Connecting Your Health Care

New Options for Managing your Digital Medical Records

Imagine:

You don’t feel well. You go to a new health care provider and you can show that provider your health history for dates of service from January 1, 2016 forward.
The provider uses that information to diagnose you and you quickly find the right specialist by checking an up-to-date provider directory.
You have a question about a claim, so you go to your computer or mobile device and, in minutes, you see if it’s been paid, denied or still being processed.
You can take your health history with you as you switch health plans.

Starting in 2021, a new federal rule will make it easier for Health Net members to do all of this and more.¹

The Interoperability and Patient Access rule (CMS-9115-F) makes it easier for you to get your health records when you need them most. You now have full access to your health records on your mobile device. This helps you to manage your health better and to know what health care resources are available to you.

Starting in 2022, the Payer-to-Payer Data Exchange portion of the rule¹ will allow former and current members to request that their health records go with them, as they switch health plans. For more information about this rule, visit the Payer-to-Payer Data Exchange section found on this web page.

The new rule makes finding information easy:²

claims (paid and denied)
certain parts of your clinical information
healthcare providers
pharmacy directory data³

Samples of data we maintain include:

substances (medications)
substances (drug class)
reaction

current address
previous address
phone number
phone number type
email address

Health Concerns
Vaccines
Procedures
Medications
Laboratory Tests & Results
Assessment & Treatment Plan
Care Team Members

¹ Applies to Medicare Advantage, Medicaid and CHIP Managed Care, and federally funded ACA exchange plans.

² Data will be available for dates of service on or after Jan. 1, 2016. Data for Payer-to-Payer only covers clinical data.

³ For Medicare Advantage Prescription Drug (MAPD) plans.

Why is this so important?

Having your health information in one place may help you and your providers:

Understand your health better
Make better decisions
Improve your health outcomes
Reduce healthcare costs
Carry information to new providers or health plans

Keeping your Protected Health Information (PHI) safe is important

The new rule lets you use an app from a third party application developer (a company that has no link to Health Net). You can use this app to look up your health information. When choosing an app, it is important to think about how your data can be used and the app's security and privacy practices.

The CARIN alliance is working to advance the exchange of health information. We will require third-party application developers to agree to follow certain privacy standards outlined in the CARIN Code of Conduct. The CARIN Code of Conduct is a set of practices that these apps have voluntarily adopted to protect and secure your health information.⁴ Visit the My Health Application website to see a list of apps that have agreed to the CARIN Code of Conduct. We will give you information on federal agencies you can contact if you feel your rights to patient privacy have not been protected. Learn more about the CARIN Alliance.

Before sharing your data with a third party application, we will ask you to agree to an Access Your Data statement. This is an added security step to protect your data.

⁴Health Net does not track the app's continued compliance with the CARIN Code of Conduct.

Current Members: What to do now

Find an app. Visit the My Health Application website for a list of apps that meet the CARIN Code of Conduct.

By agreeing to the CARIN Code of Conduct, the third-party app developer attests it meets certain standard security practices. These practices include, but are not limited to:
- Protection of a user's personal data against:
  - Loss or unauthorized access
  - Use
  - Alteration
  - Destruction
  - Unauthorized annotation
  - Disclosure
- Protect personal data through a blending of systems that include:
  - Secure storage
  - Digital record encryption – both in transit and at rest
  - Data-use agreements and contract duties
  - Obligation measures (e.g., access controls, logs and separate audits)
- Comply with relevant breach alert laws
- Provide important remedies to address security breaches. And, to address other infractions due to a misuse of the user's personal data
- Adopt internal policies and secure contractual commitments with third parties to prohibit the renaming of undefined or unnamed data.
Download the app. Smartphone apps are available through the Google Play Store (Android) and the App Store (iOS). Web apps are also available for computers.
Create your account. Use the app to do this:
- To link your health information, choose your health plan
- On the log in screen, enter your member portal username and password
- Read the Access your Health Data statement. If you agree to the terms, click "Allow Access"
Use your information to manage your healthcare.

How do I find the right third-party app?

Read our Frequently Asked Questions or call Health Net toll-free at 800-675-6110 (TTY 711). You can reach us 24 hours a day, 7 days a week.

How does Payer-to-Payer data exchange work for both current and former members?

You can ask Health Net to send health records to other health plans. You can also request Health Net to receive health records from other health plans. If you switch health plans, Health Net will send your clinical records (part of the in the USCDI data set) to another health plan. This is done in order to build a complete health record. A complete health record will help you make decisions that improve your quality of care and health outcomes.

Former Health Net members should start the request through their new health plan. Health Net will send the clinical records to their new health plan based on this request.

Current members of Health Net may start the request by logging into the Health Net secure member portal. There they can request and receive the clinical records from their prior health plan.

How does the new Interoperability and Patient Access Rule affect me?

