Frequently Asked Questions about HealthInfoNet
Q: What information is used to identify patients in the system?
A: Information used to identify patients in the system is: name, date of birth, sex, address, Medical Record Number, and Social Security Number.
Q: Is it against HIPAA rules for you to have shared my information?
A: No. HIPAA does not require patient consent when information is used to support treatment, as is the case with HealthInfoNet.
Q: What if I receive care at a health care organization that is not participating in HealthInfoNet, what happens to my record?
A: Only providers who are participating in HealthInfoNet can access and include information in the system. If your provider does not participate with HealthInfoNet, they will continue to update your medical record in their own system, and they will share your medical records as they always have, by mail, email or fax. However, the goal is that all providers in Maine will participate in the future.
Q: I read that information from mental health providers will not be included, but what if my therapist prescribes medication for me, shouldn’t that be part of my record?
A: It is true that information generated by a licensed mental health provider or facility will not be included in the HealthInfoNet system at this time. If the prescriptions you are taking are included in your medical record at a participating provider like us, then they will be included. For more information about this, call HealthInfoNet or visit their website.
Q: What if there is a mistake on my record, how will I get that fixed?
A: Your HealthInfoNet record includes information created by the health care providers caring for you. If you know of an error, please let you provider know about that, so that they can update the information. Once they do this, it will be automatically updated in HealthInfoNet.
Q: How far back will my records go?
A: You may have records dating back to as early as December of 2008, because this is when the large number of organizations started participating in the system. Your medical information from MDI Hospital was included starting as early as March 19, 2012. Your original medical record is not being replaced; it will be maintained just as it has always been.
Q: How can I find who has viewed my record? Is there a record of who has viewed my health information and why?
A: HealthInfoNet will keep track of who views your record, and offers patients’ access to audit reports. Please let us know if you have questions and concerns about access to your record.
Q: Will my medical information be posted on the Internet or sold for someone’s mailing list?
A: No. HealthInfoNet uses a secure private network that is not connected to the Internet. Information that identifies you will not be sold and you will not be added to any mailing list.
Q: How often is the system checked for security failures/hackers?
A: Security tests are performed on an ongoing basis, to make sure that the records remain secure. For more information about security, please contact HealthInfoNet directly.
Q: How can I be sure my information is secure?
A: MDI Hospital believes the most important aspect of participating with HealthInfoNet, which is the State of Maine’s designated Health Information Exchange, is that the patient data is transmitted at the highest level of security. The information that is transmitted from MDIH into the exchange is sent through a Virtual Private Network (VPN) utilizing 256-bit encryption, the most stringent security protocol that is currently available. As patient data is accessed via the HealthInfoNet portal, it undergoes an additional layer of encryption via a secure, HTTPS connection to ensure personal information is protected at all times.