Log In: MyHealthRecord (2022)


Last updated May 16, 2018

Greenway Health, LLC (“Greenway”, “We” or “Us”), operates and hosts the MyHealthRecord.com patient portal website and services (the “Service”) on behalf of health care providers who provide services to patients who register and utilize the Service (Your “Provider” or “Providers”). This privacy policy (the “Privacy Policy”) identifies the information that is collected during Your use of the Service, as well as the ways in which We may Use or Disclose such information. This Privacy Policy is incorporated into and made a part of the Terms of Service applicable to the Service.

1. Agreement to Privacy Policy

By visiting the MyHealthRecord.com website and/or utilizing the Service, you agree to accept the practices described in this Privacy Policy and consent to the collection and use of information as discussed in this Privacy Policy. If You do not agree with the terms of this Privacy Policy, or the Terms of Service, please do not use the MyHealthRecord.com website or the Service.


2. Modifications to Privacy Policy

We may revise this Privacy Policy at any time. Should any new Privacy Policy take effect, We will notify you that a change has occurred by posting notice on the Service (on the MyHealthRecord.com website, utilizing the secure messaging features of the Service, or through other reasonable means). However, each time that you visit the MyHealthRecord.com website or use the Service, you should check the date of this Privacy Policy (set forth above) and review any changes that have been made since You last visited the MyHealthRecord.com website or utilized the Service. By continuing to visit the MyHealthRecord.com website or utilizing the Services after any such changes are posted, you will agree and consent to any such changes.

3. Applicability of this Privacy Policy

This Privacy Policy applies solely to the MyHealthRecord.com website and Service and provides you information on the specific information that We may collect from you via the MyHealthRecord.com website Service and how We may use it in connection with the MyHealthRecord.com website and Service, whether you are using the Service as a patient or a Provider.

If you are a patient or legal representative, your Provider’s use and disclosure of Your identifiable health information is subject to your Provider’s Notice of Privacy Practices. We cannot control any Provider’s use of a patient's identifiable health information. If you are a patient or legal representative of a patient, please contact your Provider for a copy of their Notice of Privacy Practices. We provide the Service on behalf of your Provider and therefore protect identifiable health information as required by the applicable agreement between Us and your Provider and in accordance with applicable law. This Privacy Policy does not in any way govern Our collection, use or disclosure of Your identifiable health information in connection with any relationship that we may have with your Provider other than as the operator and host of the Service; any such collection, use or disclosure is governed by the Business Associate Agreement that We have with your Provider, and all applicable laws. If you have any issues with the identifiable health information managed by your Provider, please contact them directly, as we have no ability to change the information you have provided them.

4. Disclosure of Information Practices

Whether you are a patient or a Provider, if we collect information from or about you via the Service, we will tell you what information we are collecting. The amount and type of information that we receive depends on how you use this Service and the information you choose to submit to us via the Service.

(Video) Understanding the My Health Record emergency access (break glass) provision – Private Hospitals

Whether you are a Provider or patient user, we may track use of your user name and may also capture the paths taken as you move from page to page (i.e., your "click stream" activity). When you log in, your user name and encrypted password will be logged by our system in an audit log but will not be used by us.

As a user of the Service and if available, you may also choose to use the secure messaging feature of the Service which will allows the exchange of communications between patients and the clinicians who treat them and which may contain identifiable health information. We record and maintain communications sent via this feature. Service users have the ability to view the trail of messages received and sent via their Service account. We do not edit the content of the communications between patients and Providers.

A. Identifiable Health Information

You are not required to provide identifiable health information to visit the MyHealthRecord.com website. However, if you are a patient or the legal representative of a patient, you must provide certain identifiable health information in order to complete your registration for the Service and to access the health records maintained by your Provider.

If you are a patient (or the legal representative of a patient), we will collect identifiable health information from you with your knowledge during the registration process and in the event you request information or services. We may collect any identifiable health information that you provide to us, such as your name, address, email address, gender, birth date and phone number. If you access the Service patient registration via the link provided by your physician, certain basic information may be prefilled into your Service registration, which you will need to verify.

When you register for the Service via the MyHealthRecord.com website, the registration process requires you to choose a user name and password for your account, which you should keep and maintain as confidential. If you choose to share your user name and password you understand that those individuals to whom you share that information will have access to your identifiable health information and will be able to add to your identifiable health information as though they were you. You will be responsible for all activities by users resulting from sharing or not maintaining the confidentiality of your user name or password, as more fully described in the Terms of Service. If you are a registered patient user of the Service, your identifiable health information (or that of the patient for whom you are the legal representative) currently stored electronically in your Provider’s records will become accessible to Us in order to provide you access to such information through the Service.

B. Non-Identifiable Health Information

We and/or any third party website analytics vendor (e.g. Google Analytics) on Our behalf, may also collect nonidentifiable information, which is automatically collected as you browse or otherwise access this Website and Service. We may collect such information by tracking, or asking our analytics vendor to track, your clickstream activity when such information is not tied to a user ID through the use of "cookie" technology or by tracking internet protocol (IP) addresses, as explained below.

