Privacy and Security
Why should the government, or a private entity like CIVHC, be able to collect information about the health care services I’m using?
Last Updated: August 11, 2017The CO APCD is designed to identify population patterns. Health care is unique in that there is virtually no publicly available information on cost and quality. The intent of the CO APCD is to even the playing field for consumers, businesses and others to make educated and informed decisions that...
How does the CO APCD keep information private and safe?
Last Updated: August 11, 2017The safety and privacy of personal information is a foundational principle of how the CO APCD is designed and operated. Data Security: When carriers submit files to the CO APCD, the datasets are encrypted and sent over a secure connection (File Transfer Protocol or FTP) to the CO APCD Data Manager....
Will my medical information be at risk to data breaches I’ve read about?
Last Updated: August 11, 2017No. The CO APCD data warehouse is never exposed to the public and is housed in a high security facility, with role-based security. Data is encrypted both in motion and at rest. Furthermore, all personal information is removed from the record and replaced with an identification number that is generated...
How can you guarantee us that no one will hack into the CO APCD?
Last Updated: August 11, 2017It’s impossible for any organization to make such a guarantee. However, we take our responsibility to safeguard the information in the database very, very seriously—and will do everything in our power to ensure its security. A proven track record of data security was one of our paramount criteria for selecting...
As a patient, can I opt out of having my information included in the CO APCD?
Last Updated: August 11, 2017Under Colorado state law, the CO APCD collects claims information from insurance companies and public payer programs, such as Health First (Colorado’s Medicaid Program), about health care services received by Colorado residents. Federal laws, including the Health Insurance Portability and Accountability Act (HIPAA), permit such disclosures from payers to be...
Insurance claims show diagnosis codes, not just treatment codes, so could someone get into the CO APCD and see that I have cancer, or AIDS?
Last Updated: August 11, 2017The CO APCD is built from the same information found on insurance claims, including diagnoses and procedure codes. However, the CO APCD is very different from insurance claims systems, physician billing systems and the millions of Explanation of Benefit letters sent to patient homes. All of those are designed to...
How can you adequately protect the health information of people living in rural areas where the population is so low that it wouldn’t be difficult to determine who a person of a certain age with a certain diagnosis is?
Last Updated: August 11, 2017Colorado does have a lot of sparsely populated areas. That’s why it’s so important to understand that the reports from the CO APCD gathers all the information for zip codes with fewer than 20,000 residents into one zip code of “000”—it won’t be possible to tell where those claims came...
If you take out the zip codes from sparsely-populated areas, won’t it be difficult to be able to see health care utilization from, say, the eastern plains?
Last Updated: August 11, 2017Five-digit zip codes are retained and encrypted in the database. Some analysis of CO APCD data will allow distinctions among geographic areas. However, any reports that are produced from this data will group zip codes with fewer than 20,000 residents into a single group.
I’ve heard that 87 percent of the population can be accurately identified with just 3 pieces of information: zip code, birthday and gender, so can’t someone get into the CO APCD and get enough information to steal my identity?
Last Updated: August 11, 2017The CO APCD does not provide that kind of information in published reports or datasets. Reports distill zip codes down to 3 digits, and strip them out entirely if fewer than 20,000 people live there. Date of birth will be changed to age or age range.
What do you mean by “date of birth will be changed to age or age range”?
Last Updated: August 11, 2017Date of birth is in the CO APCD in an encrypted state. Depending on the type of report pulled from the database, it is translated into either an age or age range. Published reports do not reflect dates of birth.
What would a hacker see if he got into the database?
Last Updated: August 11, 2017All information in the CO APCD is encrypted during transmission from the health plans and while it is “at rest” in the database. To mitigate encryption key compromise, each submitter is identified prior to submission by Internet protocol (IP) address. These IP addresses are unique, and transmission is only allowed...
How does the CO APCD Data Manager ensure their employees with access to the database don’t hack in remotely or that a disgruntled former employee doesn’t hack in?
Last Updated: August 11, 2017The CO APCD Data Manager does not allow their employees to have remote access to the database or the infrastructure that supports the Co APCD. When the CO APCD Data Manager terminates an employee or the employee leaves, that individual’s “role” relative to the database—i.e., access—is also terminated. This process...
Could an employer or law enforcement agency requisition information about an individual from the CO APCD?
Last Updated: August 11, 2017Based on the CO APCD statute and HCPF rules, the CO APCD must adhere to federal privacy laws, specifically HIPAA, regarding data disclosures, just as your insurance company must do with respect to claims information. The CO APCD statute and rules provide no special protection from law enforcement, and there...
Could the federal government request information about an individual from the CO APCD?
Last Updated: August 11, 2017It’s possible that there could be homeland security or public health needs that would generate such a need. Again, any data released under such a scenario would still have to comply with HIPAA privacy standards.
Will you ever release identified information?
Last Updated: August 11, 2017HIPAA allows the release of certain, limited data fields for very narrow purposes: public health activity and research activity. The CO APCD DRRC reviews every request for CO APCD data reports to ensure that no information is released that goes beyond HIPAA rules.
Is CIVHC going to sell my health information to make the CO APCD sustainable?
Last Updated: August 11, 2017The CO APCD was created because of the important benefits it can provide to Coloradans, but in this era of tight budgets no dollars were allocated. Instead, the rules for the CO APCD allow data to be released in ways that are consistent with state and federal privacy laws and...