Patient Access Rule

CHG Members can now access their health plan data!

21st Century Cures Act and the CMS Patient Access API

In December 2016, the 21st Century Cures Act was signed into law. The Act’s goals include:

  • improved data sharing between health information systems
  • increased patient access to their own health data 

Centers for Medicare & Medicaid Services then created a rule to further this goal called the CMS Interoperability and Patient Access final rule (CMS-9115-F).

The goal of this rule is to increase patients' access to their health data by giving health plan members access and the ability to share their health plan data via an app on their phone.

Community Health Group has been maintaining this patient access since July 1st, 2021.

What Does This Mean for YOU and CHG?

It means that Community Health Group (CHG) will have the ability to share data with you through phone apps!

To make that happen, CHG has partnered with a data company to give you access to share your data with a phone app. You will need to set up an account to confirm your identity. Then allow CHG to share your health plan data with the phone app you chose.

Why Share Your Data? Benefits and Risks


  • Available pps have been reviewed and approved to access your data.
  • Some apps will allow you to access multiple sources of data. CHG is a data source, but so is your doctor’s office, your specialists’ office, or even your Fitbit!
  • Some apps will help you with medication management, chronic disease management, nutrition tracking, and care coordination.

Data sharing also has the potential to improve both your health and the quality of care you receive from the health care system.


Currently, CHG takes your privacy and the security of your health information very seriously. And CHG would never share your data without your express permission. That is why CHG confirms your identity when you create an account.

Once your data is shared with a phone app, CHG is no longer responsible for the security of that data. It is important to read the privacy and security policies for the phone app you choose. That will inform you how the app will share your data and how secure it is in the app.

CHG is subject to healthcare privacy and data security laws. These include HIPAA, the Health Insurance Portability and Accountability Act.

Phone apps and their developers are not subject to HIPAA privacy laws. These apps are considered customer products governed by the Federal Trade Commission.

How to Report Identity Theft and Fraud

If you believe a phone app is misusing your information and violating their privacy policy, report it! Contact the Federal Trade Commission to investigate by going to or calling (877)-382-4357.

If you believe the privacy of your health care data has been violated, report it! Contact the Federal Department of Health and Human Services Office of Civil Rights at:

To learn more about filing a complaint with OCR under HIPAA, visit:

Individuals can file a complaint with OCR using the OCR complaint portal:

Individuals can file a complaint with the FTC using the FTC complaint assistant: