can revoke an individual’s access, even if you granted access previously.
To do this log into https://interoperability.chpw.org/ and remove authorization for each third-party app or individual you no longer wish to have access. You can also contact CHPW’s Customer Service department at 1-800-461-5738 (TTY Relay: Dial 711) for help.
Important: You will need to contact the third-party app and ask them to delete your health information.
Each app has their own Privacy Policy that determines what they do with your data and how (or if) it can be deleted. Contact the company that publishes the app and follow their procedure for removing your data from their records.