Privacy Policy

myNorthernLightHealth Privacy Policy

Revised: September 17, 2020

Northern Light Health is committed to protecting your privacy and the security of the information you entrust with us. This privacy policy (Policy) describes how Northern Light Health obtains and discloses your health information through the Northern Light Health patient portal, which is called myNorthernLightHealth. Your use of myNorthernLightHealth is governed by the terms of this Policy, and by using or accessing this patient portal you agree to be bound by this Policy. View the Northern Light Health Notice of Privacy Practices here for more complete information on how Northern Light Health uses and discloses your medical information.

Health Information in the Patient Portal
myNorthernLightHealth provides a view into your healthcare provider's electronic medical record (EMR) and allows you to communicate securely with your provider. Use of myNorthernLightHealth only allows you to view some of the information in your provider’s EMR. All of the information you can view in myNorthernLightHealth is maintained and managed in your provider’s EMR – this information is not separately maintained or managed in myNorthernLightHealth.

Information You Contribute to the Patient Portal
When you enter information in myNorthernLightHealth, that information is stored in your provider's EMR where it is accessible to members of your provider's care team and staff based on your provider's policies and procedures. Information that becomes a part of your provider's EMR remains in your provider's EMR even if you stop using the patient portal. You have the right to submit a correction or clarification to your protected health information if you believe that the information, we have about you is incorrect or incomplete. For more information contact the appropriate person listed at the end of the Northern Light Health Notice of Privacy Practices.

Sharing Your Health Information with Others
It is your choice to electronically share your information that is accessible through myNorthernLightHealth. When you share your information with another individual, this other individual will have access to all of your information. Northern Light Health recommends that you do not share your health information with others unless you know the content of that information. If you do choose to share your information with another individual, you acknowledge and accept responsibility for the decision to provide them access to all of your information, including potentially sensitive information.

How We Use Your Information
  • Personal Information – Northern Light Health works with a company called Cerner to provide the patient portal to you. Cerner maintains limited information about you, such as your name, date of birth, and medical record number to ensure you are connected to your own medical record. Northern Light Health uses this information to confirm your identity when you sign into the patient portal. Cerner has agreed not to use or disclose your personal information except to help us provide the patient portal.
  • Site Usage Information - Site usage information may be used by Northern Light Health to support analysis of the services being provided to you. Site usage information is specific to the way you use
myNorthernLightHealth and does not include your health information. Your personally identifiable information is removed and cannot be connected to you in any way.
IP Addresses (Server Log Information) – An IP address is a number automatically assigned to your computer whenever you access the Internet.
All computer identification on the Internet is based on IP addresses that allow computers and servers to recognize and communicate with each other. Northern Light Health collects IP addresses in order to administer the patient portal, understand and manage site access, and analyze use and demand. Northern Light Health also uses IP addresses to identify individuals violating the patient portal Terms of Use or who are threatening the service, site, content, users, or others.
myNorthernLightHealth will have security measures in place to prevent the loss, corruption, unauthorized access to or alteration of the information collected and retained within the scope of the Northern Light Health network.

Use of Cookies and Single-Pixel GIF Files
The patient portal places a text file called a 'cookie' in the browser files of your computer. A cookie is a small data file transferred by a website to your computer’s hard drive. Accepting the cookies used on our site does not give us access to your personal information but does identify your computer. The patient portal cookies only track your movement within myNorthernLightHealth. Most browsers automatically accept cookies by default, but you can usually refuse cookies or selectively accept certain cookies by adjusting the preferences in your browser. If you disable cookies in your Internet browser, you will be unable to log into myNorthernLightHealth.

Security Breach
If there is ever a breach of the security of your information, Northern Light Health, Kryptiq, and/or Cerner may be required by law to notify you. By accepting this Policy, you authorize Northern Light Health, Kryptiq, and/or Cerner to send any such notification to the email address you have provided within your account. If you prefer notification by first-class U.S. mail, you can select that option in the Notifications section of your Account Settings and provide us with a mailing address.

Deleting Your Patient Portal Account
To delete your portal account, you can call our support line, which is available to you 24 hours a day, 7 days a week, 365 days a year by calling 1-877-621-8014 or contact your provider to notify him or her that you no longer wish to receive communications via myNorthernLightHealth. Deletion of your myNorthernLightHealth account will not remove any information from your provider’s EMR.

Children's Privacy Protection
You must be at least 18 years old (or an emancipated minor) to establish portal connection.  A parent/guardian has the ability to request portal access for children through age 13. Children ages 14 through 17 are not provided the ability to use myNorthernLightHealth. Upon turning 18, the child may obtain an account as an adult and all Terms of Use apply. Exceptions to this may be granted for certain populations including cases of permanent guardianship or emancipated minors. Some Maine laws concerning minors restrict, permit or require disclosure of protected health information to parents, guardians, and persons acting in a similar legal status. We will act consistently with Maine law and only make disclosures in accordance with these laws.

View the Northern Light Health Notice of Privacy Practices here.
Northern Light Health will not condition treatment on whether or not you agree to participate in myNorthernLightHealth. We will not deny treatment if you decide not to participate.

Acadia Hospital/Acadia Healthcare and dedicated substance abuse/mental health programs will not release your protected health information to other Northern Light Health affiliates or other healthcare providers in order to treat you without your written authorization, except in the case of an emergency to provide you with the treatment you require. As a result, you may see some information twice within myNorthernLightHealth.


Effective: March 13, 2013

Northern Light Health may change this Policy at any time without advance notice to you. However, Northern Light Health will take reasonable steps to notify you of material changes it makes to the Policy. You are responsible for regularly reviewing this Policy. Your continued use of myNorthernLightHealth constitutes your acceptance of the revised terms.