Tribute Health Plans

A Partnership for Care

  •  Home
  • Privacy and Security(current)

Protecting Your Health Information

Tribute embraces CMS Interoperability for its members

Tribute Health Plans takes safeguarding your Protected Health Information (PHI) and Personal Identifiable Information (PII) very seriously. We maintain reasonable administrative, technical, and physical safeguards designed to protect your health information. However, no security system is impenetrable. This is why it is so important that our members join us in protecting their health information when sharing it with others. We hope this page will help guide you.

The CMS Interoperability and Patient Access rule established policies to break down barriers in our nation’s health system to enable better member access to their health information, improve interoperability and unleash innovation while reducing the burden on payers and providers. Additionally, the rule created new mechanisms to enable members to access their healthcare information through third-party software applications, thereby providing them with the ability to decide how, when, and with whom to share their information.

By embracing the CMS Interoperability rule, Tribute members will have the ability to move from payer to payer, provider to provider, and have both their clinical and administrative information travel with them throughout their healthcare journey. Be assured, you or your representative are in control of your health information. Only you can authorize a mobile app or other third parties to access your information.

When a member receives care from a new provider, a record of their health information will be readily available to that care provider, regardless of where or by whom care was previously provided. Sharing your health information can offer a more holistic understanding of your health, providing insights into everything from the frequency and types of care provided and for what reason, medication history, and the evolution and adherence to a care plan. This information will empower our members to make better decisions and inform providers to support better health outcomes.

  HIPAA Notice of Privacy Practices

The Notice of Privacy Practices and HIPAA Privacy document explains our commitment to protecting your health information, how we will use or release it, when release of your PHI requires your authorization to do so, and who to contact with any questions or complaints.

Visit our HIPAA Notice of Privacy Practices

It’s your health: you hold the key to unlock it

You hold the key to your health information and can send or have it sent to anyone you want. Just remember to only send your health information to someone you trust.

Important Note: Tribute is not responsible for the security of your health information after it is sent to a third party. Most third-party mobile apps are not covered by HIPAA. These apps fall under the jurisdiction of the Federal Trade Commission (FTC) and the protections provided by the FTC Act.

 Things to consider when sharing your health data

It is important our members take an active role in protecting their health information. Helping you know what to look for when choosing a mobile app or other third-party applications can help you make more informed decisions.

Look for an easy-to-read privacy policy and read it in its entirety. The policy should clearly explain how the app will use your health information. You should not use an app that does not have a privacy policy. Click here to view an example of a Model of Privacy Notice.

Here are some things you may need to know before authorizing a mobile application or other third parties requesting access to your healthcare information.

  • What health data will this app collect?
  • Will my data be stored in a de-identified or anonymized form?
  • How will this app use my data?
  • Will this app disclose my data to other third parties?
  • Will this app sell my data for any reason, such as advertising or research?
  • Will this app share my data for any reason? If so, with whom? For what purpose?
  • How can I limit this app’s use and disclosure of my data?
  • What security measures does this app use to protect my data?
  • What impact could sharing my data with this app have on others, such as my family members?
  • Will this app access any other information on my device?
  • How can I access my data and correct inaccuracies in data retrieved by this app?
  • How does this app inform users of changes that could affect its privacy practices?
  • Does this app have a process for collecting and responding to user complaints?
  • If I no longer want to use this app, or if I no longer want this app to have access to my health information, how do I terminate the app’s access to my data?
  • What is the app’s policy for deleting my data once I terminate access? Do I have to do more than just delete the app from my device?

 How to file a complaint

If you think your data has been breached or an application has used your data inappropriately, A Tribute member or their authorized representative may submit a written complaint to Tribute or with the U.S. Department of Health and Human Services. Tribute will not retaliate against a plan participant for filing a complaint.

Send questions or complaints to:
Tribute Health Plans
Attn: Compliance Officer
PO Box 3630
Little Rock, AR 72202
Or call the Compliance Hotline at:

Other links to file a complaint:
OCR Complaint Portal
FTC Complaint Assistant

Back to top