Privacy Policy

Health Insurance Portability and Accountability Act (HIPAA)

Consumers are becoming increasingly aware of the need for privacy and security when storing personal information online. When it comes to healthcare, the situation is no different. At a national level, the healthcare industry is moving toward electronic storage of medical records. As this situation progresses, laws have been enacted to honor the privileged nature of information exchanged between patients and their doctors. HIPAA, the guiding rule of law on patient privacy, asserts that safeguards must be in place for "protected health information", defined by that same law as "individually identifiable information." (45 CFR 160.103)

When you visit a healthcare provider or pharmacy, you will receive a Notice of Privacy Practices that details your privacy rights under HIPAA; including how your information may be used and disclosed. The notice also explains who may have access to your information. The healthcare provider or pharmacy will require you to sign a statement affirming that you received this notice.

In order to help you build a thorough and accurate health record for yourself using, you may want to obtain copies of your medical records. We suggest you contact your healthcare providers to determine what information can be made available to you. was designed to support the privacy and security requirements of HIPAA while enabling you to use the service from any computer with Internet access. This service allows you to store, change, and direct your information to healthcare providers, as well as generate a report showing to whom you have sent your information. As it pertains to, our responsibilities are to make the information you provide on our site available to you, and to administer the system to ensure that your privacy and security are protected.

The Web site is referred to simply as in this privacy statement.

Access to records

You have access to enter and update your records or to send your information from any Web-enabled personal computer to any recipient you choose, typically a physician. provides one-way access between you and your healthcare providers. This means that your providers cannot access your account; they can only receive the information you send them. will not send your information to anyone without you directing it and/or consenting to it. You can direct your healthcare provider to send information into your account by either Fax or by secure electronic message. Any messages sent into your account will appear in your mailbox and you are given the opportunity to accept or reject any information before being incorporated into your profile.

Access to records for read only access

You have the option to create an emergency access PIN for each member that can allow someone, typically an emergency responder, to see selected information from your account in a view-only mode. They must know the PIN, name, and date of birth to see the read-only summary. When some uses the PIN, you will be notified by e-mail and a log message will be viewable from within If your PIN is compromised by someone, you may change it at any time.


For free basic accounts, does display advertising based on medications, allergies, conditions (illnesses), procedures, and zip code. At no time is individual identifiable information shared with advertisers, even if you click on the ads. You may opt out of advertising after upgrading your account to a Premium or Concierge level.

Your password

Choosing a password is your responsibility. Your password helps you keep your information private and secure. Here are some important things to remember about your password:

  • Use a password that is difficult for someone to guess but easy for you to remember.
  • Your password should be at least eight (8) characters long.
  • Consider using a passphrase. For more information on passphrases, please refer to this National Institute of Standards and Technology (NIST) blog.
  • Don't use your birthday, a family name, a pet name, or other information that might be easy for someone to guess.
  • Do not tell anyone your password, including anyone from employees should NEVER ask for your password.
  • Remember to log out when you leave any personal computer.

Administrative use of

From time to time, we may collect and summarize non-personal information at for internal use, in order to continuously improve the service for you. For example, we regularly perform integrity and security checks on the system to ensure that it is functioning properly. All employees and agents of are bound by a confidentiality agreement which prohibits the access and use of data for any other purpose than to assist members. does not sell patient data, even in aggregate form.

Changes to the privacy policy

When there any changes to this privacy statement, will notify its members by posting a notice on the Web site.

Copyright - Home Page - Terms and Conditions - Privacy Policy - Contact Us