Alert: this is an alert
Read about: an important message for members
Your privacy matters to us. CareOregon Advantage wants to make sure your health data is safe. Please read this important information about keeping your protected health information (PHI) secure. You can also download this information in PDF format.
Q: Is my data safe with CareOregon Advantage?
A: Yes. The systems we use to store and access your PHI are secure, private and updated often. We follow the rules of the Health Insurance Portability and Accountability Act Privacy Rule (HIPAA). HIPAA requires us to adopt specific measures to protect your health data. Our systems are HIPAA-compliant, and our staff is trained to keep your PHI safe. Your health data is safe with us.
Q: How does HIPAA protect my health data and privacy?
A: HIPAA requires health care companies like CareOregon Advantage to follow best practices to safely store your data in our computer systems. It also limits how this data can be used or shared. For example, HIPAA does not allow CareOregon Advantage — or any health care company — to sell your data or use it for ads. HIPAA also requires we notify you quickly if your health data is breached, and it imposes penalties on health care companies that don’t protect your data.
Q: What kind of third-party apps can access my PHI?
A: There are many apps for your smart phone, tablet or mobile device that can help you manage your health, including:
Some of these apps may offer features like setting up reminders for medications, tests and appointments, or being a place where all your health information can be stored in one place. Such apps might ask you to access your health information stored with CareOregon Advantage or your providers so you can view and manage this information through the app. You have a right to ask your plan or provider to share your information with the app of your choosing. While these apps can be useful tools, they may put your PHI at risk.
Q: Is my information safe with third-party health apps?
Q: If I give a third-party app access to my health information, do they have to follow HIPAA?
A: No. Most third-party apps do not have to follow HIPAA’s safeguards. The data you share with a third-party app may not be protected by HIPAA. When stored in a third-party app, your health data falls under the oversight of the Office of Civil Rights and the Federal Trade Commission (FTC). In particular, the FTC protects against deceptive or unfair practices, including:
Q: What are some other steps I can take to protect the privacy and security of my health information when using a third-party app?
A: Make sure to follow basic best practices for keeping data safe, like using strong passwords and not sharing login information with other people. You can also make sure your smart phone has a lock code or uses face ID or fingerprints to unlock.
Q: Should I share my health data with third-party apps?
A: It is up to you, but we want you to have as much information as possible before you decide. Below are some questions to think about before you give a third-party app access to your health data. If you’re not satisfied with the app’s answers to these questions, we recommend not giving the app access to your health data.
Q: How can I make a complaint about third-party apps?
A: There are a few different ways:
Q: What if I have additional questions?
A: Feel free to contact CareOregon Advantage Customer Service at 503-416-4279, toll-free at 888-712-3258, TTY 711, or send us a secure message at careoregonadvantage.org/portal