Skip navigation

Sub-navAccess, Health Information Privacy, and Security


Access, Health Information Privacy, and Security

In 2021, a new federal rule made managing digital medical records easier for consumers. Now, consumers like you have full access to your health records. You will be able to better manage your health and know what resources are available to you.

The Payer-to-Payer Data Exchange component of the rule will enable former and current participants to request that their health records be transferred with them when switching health plans and the final rule of this regulation is expected later in 2023.

The new policy makes it easier to find information about:

  • Paid and denied claims
  • Healthcare provider directory
  • Data about pharmacy directories
  • Specific parts of your clinical information

Some examples of the data we keep may include:

  • Patient Demographics
    • First name
    • Last name
    • Previous name
    • Middle name
    • Suffix
    • Birth sex
    • Date of birth
    • Race
    • Ethnicity
    • Preferred language
    • Allergies and Intolerances
      • Substances (medications)
      • Substances (drug class)
      • Reaction
    • New Demographics
      • Current address
      • Previous address
      • Phone number
      • Email address
      • Health Concerns

What makes this so significant?

You and your doctors may benefit from having all your health information in one location:

  • Gain a better understanding of your health
  • Make better decisions
  • Enhance health outcomes
  • Lower healthcare costs
  • Transfer information to new health plans or providers

Protecting your protected health information (PHI) is important to us.

HPP is concerned about the privacy and safety of your PHI. You are permitted to use an application developed by a third-party application developer—a company that has NO connection to Health Partners Plans (HPP)—under the new rule.

HPP does not have control over any of the third-party applications and how they will utilize your data. While picking an application, it is vital to consider how your information can be utilized and what the application's security and protection practices consist of. The third-party application will have to connect with HPP’s FHIR (Fast Healthcare Interoperability Resources®) APIs first before these applications can be used by you.

The CARIN Alliance works to improve health information exchange. The CARIN Code of Conduct's privacy guidelines will have to be agreed upon by third-party application developers. These applications have voluntarily adopted the CARIN Code of Conduct to safeguard and secure your health information. Visit to review a list of applications that have consented to the CARIN overarching set of rules.

If you believe that your rights to privacy have not been upheld, you can contact the applicable federal agencies. Get more information about the CARIN Alliance at Not all applications found on CARIN alliance Health Application site are integrated with HPP’s FHIR APIs. Please visit our application gallery to see the applications that are connected to HPP’s FHIR APIs.

More Resources

Patient Guidance from (links to external site)