Third-party data sharing and your privacy
We want you to have access to the tools you need to manage your health and well-being. Apps like myHP (for
Your HealthPartners data can also be shared with third-party health apps you prefer to use. These third-party health apps may help you see all your health information in one place.
You have choices when it comes to your data sharing and privacy. It’s important to understand your choices so your personal information is used in ways you expect.
What to know about third-party health apps
If you’re considering using a third-party health app, you should understand how that app works and how it uses information you share.
It’s always your choice to disclose health information – you don’t have to share any information if you don’t want to. No information is shared until you choose to share it.
What is HIPAA?
HIPAA is the Health Insurance Portability and Accountability Act. It was created to give you more control over your health information by setting rules on who has access to it and how they can use it. HIPAA applies to health plans, most health care providers, health care clearinghouses and business associates of these organizations.
Do third-party apps have to follow HIPAA rules?
Most third-party apps are not subject to HIPAA. Instead, most third-party apps fall under the jurisdiction of the Federal Trade Commission (FTC) and the protections provided by the FTC Act.
The FTC Act, among other things, protects against deceptive acts. For example, the FTC Act would apply if an app shares personal information without your permission, despite saying it wouldn’t do so. That means it’s very important to understand how your health information will be used by an app once you choose to share it.
How do I tell a responsible third-party app from an irresponsible one?
When considering whether to use a new app, the first thing to do is to look for an easy-to-read privacy policy. That privacy policy should explain how the app will store and use your data:
- What health data will this app collect? Will this app collect non-health data from my device, like my location?
- Will my data be stored in a de-identified or anonymized form?
- How will this app use my data?
- Will this app disclose my data to third parties? Will this app sell my data for any reason, like advertising or research? Will this app share my data for any reason? If so, with whom and why?
- How can I limit this app’s use and disclosure of my data?
- What security measures does this app use to protect my data?
- What impact could sharing my data with this app have on others, like my family?
- How can I access my data? How can I correct inaccuracies in data retrieved by this app?
- Does this app have a process for collecting and responding to complaints?
- If I no longer want to use this app, or if I no longer want this app to have access to my health information, how do I terminate the app’s access to my data? What is the app’s policy for deleting my data once I terminate access? Do I have to do more than just delete the app from my device?
- How does this app inform users of changes that could affect its privacy practices?
If the app’s privacy policy doesn’t answer these questions – or the answers don’t satisfy you – you may want to reconsider sharing your health information. Remember: Your health information is sensitive. You should choose apps with strong privacy and security standards to protect it.
What do I need to know if I choose to share my information?
Once you choose to share your HealthPartners information, we can’t control what happens to it afterward. Only use apps you’ve researched and you trust.
By choosing to share your HealthPartners information, you understand you’re requesting to send your health information to a third-party application that isn’t affiliated with HealthPartners.
Examples of information HealthPartners may share (as applicable, depending on the app) include:
Health care records
- Your demographic information
- Information about your primary care provider
- Information about your documented medical conditions, including allergies
- Your lab results
- Your medications
- Your medical procedure history
- Your vaccination history
- Your vital signs history
- Your smoking status
Health plan records
- Information about your HealthPartners insurance plans
- Medical and pharmacy claims data for your HealthPartners insurance plans
- Clinical data maintained by your HealthPartners insurance plans
- Formulary information maintained by your HealthPartners insurance plans
What should I do if I think my health data was breached or a third-party app used my data inappropriately?
- If you believe the app was subject to HIPAA requirements, you can
file a complaint with the Office of Civil Rights (OCR) at the U.S. Department of Health and Human Services. OCR enforces the HIPAA Privacy, Security and Breach Notification Rules. - If you believe the app was not subject to HIPAA requirements, you can
file a complaint with the Federal Trade Commission .
Revoke data sharing for a third-party app
If you previously authorized sharing of your HealthPartners data with a third-party app – and you no longer want to continue sharing – please contact HealthPartners.
Request data sharing for a different third-party app
Is there a third-party health app you’d like to use with your HealthPartners information? Contact the app to let them know you’d like to see your HealthPartners data. We’re unable to share information with apps that haven’t requested access to our systems.