To learn how the rule can affect you, please call Health Net toll-free at 800-675-6110 (TTY 711) 24 hours a day, 7 days a week.

How far back does my information go?

You will have access to health information with a service date of January 1, 2016 and forward.

Can I access my health information if I go to a different health plan or provider?

Yes. You will be able to access to your health information no matter what health plan or provider you visit.

Can I find out if I'm up to date on my vaccines?

Yes, some apps may allow you to see the shots you've received with a service date of January 1, 2016 and forward.

Do I have to use an app from Health Net?

No, the app you use will not be linked with Health Net. Visit My Health Application website for a list of apps. This includes apps that promise to meet to the CARIN Code of Conduct. Follow the instructions on the app to connect it with your health record.

When can I have access to my health information in the app?

You will be able to access your health plan information in the apps starting July 1, 2021.

Do I have to use an app to get my health information?

No, you do not have to use an app to access your health information. You can contact your provider or health plan for information.

What health data might the app collect?

It depends on the app you choose. Some apps will collect your health data that includes (but is not limited to):

Claims
Medications
Diagnoses
Procedures
Doctor visits

When you enroll in the app, you are giving your consent for the app to collect your health information. The app's Privacy Notice should tell you what information it collects.

Will the app collect non-health data from my device, such as my location?

Apps are able to collect non-health data, such as your location. The app's Privacy Notice should tell you what information it collects. Some apps give you the option to provide other information. We suggest that you ask your app provider.

Does sharing my data with this app have an impact on my family members?

If a family member is linked to your health account, there is a chance that their information will be shared.

How do I correct mistakes in my health data?

You will need to contact your provider or health plan. The health app only makes data available from health care sources.

What are my rights under the Health Insurance Portability and Accountability Act (HIPAA)?

We suggest that you ask the app provider for their Privacy Notice.

Most apps are not covered by HIPAA. Instead, they are covered by the Federal Trade Commission (FTC) and the protections given by the FTC Act. The FTC Act protects against deceptive acts. (For example: if an app shared private data without consent, even though the privacy policy says it will not do so.) Plus, for people who live in California, Personally Identifiable Information (PII) data is governed and secured under laws such as the California Medical Information Act (CMIA) and the California Consumer Privacy Act (CCPA). Please make sure those laws are covered in the Privacy Notice of your chosen API provider.

For more information:

The FTC has information about mobile app privacy and security for consumers on their website
For apps subject to HIPAA, the HHS.gov website has information about patient rights and who is required to follow HIPAA.
The HHS.gov website also has HIPAA FAQs for people.

What are my rights when it comes to my data gathered on this app?

We suggest that you request a copy of the Privacy Notice from the app provider to understand your rights.

What should I do if my data has been shared or stolen or used in a wrongful way?

We suggest that you request a copy of the Privacy Notice from the app provider. This will help you to understand how they respond to a privacy and security incident. You have the right to file a complaint with enforcement agencies that include the Office for Civil Rights (OCR) and the Federal Trade Commission (FTC).

For more information:

To learn more about filing a complaint with OCR under HIPAA, visit the HHS.gov website.

Individuals can file a complaint with OCR using the OCR complaint portal.

Individuals can file a complaint with the FTC using the FTC complaint assistant.

California Residents: Please click on the links listed below for more privacy protections and safeguards concerning data for people living within the state of California.

California Medical Information Act (CMIA): https://oag.ca.gov/privacy/privacy-laws

California Consumer Privacy Act (CCPA): https://oag.ca.gov/privacy/ccpa

How will the app use my data?

Please request a copy of the Privacy Notice to learn how the app will use your data.

Can the app share my data with third parties?

We suggest that you request a copy of the Privacy Notice from the app provider. This will help you know if the app will share your data with third parties.

Does the app delete my data after I stop using it?

We suggest that you request a copy of the Privacy Notice from the app provider. This will help you to know what happens to your data after you stop using the app.

How do I stop sharing my data?

One way you may be able to stop sharing data is through the app. Or, by contacting the app provider support. If this doesn't work, call Health Net member services for help toll-free at 800-675-6110 (TTY 711) 24 hours a day, 7 days a week.

Will this app sell my data for advertising or research?

We suggest that you request a copy of the Privacy Notice from the app provider. This will help you to understand if the app will share your data with third parties for advertising or research.

How does this app collect and respond to user complaints?

App providers may respond to complaints in different ways. We suggest that you ask your app provider this question.

Will my data be stored in a secret or hidden way?

We suggest that you request a copy of the Privacy Notice from the app provider. This will help you know how the app stores your data.

What security measures does this app use to protect my data? Will they inform me if something happens?

We suggest that you request a copy of the Privacy Notice and more information on security practices from the app provider. This will help you know how they handle a security matter.

How can I limit the way this app uses and sends my data?

We suggest that you request a copy of the Privacy Notice from the app provider. This will help you know how you can limit the use and release of your data.