Skip to Main Content

Samaritan Health Plans and InterCommunity Health Network Coordinated Care Organization members (both will be referred to as “the Plan”) will be able to access their health care information using a computer or mobile device. This includes searching the provider and pharmacy directories. 

Access to Your Health Information 

This service is made possible by allowing third-party applications (apps) to access your health information from the Plan, which then makes it available to you through the application interface. This can happen only after you have authorized them to do so. Members are not required to allow a third-party app to access their data.

The Patient Access Rule

The Interoperability and Patient Access Rule (“The Rule”) from the Centers for Medicare & Medicaid Services (CMS) requires the Plan to offer and maintain a secure, standards-based way of allowing all members to easily access their health records through third-party apps of their choice. These health records include health insurance claims and other information submitted to the Plan by health care providers and hospitals. It may also include cost and other clinical information.

What You Need to Know About the Patient Access Rule

  • The Rule does not allow the Plan to require or recommend an app.
  • Although the Plan provides a secure way of storing your data and a secure way of allowing the third-party app to access your data, the Plan has no control over what is done with the data once it is downloaded to the app.
  • The third-party app may not be subject to HIPAA privacy and security regulations.

Forms You Will Need to Fill Out

Things to Consider Before Allowing Access to Your Data

It is your responsibility to decide if you want the third-party app to access and use your data. The Plan recommends the following questions be considered when deciding if an app has strong privacy and security standards:
  • Most third-party apps will not be covered by HIPAA, the law that outlines privacy and security requirements for health information.
  • These apps will fall under the Federal Trade Commission (FTC) and the protections provided by the FTC Act. This Act, among other things, protects against deceptive acts, like sharing personal data without permission, despite having a privacy policy that says it will not do so. You can find more information about mobile app privacy and security for consumers. 
  • Submit a complaint to the FTC. Since the Federal Trade Commission (FTC) has jurisdiction over these apps, you should submit a complaint to the FTC using the FTC complaint assistant.
  • File a HIPAA complaint. Your situation may fall under the HIPAA Privacy, Security, or Breach Notification Rules, or the Patient Safety Act and Rule. HIPAA is overseen by the U.S. Department of Health and Human Services (HHS) Office of Civil Rights (OCR).
  • Report privacy or security concerns to the Plan’s compliance officer at SHPOCompliance@samhealth.org. Though the Plan does not have relationships with the apps members may choose, we would like to hear of any privacy or security issues you may experience.
Page Updated 05/04/2022