Member
Providers
Shop For a Plan

Connecting Your Healthcare:


New Options for Managing Your Digital Medical Records

In 2021, a new federal rule made it easier for Fidelis Care members* to manage their digital health records. 

The Interoperability and Patient Access rule (CMS-9115-F) puts patients first by giving you control and easy access to your health information when you need it most. Complete access to your health information allows you to manage your health better and know what healthcare resources are available to you.

Doctor-Checklist-Animation

 

Payer-to-Payer Data Exchange

  • Starting in 2023, the Payer-to-Payer Data Exchange portion of the rule* will allow former and current members to request that their health records go with them as they switch health plans. For more information about this rule, visit the Payer-to-Payer Data Exchange section found on this web page.

  • Having your medical information in one place helps you and your providers understand your health better so you can make better decisions. This information will follow you to any provider or health plan in the future.

Enhanced Accessibility

The new rule makes it so you can easily find information** on:

Claims (paid and denied)

Your cost of care

Provider appointments

Healthcare providers

Past test results  

Pharmacy directory data***

Health status

Specific parts of your clinical information

 

Imagine:

  • You go to a new healthcare provider because you don’t feel well and you can show that provider your health history from the past five years
  • The provider uses that information to diagnose you and you quickly find the right specialist by checking an up-to-date provider directory
  • You have a question about a claim, so you go to your computer or mobile device and, in minutes, you see if it’s paid, denied, or still being processed
  • You can take your health history with you as you switch health plans

 

What Types of Medical Information Can I See?

Patient Demographics
  • First name
  • Last name
  • Previous name
  • Middle name
  • Suffix
  • Birth sex
  • Date of birth
  • Race
  • Ethnicity
  • Preferred language
Allergies and Intolerances
  • Substances (medications)
  • Substances (drug class)
  • Reaction
New Demographics
  • Current address
  • Previous address
  • Phone number
  • Phone number type
  • Email address
Health Concerns
  • Immunizations
  • Procedures
  • Medications
  • Laboratory tests and results
  • Assessment and treatment plan
  • Care team members

* Applies to Medicare Advantage, Medicaid Managed Care, Child Health Plus (CHP), and federally funded ACA exchange plans (Qualified Health Plans).

** Data will be available for dates of service on or after Jan. 1, 2016; data for Payer-to-Payer only covers clinical data.

*** For Medicare Advantage Prescription Drug (MAPD) plans.


 

Why is this so important?

Having your health information in one place may help you and your providers:

    • Understand your health better
    • Make better decisions
    • Improve your health outcomes
    • Reduce healthcare costs
    • Carry information to new providers or health plans

Managing-Your-Digital-Health-Records

 

 

Keeping Your Protected Health Information (PHI) Safe is Important To Us

Your privacy and the security of your PHI is a top concern of ours. The new rule allows you to use an app from a third-party application developer (a company with no connection to Fidelis Care). You can use this app to look up your health information.  When choosing an app, it is important to consider how your data can be used and the app’s security and privacy practices. 

The CARIN alliance is working to advance the exchange of health information. We will require third-party application developers to agree to follow certain privacy standards outlined in the CARIN Code of Conduct. The CARIN Code of Conduct is a set of practices that these applications have voluntarily adopted to protect and secure your health information. Visit the My Health Application  website to see a list of apps that have agreed to the CARIN Code of Conduct. We will give you information on federal agencies you can contact if you feel your rights to patient privacy have not been protected. Learn more about the CARIN Alliance.    

 

Before sharing your data with a third party application, we will ask you to agree to an Access Your Data statement. This is an added security step to protect your data.



Current Members: What To Do Now

1) Find an app. Visit the My Health Application website for a list of apps that meet the CARIN Code of Conduct.

App Developer | Attestation of Compliance (AoC)

By agreeing to the CARIN Code of Conduct, the app developer attests it meets certain standard security practices. These practices include, but are not limited to:


Protection of a user’s personal data against:

  • loss or unauthorized access
  • use
  • alteration
  • destruction
  • unauthorized annotation
  • disclosure

 

Protect personal data through a combination of mechanisms including:

  • secure storage
  • encryption of digital records both in transit and at rest
  • data-use agreements and contractual obligations
  • accountability measures (e.g., access controls, logs and independent audits)

 

Compliance with applicable breach notification laws:

  • provide meaningful remedies to address security breaches or other violations due to a misuse of the user’s personal data
  • adopt internal policies and secure contractual commitments with third parties to prohibit the re-identification of de-identified or anonymized data

2) Download the app. Smartphone apps are available through the Google Play Store (Android) and the App Store (iOS). Web apps are also available for computers.

3) Create your account. Use the app to do so.

  • To link your health information, choose your health plan
  • On the login screen, enter your member portal username and password
  • Read the Access your Health Data statement. If you agree to the terms, click “Allow Access”

4) Use your information to manage your healthcare.

 

 

New Interoperability and Patient Access FAQs

How many years will my health information go back?

You will have access to health information with a date of service of January 1, 2016 or later.

Can I access my health information if I go to a different health plan or provider?

Yes. You will be able to access your health information no matter what health plan or provider you go to.

Can I find out if I’m up to date on my immunizations?

Yes, you can use an app to see what shots you’ve had with a date of service January 1, 2016 or later.

Do I have to use an app from Fidelis Care?

No, the app you use is not affiliated with Fidelis Care. Visit the My Health Application for a list of apps. This includes apps that promise to meet the CARIN Code of Conduct. Follow the instructions on the app to connect it with your health record.

Will all of the apps keep my health information private?

Not every app has agreed to meet the CARIN Code of Conduct or any other set of guidelines. We will let you know which apps have agreed to follow our privacy guidelines. You will have a chance to select another app if you selected the app before they shared their privacy practices with us. 

