Section Menu

    Patient API Education and Resources

    The Interoperability and Patient Access Rule gives you the right to see your own health data on a 3rd party health App from your mobile phone or computer. Think of this as “your App." Owensboro Health uses Epic’s MyChart App to provide your chosen Apps access to your health data. This is done through a Patient Access API (Application Programming Interface).

    What is an API?

    A simple way for two pieces of software to communicate with one another to get data. An example is when you send a message using a cell phone. Here, an API allows MyChart to communicate with your App.

    What is health data?

    Health data is information about your medical history. It includes demographic information and information about medical tests you have had, any medical conditions you might have had, and more.

    How is my data available?

    Your data is available from Owensboro Health’s MyChart App. The API will allow Owensboro Health to share your health data with your App. Owensboro Health has no control over how your App will use or share your health data.

    What to think about before sharing your health data?

    Before you agree to share your health data, you need to think about some things. Will your App sell your data? Will your App use your data for research or advertising? How will your App use your data? Will your App let you control how it can use your data? If you stop using your App, will your data be removed? If you no longer want to use your App, can you take away the App's access to your data?

    Is sharing information online safe?

    When making decisions about your health, you should only share your health data with people you trust, like your family or doctor. Never share your username or password. Store your paper records in a safe place.

    Only use software you trust and always use a password on your phone, tablet, or computer. Do not send any data by email unless you can protect it with a password. For more information regarding online security refer to: Federal Trade Commission (FTC) Online Security

    Does your App fall under HIPAA?

    HIPAA is the Health Insurance Portability and Accountability Act. This is a federal law that says your health information cannot be shared unless it is for health care treatment, payment or operations and other reasons allowed by the federal law.

    Apps are not covered by HIPAA. Your App will have access to all your heath data once you allow it. You should read your App's privacy policy to see how they, the 3rd party health App, may use your data. Make sure that you are comfortable with their rules. An App that publishes a privacy notice must do what it says in that notice. Apps may not be subject to other State and local privacy laws.

    Apps are subject to other Privacy laws. For example, the Federal Trade Commission Act (FTC) protects you against any App that breaks privacy rules. If an App breaks a privacy rule, the App may be held accountable by the federal government. For more information from the FTC, refer to: How To Protect Your Privacy on Apps

    What are your rights under HIPAA?

    To learn more about your rights under HIPAA, visit HHS.gov

    How do you authorize Owensboro Health to share data with your App?

    If you decide you want to use an App, you must authorize Owensboro Health to share data with your app. There are 3 easy steps to do this from your App.

    • Step One—Begin in your App. Your App will ask you to link your data from your health record. Follow the instructions on your App to start the linking process.
    • Step Two—The app will prompt you to log in to your Owensboro Health MyChart Account.
    • Step Three- Once in MyChart, you will be able to choose what information you wish to share with the third party app and will have ability to approve or deny access. You will follow the set up instructions. If you are unable to connect from your MyChart account you can find detailed instructions in the MyChart Quick Start Guide under patient education.

    Can minors share their PHI?

    Minors who are under the age of 13 are not allowed to share their health data unless their parent, guardian, or other personal representative gives approval.

    How do I protect my information?

    Only share your information with people and apps you trust. These include doctors or others you see or rely on for care.

    If you decide to use a health app, be sure it's from a trusted source.

    What else can I do to keep my information safe?

    Here are a few tips:

    • Only use trusted health apps.
    • Keep your passwords and log-in information private.
    • Keep your private papers in a secure place.
    • Purchase virus protection software for your computer.

    What do you do if you think your data was used without your permission?

    If you think your information was used without your permission, contact the Federal Trade Commission or the Kentucky Office of the Attorney General. Here is the information you will need to do this.

    Federal Trade Commission Consumer Response Center
    600 Pennsylvania Avenue, NW Washington, D.C. 20580
    1-877-IDTHEFT (1-877-438-4338)
    www.ftc.gov/idtheft

    Kentucky Office of the Attorney General
    Identity Theft Unit
    Office of Consumer Protection
    1024 Capital Center Drive, Suite 200
    Frankfort, Kentucky 40601
    Phone: 502-696-5389
    Identity Theft Hotline: 800-804-7556
    Security Breach Hotline: 855-813-6508 (toll free)
    https://ag.ky.gov/Resources/Consumer-Resources/Consumers/Pages/Identity-Theft.aspx