Tribute Embraces Interoperability and Patient Access Requirements For Our Members
The CMS Interoperability and Patient Access rule established policies to break down barriers in our nation’s health system to enable better member access to their health information, improve interoperability and unleash innovation while reducing the burden on payers and providers. Additionally, the rule created new mechanisms to enable members to access their healthcare information through third-party software applications, thereby providing them with the ability to decide how, when, and with whom to share their information.
By embracing the CMS Interoperability rule, Tribute members will have the ability to move from plan to plan, provider to provider, and have both their clinical and administrative information travel with them throughout their healthcare journey. Be assured, you or your representative are in control of your health information. Only you can authorize a mobile app or other third parties to access your information.
Tribute Health Plans takes safeguarding your Protected Health Information (PHI) and Personal Identifiable Information (PII) very seriously. We maintain reasonable administrative, technical, and physical safeguards designed to protect your health information. However, no security system is impenetrable. This is why it is so important that our members join us in protecting their health information when sharing it with others.
How to file a complaint
- To file a complaint against a mobile app or other third-party application you believe has misused your data, you will need to file a complaint with the FTC, which protects consumers from unfair, deceptive, or fraudulent practices. You can use the FTC online assistant to file a complaint.
- If you believe a HIPAA-covered entity (doctor, hospital, health plan) has violated your health information privacy rights, you may file a complaint with the Office for Civil Rights (OCR). The OCR is the agency within the U.S. Department of Health and Human Services (HHS) that investigates a complaint and has the authority to enforce the HIPAA privacy and security rules. To learn more about filing a complaint, visit HHS.gov.
Additionally, a Tribute member or their authorized representative may submit a written complaint about suspected HIPAA violations to Tribute’s Compliance Office.
Tribute Health Plans
Attn: Compliance Officer
PO Box 3630
Little Rock, AR 72202
Or call the Compliance Hotline: 844-372-1164
Things to consider when sharing your health data
It is important our members take an active role in protecting their health information. Helping you know what to look for when choosing a mobile app or other third-party applications can help you make more informed decisions.
Here are some things you may need to know before authorizing a mobile application or other third parties requesting access to your healthcare information.
- What health data will this app collect?
- Will my data be stored in a de-identified or anonymized form?
- How will this app use my data?
- Will this app disclose my data to other third parties?
- Will this app sell my data for any reason, such as advertising or research?
- Will this app share my data for any reason? If so, with whom? For what purpose?
- How can I limit this app’s use and disclosure of my data?
- What security measures does this app use to protect my data?
- What impact could sharing my data with this app have on others, such as my family members?
- Will this app access any other information on my device?
- How can I access my data and correct inaccuracies in data retrieved by this app?
- How does this app inform users of changes that could affect its privacy practices?
- Does this app have a process for collecting and responding to user complaints?
- If I no longer want to use this app, or if I no longer want this app to have access to my health information, how do I terminate the app’s access to my data?
- What is the app’s policy for deleting my data once I terminate access? Do I have to do more than just delete the app from my device?
Interoperability Fact Sheet
Tribute Privacy Information
It’s your health: you hold the key to unlock it
You hold the key to your health information and can send or have it sent to anyone you want. Just remember to only send your health information to someone you trust.
Important Note: Tribute is not responsible for the security of your health information after it is sent to a third party. Most third-party mobile apps are not covered by HIPAA. These apps fall under the jurisdiction of the Federal Trade Commission (FTC) and the protections provided by the FTC Act.