We suggest that you request a Notice of Privacy Practices from the app.  Read it carefully before using that app. If the app does not provide you with a Notice of Privacy Practices, we suggest that you choose another app. Visit the My Health Application website for a list of apps that agree to follow the CARIN Code of Conduct.


When can I have access to my health information in the app?

You will be able to access your health plan information in the apps starting on July 1, 2021.

Do I have to use an app to get my health information?

No, you do not have to use an app to access your healthcare information. You can contact your provider or Fidelis Care for needed information.

What health data will the app collect?

It depends on the app you choose. Some apps will collect your health data.  This includes (but is not limited to) claims, medications, diagnoses, procedures, and doctor visits. You give the app permission to collect your health information when you sign up for it.  The app’s Notice of Privacy Practices should tell you what information it collects.

Will the app collect non-health data from my device, such as my location?

The app's Notice of Privacy Practices should tell you what information it collects. Apps do have the ability to collect non-health data, such as your location. Some apps give you the option to provide that information. We suggest that you ask your app provider. 

Does sharing my data with this app have an impact on my family members?

If a family member is linked to your health account, there is a chance that their health information will be shared.

How do I correct mistakes in my health data?

You will need to contact your provider or health plan.  The app only makes data available from healthcare sources. The app does not create this data.

What are my rights under the Health Insurance Portability and Accountability Act (HIPAA)?

We suggest that you ask the app provider for their Notice of Privacy Practices.

Most apps will not be covered by HIPAA.  They will instead be covered by the Federal Trade Commission (FTC) and the protections provided by the FTC Act. The FTC Act protects against deceptive acts.  For example, if an app shares personal data without permission.  This is even though the privacy policy says it will not do so.

The FTC has information about mobile app privacy and security for consumers on the FTC consumer information website.

For apps subject to HIPAA, the HHS.gov website has information about HIPAA patient rights and who is obligated to follow HIPAA.

The HHS.gov website also has HIPAA FAQs for individuals.

What are my rights when it comes to my data collected on this app?

We suggest that you request a Notice of Privacy Practices from the app provider to understand your rights.

What should I do if my data has been shared, stolen, or improperly used?

We suggest that you request a Notice of Privacy Practices from the app provider.  This is so that you can understand how they respond to a privacy and security incident. You have the right to file a complaint with enforcement agencies including the Office for Civil Rights (OCR) and the Federal Trade Commission (FTC).

Most apps will not be covered by HIPAA. They will instead be covered by the Federal Trade Commission (FTC) and the protections provided by the FTC Act. The FTC Act protects against deceptive acts.  For example, if an app shares personal data without permission.  This is even though the privacy policy says it will not do so.

Learn more about filing a complaint with OCR under HIPAA.

Individuals can file a complaint with OCR using the OCR complaint portal.

Individuals can file a complaint with the FTC using the FTC complaint assistant.

How will the app use my data?

The purpose of the app is for you to see your health data in one place.  We suggest that you request a Notice of Privacy Practices to understand how the app will use your data.

Can the app share my data with third parties?

We suggest that you request a Notice of Privacy Practices from the app provider to understand if the app will share your data with third parties.

Does the app delete my data after I stop using it?

We suggest that you request a Notice of Privacy Practices from the app provider.  This is so that you can understand what happens to your data after you stop using the app.

Does the app delete my data after I stop using it?

We suggest that you request a Notice of Privacy Practices from the app provider.  This is so that you can understand what happens to your data after you stop using the app.

How do I stop sharing my data?

The best way to stop sharing data is through the app or by contacting the app’s support. If this doesn’t work, call Fidelis Care Member Services.

Will this app sell my data for any reason, such as advertising or research?

We suggest that you request a Notice of Privacy Practices from the app provider.  This is so you can understand if the app will share your data with third parties for advertising or research.

How does this app collect and respond to user complaints?

App providers may respond to complaints in different ways. We suggest that you ask your app provider this question.

Will my data be stored in a de-identified or anonymized form?

We suggest that you request a Notice of Privacy Practices from the app provider.  This is so you can understand how the app stores your data.

What security measures does this app use to protect my data? Will they inform me if an incident occurs?

We suggest that you request a Notice of Privacy Practices and additional information on security practices from the app provider.  This is so you can understand how they handle a security incident.

How can I limit this app’s use and release of my data?

We suggest that you request a Notice of Privacy Practices from the app provider.  This is so you can understand how to limit the use and release of your data.

How does Payer-to-Payer data exchange work for both current and former members?

Members may request that Fidelis Care send health records to other health plans. They can also request that Fidelis Care receive health records from other health plans. If a member switches health plans, Fidelis Care will send their clinical records (included in the USCDI data set) to another health plan. This is in order to build a complete health record. A complete health record will help a member make decisions that improve their quality of care and health outcomes.

Former members of Fidelis Care should start the request through their new health plan. Based on this request, Fidelis Care will send the clinical records to their new health plan.

Current members of Fidelis Care may start the request by logging into the Fidelis Care’s secure member portal.There they can request and receive the clinical records from their previous health plan.

As a developer, how do I access and use the Patient Access API?
Go to our Partner Portal and scroll to the “FHIR – Patient Access”, click it and go to the “Getting Started” Tab
As a developer, how do I access and use the Provider Directory API?
Go to our Partner Portal and scroll to the “FHIR – Provider Directory”, click it and go to the “Getting Started” Tab

 

 

Additional Questions About the New Interoperability and Patient Access Rule?

Call Fidelis Care at 1-888-FIDELIS (1-888-343-3547); TTY 711.

For more information on CMS Policies and Technology for Interoperability and Burden Reduction, visit the CMS website.

For timely updates surrounding DOE Health Screening Guidelines, click HERE.