Departments » Behavioral Health and Recovery Services

Patient Access Portal

Font Size: + -
Share & Bookmark, Press Enter to show all options, press Tab go to next option
Print

You Can Now Access Your Health Data Information

Member Health Data

As a Mendocino County Behavioral Health and Recovery Services (BHRS) member, you can view your health data through MyHealthPointe App or by logging into the application website by clicking this link: https://myhpconsumer.netsmartcloud.com. Transforming the way you can access your health information transforms how you manage your overall health.

GetItOnGooglePlay_Badge_Web_color_English

First Time Users (Enrollment)

Please call or email our EHR team to start the enrollment process at (707) 472-2328 or by email at EHR@mendocinocounty.gov. Please be ready to verify your full legal name, date of birth, and SSN to help authenticate your identity. As well as a valid email address you check often.

Patient Access

As part of The Centers for Medicare and Medicaid Services (CMS) Interoperability and Patient Access Rule, Mendocino County BHRS implemented a Patient Access as publicly available API which seeks to establish beneficiaries as the owners of their health information with the right to direct its transmission to third-party applications when available. Mendocino County BHRS members can access their information through MyHealthPointe at this time.

API Description

The Patient Access API allows members to access their personal health information through a third-party application of their choosing when available. Currently, members can access their data through myHealthPointe App on BHRS website or myHealthPointe App from their phone.

Member Rights and Risks

Right to Share Data with Third Party App(s):

You can grant consent to share your health data with any chosen third-party app. When you consent, we are required to make your health data available to the third-party app within 1 business day. However, for the third-party app to be able to access your data, the third-party app needs to register with us. There are no apps available at this time, check back in the future to view a list of registered apps and their risk scores. Currently, you can access your data through myHealthPointe.

Your Rights Under the Health Insurance Portability and Accountability Act (HIPAA):

A federal law called the Health Insurance Portability and Accountability Act (HIPAA) gives you the right to see and get a copy of your health record. Most health insurance plans and health care providers including doctor's offices, clinics, hospitals, pharmacies, labs, and nursing homes must follow this law. The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) enforces the HIPAA Privacy, Security, and Breach Notification Rules, and the Patient Safety Act and Rule.

Who Must Follow HIPAA?

Entities that must follow the HIPAA regulations are "covered entities." Covered entities include:

  • Health Plans-including health insurance companies, HMOs, company health plans, Medicare, and Medi-Cal Managed Care Plans. 
  • Most Health Care Providers-those that conduct certain business electronically, such as electronically billing your health insurance including most doctors, clinics, hospitals, psychologists, chiropractors, nursing homes, pharmacies, and dentists.
  • Health Care Clearinghouses-entities that process nonstandard health information they receive from another entity into a standard (i.e., standard electronic format or data content), or vice versa.

Are Third-Party Apps Covered by HIPAA?

Most third-party apps will not be covered by HIPAA. Most third-party apps will instead fall under the Federal Trade Commission (FTC) jurisdiction and the protections provided by the FTC Act. The FTC Act, among other things, protects against deceptive acts (e.g., if an app shares personal data without permission, despite having a privacy policy that says it will not do so).

The FTC has information about mobile app privacy and security for consumers, click on the link to learn more: https://www.consumer.ftc.gov/articles/0018-understanding-mobile-apps

Know The Risks:

Before you share your health information with a mobile app or third-party, look for the privacy policy that explains how it will use your health care data. Do not use the app if it does not have a privacy policy. If the app's policy does not answer the questions below, you should not share your health information with the app. Consider the following questions:

  • What information will the app collect? Will this app also collect non-health information from my phone or computer, such as my location?
  • How will my health information be saved?
  • How will this app use my health information?
  • Will this app share my information? If so, with who and why?
  • How can I limit the app's use of my health information?
  • How does this app protect my information?
  • Does this app have customer service contact information?
  • How do I stop sharing my health information with the app?
  • Will the app delete my information when I stop sharing it?
  • Will the app let me know when there are changes to its privacy practices?

It's also important to know about the privacy settings on apps. When you download apps, they often ask for permission to access personal information like contacts, location, or even your camera. Ask yourself, does the app really need to access your location or photos to do its job?

Can Minors Share their Protected Health Information (PHI)?

Members who are under the age of 12 are not allowed to share their health data unless their parent, guardian, or other personal representative give approval.

Risks of Secondary Usage of Data by the Third-Party App(s):

A specific example of risk to your data is called secondary usage. When your data is shared with and controlled by a third-party app, they may use your data in other ways, such as for advertising. Pay close attention to the privacy policy and user agreement provided by the app.

If you think the safety of your data could be compromised by the third party, you can immediately stop sharing your BHRS-held data with them by contacting the BHRS-EHR Call Center. 

Risk of Social Engineering Scams:

Social engineering attacks, in which scammers try to access your health information, are becoming increasingly complex. Beware of people or organizations posing as representatives of third-party health apps to trick you into sharing your sensitive information. Sometimes called “phishing scams,” these could be phone calls or emails pretending to be a trustworthy company or person requesting your information.

You can protect yourself with these tips:

  • Keep your anti-virus/anti-malware software updated.
  • Use and check your email filters and spam filters.
  • Use multi-factor authentication for important accounts.
  • Don’t respond to requests for personal information or passwords.
  • Don’t open email from a suspicious source.
  • Don’t click on links received in an email from a suspicious sender.
  • Don’t download or open attachments in an email from an unknown sender.
  • Don’t use the same password for multiple accounts.

For more information on how to protect yourself from social engineering scams, or if you think you may have been a victim of such a scam, visit the FTC's site on phishing scams.

Who Manages Third-Party Apps?

Third-party apps are managed by individuals or organizations outside of Mendocino County Behavioral health and Recovery Services.