Interoperability & Third-Party Apps

Back to Medicare Advantage Members

Samaritan Health Plans and InterCommunity Health Network Coordinated Care Organization members (both will be referred to as “the Plan”) will be able to access their health care information using a computer or mobile device. This includes searching the provider and pharmacy directories.

Access to Your Health Information

This service is made possible by allowing third-party applications (apps) to access your health information from the Plan, which then makes it available to you through the application interface. This can happen only after you have authorized them to do so. Members are not required to allow a third-party app to access their data.

The Patient Access Rule

The Interoperability and Patient Access Rule (“The Rule”) from the Centers for Medicare & Medicaid Services (CMS) requires the Plan to offer and maintain a secure, standards-based way of allowing all members to easily access their health records through third-party apps of their choice. These health records include health insurance claims and other information submitted to the Plan by health care providers and hospitals. It may also include cost and other clinical information.

What You Need to Know About the Patient Access Rule

The Rule does not allow the Plan to require or recommend an app.
Although the Plan provides a secure way of storing your data and a secure way of allowing the third-party app to access your data, the Plan has no control over what is done with the data once it is downloaded to the app.
The third-party app may not be subject to HIPAA privacy and security regulations.

Forms You Will Need to Fill Out

With this form, a payer is requesting Samaritan Health Plans/Intercommunity Health Network Coordinated Care Organization to intake a member’s health information.
Interoperability Payer Notification to Send Member Data
With this form a member, or their authorized representative, allows Samaritan Health Plans/InterCommunity Health Network Coordinated Care Organization to share the member’s health information with another payer.
Interoperability Payer Data Exchange Form
Interoperability Payer Data Exchange Form (Spanish)
With this form, a member of Samaritan Health Plans/InterCommunity Health Network Coordinated Care Organization or their authorized representative, may revoke a third-party app’s access to all their health information. Interoperability Revocation of a Third-party Application Form
Interoperability Revocation of a Third-party Application Form (Spanish)
With this form, a member of Samaritan Health Plans/InterCommunity Health Network Coordinated Care Organization may allow or revoke their authorized representative’s access to their data in a third-party app. Interoperability to Allow or Revoke Authorized Representative’s Access Form
Interoperability to Allow or Revoke Authorized Representative’s Access Form (Spanish)

Who Oversees the Privacy & Security Practices of Third-party Apps?

Most third-party apps will not be covered by HIPAA, the law that outlines privacy and security requirements for health information.
These apps will fall under the Federal Trade Commission (FTC) and the protections provided by the FTC Act. This Act, among other things, protects against deceptive acts, like sharing personal data without permission, despite having a privacy policy that says it will not do so. You can find more information about mobile app privacy and security for consumers.

How Do I File a Complaint If I Think the Third-party App I Selected Did Not Secure My Data or the App Used My Data Inappropriately?

Submit a complaint to the FTC. Since the Federal Trade Commission (FTC) has jurisdiction over these apps, you should submit a complaint to the FTC using the FTC complaint assistant.
File a HIPAA complaint. Your situation may fall under the HIPAA Privacy, Security, or Breach Notification Rules, or the Patient Safety Act and Rule. HIPAA is overseen by the U.S. Department of Health and Human Services (HHS) Office of Civil Rights (OCR).
- Individuals can find more information about patient rights under HIPAA and who is obligated to follow HIPAA.
- Learn more about filing a complaint with OCR under HIPAA.
- Individuals can file a complaint with OCR using the OCR complaint portal.
Report privacy or security concerns to the Plan’s compliance officer at SHPOCompliance@samhealth.org. Though the Plan does not have relationships with the apps members may choose, we would like to hear of any privacy or security issues you may experience.

What If I Have More Questions?

By phone at 541-768-4550 or 800-832-4580 (TTY 800-735-2900), Monday through Friday, 8 a.m. to 8 p.m.
By email at HealthPlanResponse@samhealth.org.

I Am a Third-party App Developer. How Can I Register to Use the Plan’s APIs?

App developers can begin the registration process by visiting Samaritan Health Plan’s app registration portal.

Page Updated 11/22/2022