Community Interoperability APIs

Community Interoperability APIs

Community Health Choice Interoperability APIs

Community Health Choice Interoperability APIs are implemented in compliance with Centers for Medicare & Medicaid Services Interoperability and Patient Access Final Rule (CMS-9115-F). Our APIs are developer-friendly, standards-based, secure and enable third party vendors to connect their applications to access Community Health Care data.

Overview

Community Health Choice Interoperability APIs are implemented in compliance with Centers for Medicare & Medicaid Services Interoperability and Patient Access Final Rule (CMS-9115-F). Our APIs are developer-friendly, standards-based, secure and enable third party vendors to connect their applications to access Community Health Care data.

Community Health Choice interoperability APIs enable Community Health Choice members, both past and present, to consent to have their data shared with third-party applications. It also allows third-party application owners to connect to provider and pharmacy directories which are public non-member specific data (non-PHI).

Community Health Choice Interoperability APIs provide the functionality listed below:

Developers Portal

The Community Health Choice Interoperability API Developer Portal provides third party applications and payers access to documentation, registration services, and developer services related to Healthcare Interoperability APIs provided by Community Health Choice, pursuant to the Centers for Medicare & Medicaid Services Interoperability and Patient Access Final Rule (CMS-9115-F)

The Patient Access API will allow third party applications and payers to retrieve data concerning adjudicated claims, encounters, formulary data, and clinical data maintained by Community Health Choice.

The Provider Directory API will allow third party applications and payers to retrieve provider and pharmacy directory information maintained by Community Health Choice.

Privacy Statement

Thank you for visiting Community’s website. We are committed to ensuring that visitors to Community’s website understand our privacy practices. This Privacy Statement explains: (1) what personal information about you may be collected; (2) how personal information about you will be used; (3) who may have access to personal information about you; and (4) how we protect your personal information within our secure website. This privacy statement applies only to this website and the information collected on this website.

It is important for patients to take an active role in protecting their health information. Helping patients know what to look for when choosing an app can help patients make more informed decisions. Patients should look for an easy-to-read privacy policy that clearly explains how the app will use their data. If an app does not have a privacy policy, patients should be advised not to use the app. Patients should consider:

  • What health data will this app collect? Will this app collect non-health data from my device, such as my location?
  • Will my data be stored in a de-identified or anonymized form?
  • How will this app use my data?
  • Will this app disclose my data to third parties?
    • Will this app sell my data for any reason, such as advertising or research?
    • Will this app share my data for any reason? If so, with whom? For what purpose?
  • How can I limit this app’s use and disclosure of my data?
  • What security measures does this app use to protect my data?
  • What impact could sharing my data with this app have on others, such as my family members?
  • How can I access my data and correct inaccuracies in data retrieved by this app?
  • Does this app have a process for collecting and responding to user complaints?
  • If I no longer want to use this app, or if I no longer want this app to have access to my health information, how do I terminate the app’s access to my data?
    • What is the app’s policy for deleting my data once I terminate access? Do I have to do more than just delete the app from my device?
  • How does this app inform users of changes that could affect its privacy practices?
  • If the app’s privacy policy does not clearly answer these questions, patients should reconsider using the app to access their health information. Health information is very sensitive information, and patients should be careful to choose apps with strong privacy and security standards to protect it.

Some patients, particularly patients who are covered by Qualified Health Plans (QHPs) on the Federally-facilitated Exchanges (FFEs), may be part of an enrollment group where they share the same health plan as multiple members of their tax household. Often, the primary policy holder and other members, can access information for all members of an enrollment group unless a specific request is made to restrict access to member data. Patients should be informed about how their data will be accessed and used if they are part of an enrollment group based on the enrollment group policies of their specific health plan in their specific state. Patients who share a tax household but who do not want to share an enrollment group have the option of enrolling individual household members into separate enrollment groups, even while applying for Exchange coverage and financial assistance on the same application; however, this may result in higher premiums for the household and some members, (i.e. dependent minors, may not be able to enroll in all QHPs in a service area if enrolling in their own enrollment group) and in higher total out-of-pocket expenses if each member has to meet a separate annual limitation on cost sharing (i.e., Maximum Out-of-Pocket (MOOP)).

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) enforces the HIPAA Privacy, Security, and Breach Notification Rules, and the Patient Safety Act and Rule. You can find more information about patient rights under HIPAA and who is obligated to follow HIPAA here: https://www.hhs.gov/hipaa/for-individuals/guidance-materials-for-consumers/index.html

You may also want to share with patients the HIPAA FAQs for Individuals: https://www.hhs.gov/hipaa/for-individuals/faq/index.html

Most third-party apps will not be covered by HIPAA. Most third-party apps will instead fall under the jurisdiction of the Federal Trade Commission (FTC) and the protections provided by the FTC Act. The FTC Act, among other things, protects against deceptive acts (e.g., if an app shares personal data without permission, despite having a privacy policy that says it will not do so).

The FTC provides information about mobile app privacy and security for consumers here: https://consumer.ftc.gov/articles/how-protect-your-privacy-apps

Payers should clearly explain to patients what their policy is for filing a complaint with their internal privacy office. In addition, payers should provide information about submitting a complaint to OCR or FTC, as appropriate.

To learn more about filing a complaint with OCR under HIPAA, visit: https://www.hhs.gov/hipaa/filing-a-complaint/index.html

Individuals can file a complaint with OCR using the OCR complaint portal: https://ocrportal.hhs.gov/ocr/smartscreen/main.jsf

Individuals can file a complaint with the FTC using the FTC complaint assistant: https://www.ftccomplaintassistant.gov/#crnt&panel1-1

Why Choose Community?

As a local nonprofit health plan, Community Health Choice gives you plenty of reasons to join our Community. From the benefits and special programs we offer to the way our Member Services team helps you make the most of them, Community is always working life forward for you and your family.

“Community Health Choice is always there to answer my questions and help me and my family with our medical needs. I truly appreciate and value their customer support and service.”

– Cecily
Member of Community Health Choice