Privacy FAQ

1. Why should I share my information?

Humana is passionate about putting members in control of their own data. It is important to note that Humana will share your health data ONLY if you request it. Sharing your information will enable you to manage your health information in an easy and convenient way. It will allow certain external applications or websites to:

  • Compile all of your health information from various insurance plans, healthcare providers, and testing facilities;
  • Share previous health records with a current healthcare provider to look into medications, conditions, procedures, and other relevant information;
  • Use historical data to make your experience easier by pre-filling your information instead of having to add information manually.

Offering this service makes Humana compliant with the CMS Patient Access API and Interoperability Ruling. The Centers for Medicare & Medicaid Services (CMS) requires insurers, offering Medicare Advantage, Medicaid, CHIP, and Qualified Health plans, to provide this service for members of those plan types.

2. What types of information will I be able to see and share through an application or website?

When you give permission, the application or website will be able to access Humana's systems to retrieve your personal health data, securely, at any time.

Before you allow access, you will be able to review the types of information to be shared. Examples are:

  • Demographic information (your name, address, date of birth, and phone number)
  • Claims history (payments you owe and payments made by Humana under your plan)
  • Historical medical data (your medications, immunizations, procedures, and diagnosed conditions)

There are risks to sharing data with external applications or websites. You should take the time to read the external application or website's privacy plans to see your options to revoke or remove access to Humana data.

There is not an option to select only certain types of information. When you grant permissions, the external application or website will be able to access all of your health information.

Personal payment information is not shared; this includes credit card numbers, HSA account details, bank account details or other types of financial information.

3. Who will be able to see my health information besides me?

Your information will only be shared with your consent and only to those applications or health care providers you select.

4. Can caregivers share their care recipient’s data using this service?

Yes. If you are legally designated as a caregiver for another Humana member and you have a humana.com account, you will be able to indicate whether you want to share your or your care recipient’s data.

5. Are there any risks when sharing my health data with external parties?

After you consent to share your personal health information with an external application or website, Humana is no longer in control of the data.

Before you decide to share your information with any external entities, we recommend that you review the application or website’s privacy policy to find out how your data will be used and stored, and if it will be shared elsewhere.

Most consumer-facing applications or websites fall under the jurisdiction of the Federal Trade Commission (FTC). If you believe your data has been misused, you can file a complaint using the FTC Complaint Assistant.

Some applications—generally those associated with Health Plans, Providers, and Clearinghouses—are governed by HIPAA. Business associates (like contractors and subcontractors) of HIPAA-governed entities must also adhere to HIPAA laws. You can find more information about patient rights under HIPAA and who is obligated to follow HIPAA by reviewing Your Rights Under HIPAA. If you believe an application has used your data in a way that violates HIPAA, you can file a complaint with the Office for Civil Rights.

6. What considerations should I make before sharing my data?

It’s important to assess how external companies might use your data. Some questions to consider are as follows:

  • How will this app collect and use my data? Are they collecting more than just health data?
  • Will this app disclose or sell my data to other entities, such as for advertising or research?
  • Will my data be stored securely? Will my data be stored in such a way that my identity is not directly connected to it (so as to protect my privacy)?
  • What impact could sharing my data with this app have on others, such as my family members?
  • Does this app have a process for collecting and responding to user complaints?
  • What is this app’s policy around data deletion if I no longer want them to have access to my data?
  • Will this app inform me if my data has been part of a breach or accessed inappropriately?
7. What should I do if I think my privacy has been breached?

If you believe an external party with which you’ve shared your data has breached or violated your privacy, you can:

  • Most consumer-facing applications or websites fall under the jurisdiction of the Federal Trade Commission (FTC). If you believe your data has been misused, you can file a complaint using the FTC Complaint Assistant.
  • Some applications—generally those associated with Health Plans, Providers, and Clearinghouses—are governed by HIPAA. Business associates (like contractors and subcontractors) of HIPAA-governed entities must also adhere to HIPAA laws. You can find more information about patient rights under HIPAA and who is obligated to follow HIPAA by reviewing Your Rights Under HIPAA. If you believe an application has used your data in a way that violates HIPAA, you can file a complaint with the Office for Civil Rights.
  • File a complaint with Humana directly, or if you need help filing a grievance, call the number on your Humana ID card (if you use a TTY, call 711).
Looking for developer resources?
Review and test out our FHIR APIs, request access, and more!