C. Cookies

Like many companies, we may use "cookie" technology on and off of the MyHealthRecord.com website and Service. “Cookies” are small pieces of information that are stored by your browser on your computer’s hard drive. They enhance your online experience by saving your preferences while you are visiting a particular website. The cookies do not contain any identifiable health information and cannot profile your system or collect information from your hard drive.

When you view the MyHealthRecord.com website or Service we may place a cookie on your computer, which may be either temporary or permanent. Temporary cookies are used to complete transactions with the MyHealthRecord.com website or Service and for other purposes such as counting the number of visits to our web pages. These temporary cookies are eliminated when you exit your browser.

A permanent cookie may also be stored on your computer by your browser. When you log in, this type of cookie tells us whether you've visited us before or if you are a new visitor. The cookie doesn't obtain any identifiable health information about you or provide us with any way to contact you, and the cookie doesn't extract any information from your computer.

In addition to the cookies from MyHealthRecord.com, which are used to allow you to log in, we also use a cookie from Google, Inc., via Google Analytics. This cookie provides us with anonymous data. It measures website traffic, tells us how visitors use this site, and distinguishes unique users. You can find out more about how Google uses this data by going to http://google.com/policies/privacy/partners/.

(Video) Getting Connected To My Health Record Step by step including NASH 2

This cookie collects the following information: time when you entered and left this website; pages you visited in this website; how long pages took to load; what browser, operating system, and type of device you used to access this website; the city closest to you; and whether you've visited MyHealthRecord.com before.

The "help" portion of the toolbar on most browsers will tell you how to prevent your browser from accepting certain types of cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether. Please note that disabling temporary cookies may prevent you from using and accessing the Service. Disabling permanent cookies may also impact your use and access of the Service and in particular will not allow you to see any personalization (including your health record) on the Service that you may activate.

In addition, if you visit the MyHealthRecord.com website again after deleting a cookie, a new cookie may be activated.

Since third parties may use their own cookies when you click on a hypertext link to their site or service, you should carefully review the privacy policy of other sites you link to from the MyHealthRecord.com website or Service.

D. IP Addresses

We may also log and track IP addresses for systems administration purposes and for reporting usage trends. Your IP address is usually associated with the physical place from which you enter the Internet, the name of the domain and host from which you access the Internet, the browser software you use and your operating system, and the date and time you access the Website or Service. By collecting your IP address, we may record the page that linked you to this Website, the web pages you visit, the ads you see or click on, and other information about the type of web browser, computer, platform and settings you are using, and any search terms you enter on this Website or Service. IP addresses are not used to track an individual user’s session. This information only helps us determine how often different areas of the MyHealthRecord.com website and Service are visited. We may combine nonidentifiable information collected automatically (such as through IP addresses, cookies or clickstream monitoring) with any previously submitted personal information that we may have received from you.

E. Geographic Location

We may collect your geographic location based on your IP address and other location based data.

F. Surveys

Users of the Service may have the opportunity to participate through the Service in various surveys depending on the survey and as permitted by law. Any survey responses that you choose to submit may be aggregated, deidentified and provided or sold to third parties as set forth below.

5. How Will Your Information Be Used And Disclosed?

We will not sell, share or rent the information that is collected via the Service to others in ways that differ from what is disclosed in this Privacy Policy.

A. Identifiable Health Information

(Video) Registering for My Health Record via PRODA

We may use any identifiable health information or other information that you voluntarily provide us in order to provide you with information, products or services that you may request from Us.

If you are a patient or the legal representative of a patient, any identifiable health information that you share via the Service will be made accessible to your Provider and will become a part of the records maintained by your Provider, which records are subject to your Provider’s Notice of Privacy Practices.

To the extent permitted by applicable law, We may use your participation in the Service to communicate to you special offers and featured items, whether from Us, Our affiliates, our suppliers or vendors, or other third parties. If you are receiving additional communications and special offers, you may revoke your authorization to receive such materials at any time by contacting Us using the contact information below or as outlined in the applicable communication. We will implement your revocation as soon as is commercially reasonable. We cannot control any communications and other materials that you may receive directly from third parties.

We will also use your information to customize your browsing experience and communicate with you and otherwise respond to your questions and suggestions regarding use of the Service as may be permitted by applicable law.

We may share your information only with Our suppliers and vendors to the limited extent permitted by applicable law. We require those suppliers and vendors to comply with all applicable data privacy laws and regulations, including HIPAA. We do not sell, lease or rent your identifiable health information. We may also use your geographic location to provide you with specific content and direct you to your closest service providers to the extent permitted by applicable law.

B. NonIdentifiable Health Information

The nonidentifiable, aggregated health information we collect may be shared with our suppliers and vendors and used in the aggregate to create summary statistics that help us analyze website usage trends, assess what information is of most and least importance, determine technical design specifications, arrange the Website in the most user-friendly way, and identify system performance or problem areas.

