How HealthBridge ACO handles your data

1. Data we access

With your authorization, we access your Medicare data through the Blue Button API, including Patient, Coverage, and Explanation of Benefit information.

2. How we use your data

We use your data solely to display a personalized report in your browser. This is a proof of concept: we do not persist the data to a database or store it on our servers.

We aim to keep users informed about what data is accessed, why it is accessed, and how it is presented. You should never be surprised about how your data is used.

3. Data sharing

We do not sell or share your Medicare data with third parties. Data is transmitted directly from the Blue Button API to your browser via a secure Cloudflare Worker.

4. User control

You can choose not to proceed with authorization at any time. If you wish to revoke access, you may do so through your Medicare account settings.

5. Security and compliance

We follow industry best practices to protect personally identifiable information (PII) and protected health information (PHI). If applicable, we align with HIPAA requirements.

6. Contact

Questions about this policy can be sent to BlueButtonAPI@cms.hhs.gov.