Patient FAQs

What is HEALTHeLINK?

HEALTHeLINK is a collaboration among hospitals, physicians, health plans and other health care providers in the eight counties of western New York State to securely exchange clinical information to improve the quality of care, enhance patient safety and mitigate health care costs.

Founding members and funding organizations of this collaboration include BlueCross BlueShield of Western New York, Catholic Health System, Erie County Medical Center Corporation, Independent Health Association, Kaleida Health, Roswell Park Cancer Comprehensive Cancer Center and Univera Healthcare.

What exactly am I consenting to?

In order for health care providers involved in your care to access your medical records securely and electronically via HEALTHeLINK, authorized consent is needed. This is done through a HEALTHeLINK consent form. Western New York has community wide consent, where you only need to authorize your consent once and it’s registered within HEALTHeLINK.

What does it mean to me?

By consenting to allow your health care providers to access your medical information securely and electronically via HEALTHeLINK, you are giving them instant access to information that could improve the quality of your care, enhance safety, and mitigate health care costs through the elimination of duplicate testing. Your treating providers would have your most current medical information so they can make better medical decisions on your behalf.

How is my personal health information protected?

HEALTHeLINK takes the responsibility of the protection and security of patient health information very seriously and this continues to remain among its highest priorities. HEALTHeLINK uses state-of-the-art security features that include multiple levels of password protection to ensure authorized user access and that patient health information is kept private and confidential. As new security technologies are developed, we continue to enhance our efforts to keep patient health information as secure as possible.

Who is participating in HEALTHeLINK?

Clinical information from all of the hospitals in the eight counties of Western New York, as well as major independent laboratory and radiology centers and dozens of individual physician practices are available to health care providers through HEALTHeLINK. This means that if you have a test or procedure done at any of these facilities and have completed a HEALTHeLINK consent form, your health care providers can securely access this information. For a complete listing of health care facilities currently participating in HEALTHeLINK please click here.

Can I change my consent status at a future point?

Yes. Your consent to HEALTHeLINK can be changed at any time by simply filling out a new consent form granting or denying consent and giving the signed form to your health care provider or to HEALTHeLINK.

How do I consent to HEALTHeLINK?

Consent to HEALTHeLINK can be done at any of our participating health care providers’ offices, or by contacting HEALTHeLINK at 716-206-0993.

Can I access my records in HEALTHeLINK directly?

HEALTHeLINK is a service for your health care providers to get better access to your medical information, specifically to improve the care they provide you. This information is not currently available directly to patients through our system, however, you may request some, or all of your medical records contained in HEALTHeLINK by contacting us.  See Patient Access to Data page for more information.

Does HIPAA protect all health information?

No. You may have heard about the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules. These are federal laws that set national standards for protecting the privacy and security of health information. Health information that is kept by health care providers, health plans, and organizations acting on their behalf, such as HEALTHeLINK, is protected by these federal laws. However, you should know that there are many organizations that do not have to follow these laws.

Some examples of health information that is not covered by HIPAA include health information that patients:

  • Store in a mobile app or on a mobile device, such as a smartphone or tablet.
  • Share over social media websites or health-related online communities such as message boards.
  • Store in a personal health record (PHR) that is not offered through a health provider or health plan covered by HIPAA.

Think carefully before you post anything on the Internet that you don’t want to be made public or to be accessible by entities for purposes unrelated to your health care—do not assume that an online forum or a third-party app is private or secure.

  • Be aware that information posted on the web may remain there permanently.
  • Research third-party mobile apps, software programs that perform one or more specific functions, before you download and install any of them. Be sure to use known and trusted 3rd party apps, websites, or other services.
  • Read the terms of service and privacy notice of the mobile app to verify that the app will perform only the functions you approve and redisclose your data for purposes you approve.
  • Utilize non-profit resources like the CARIN Alliance to see if your consumer application abides by the CARIN Trust Framework and Code of Conduct.