C. Aggregate Data

We may aggregate and deidentify in accordance with HIPAA identifiable health information, either alone or with other data to create anonymous "aggregate data" regarding the users of the MyHealthRecord.com website and Service. Aggregate and deidentified data is information that describes the habits, treatment plans, usage patterns, other medical record data and/or demographics of users as a group but does not reveal the identity of particular users. This data will not identify you, but will be used as statistical information to determine such things as user demographics and usage patterns of the MyHealthRecord.com website and Service. We may use aggregate data to understand the needs of our community of users and determine what kinds of programs and services we can help provide. Aggregate data may also be provided or sold to third parties, including for the purpose of getting targeted content to you by third party vendors, suppliers, business partners and/or affiliates a picture of our community and services and/or participation in surveys or receipt of emails from third parties.

D. Other Use and Ownership

We also reserve the right to share your information collected from the MyHealthRecord.com website or Service with third parties to the extent permitted by applicable law including but not limited to the requirements under HIPAA, and, in the case of identifiable health information, pursuant to the Business Associate Agreement that we have with Your Provider.

We maintain full rights to any information collected on the MyHealthRecord.com website or Service, and may freely collect, use and disclose such information unless prohibited by this Privacy Policy or applicable law as stated above.

E. Security

(Video) How to add an advance care planning document to My Health Record

No website can guarantee security or that loss, misuse or alteration to data hosted by or on, or accessed by or through, a website will not occur. To mitigate these risks, we maintain physical, administrative, electronic, technical and procedural safeguards to help protect your personal information collected via the Service as required by applicable law. We use industry standards, such as Secure Socket Layers ("SSL") or Transport Layer Security (“TSL”) technology, to help safeguard against such occurrences. In certain areas, the information passed between your browser and our system is encrypted with SSL or TSL technology (which covers any messages, Personally Identifiable Information or communications that you direct to Us or to your Provider using the secure messaging services) to create a protected connection between you and the MyHealthRecord.com website to ensure confidentiality. Our data center is both physically and electronically secured. Our servers are protected from open access to the Internet by using firewall and encryption technology. We limit access to personally identifiable information about you to our employees and third party agents who we reasonably believe need to have access to your information to provide you with the information or services you request via the Service. In the event that a breach in our security systems occurs and there is a possibility that an unauthorized person acquires your personal information, we will notify you of such a breach as may be required by applicable law.

F. Access

We will maintain your information and allow you to request updates at any time by logging into your Service account to access your information. You should first consult your Provider to make any updates to your information stored in your electronic health record; however, if you are unable to update through your provider, you may contact Us using the contact information set forth below and We will take steps to make sure that any updates that you provide are processed in a timely and complete manner.

G. What if I am accessing this Service from outside of the United States?

If you are visiting our Website or Service from outside the United States, please be aware that your information may be transferred to, stored or processed in the United States, where our servers are located and our central database is operated. The data protection and other laws of the United States and other countries might not be as comprehensive as those in your country, but please be assured that we take steps to protect your privacy. By using the Website or Service, you understand that your information may be transferred to our facilities and those third parties with whom we share it as described in this privacy policy.

H. Transfer of Data

In the event of a change in control of Greenway or sale by Greenway of substantially all of its assets or other acquisition, merger or reorganization, any information owned by or in the control of Greenway may be transferred to such Greenway successor, who will comply with the terms of this Privacy Policy.

I. Important Note Regarding Children

This Website and Service is not directed toward children under 13 years of age and We do not knowingly collect or use information from children under 13 through this Website or Service. Any information submitted via the Service regarding a minor under the age of 13 must be submitted by the minor's legal representative. To the extent permitted by applicable state law, minors may access their identifiable health information through their physician.

6. What if I have questions or concerns regarding this Privacy Policy?

If you have any questions about this Privacy Policy or the use of your information by Us please contact the Privacy Officer at Greenway Health, LLC, 4301 W. Boy Scout Blvd., Suite 800 Greenway Blvd., Tampa, FL 33607.

If you wish to cancel your registration or be removed from the email list, please contact your physician office.


1. How to find information in My Health Record
2. My Health Record using Fred Dispense
3. UHS My health record
(University Hospital Southampton)
4. Understanding the My Health Record Emergency Access Provision: Webinar Review
(My Health Record)
5. Online Results: Accessing My Health Record
6. 29 Sept 2020 Webinar - Digital Health Basics - PRODA, HPOS, and the Healthcare Identifier Service

You might also like

Latest Posts

Article information

Author: Stevie Stamm

Last Updated: 04/27/2022

Views: 5729

Rating: 5 / 5 (60 voted)

Reviews: 91% of readers found this page helpful

Author information

Name: Stevie Stamm

Birthday: 1996-06-22

Address: Apt. 419 4200 Sipes Estate, East Delmerview, WY 05617

Phone: +342332224300

Job: Future Advertising Analyst

Hobby: Leather crafting, Puzzles, Leather crafting, scrapbook, Urban exploration, Cabaret, Skateboarding

Introduction: My name is Stevie Stamm, I am a colorful, sparkling, splendid, vast, open, hilarious, tender person who loves writing and wants to share my knowledge and understanding with you.