etHIN complies with all state and federal privacy, security, and confidentiality laws, including HIPAA (Health Insurance Portability and Accountability Act of 1996). It is important for you to know that authorized healthcare providers may only access patient information for patients with whom they have a relationship to support treatment, payment, or operational activities.
etHIN and healthcare providers are subject to strict policies and procedures to protect patient information. All clinicians must complete a stringent onboarding process in order to become etHIN authorized users. All user activity within the Health Information Exchange (HIE) is monitored and audited to enforce compliance with those policies.
You may request an audit of your records at any time by contacting one of your healthcare providers who participates with etHIN (etHIN Participants).
Because etHIN is contracted with healthcare providers to furnish health information exchange services, we cannot provide information directly to a patient. For that reason, the audit report will be sent to your provider who will deliver it to you. The audit will allow you to see when your medical records were accessed and by which provider.