Preservation of confidentiality

According to the Protection of Privacy Law, 5741-1981, and its regulations, the Patients’ Rights Law, 5756-1996, additional legislation, and the principles of medical ethics, Meuhedet is required to maintain strict confidentiality for the information in its computer systems. Meuhedet invests significant efforts to fulfill its obligations through the use of appropriate technology, the establishment of work procedures that meets privacy regulations, ongoing auditing by professional stakeholders at Meuhedet, and periodic reviews of the effectiveness of its technological defenses.

Your medical file

Meuhedet receives client information from a variety of sources. Doctors at Meuhedet document the medical care they provide in a computerized system used to manage patient files, including various documents provided by patients, some of which are scanned and entered into the patients’ files. Medical records also collate information from Meuhedet’s central laboratories and institutions, internal and external pharmacies, hospitals, and external institutions and laboratories. The information from all these sources is stored in Meuhedet’s system and used to help caregivers provide the best and most effective treatment possible. We secure this information with the best policies and technologies available.

• Access to medical records is restricted to Meuhedet physicians who are in a doctor-patient relationship with the client.
• Doctors must swipe a patient’s magnetic card to see their files, meaning that patients control who has access to their records. After swiping the card, doctors can see the file for one year after the visit.
• Some medical information remains confidential even to doctors who have received access to the records. For example, doctors who do not deal with gynecology or mental health will not have access to those records.
• Medical records are accessible to Meuhedet doctors only at their personal workstations at the clinics they work.
• All information systems with access to medical records are stored on closed and secure computer networks. Physicians can only access the secure network via their personal workstations and must enter the workstation code, their username, and their password. Other Meuhedet staff must also follow these restrictions and can only access information they need to perform their duties.
• Only a restricted group of employees - regional doctors who perform audits or provide personal medical authorizations - has access to medical records without a direct doctor-patient relationship. The system records every time your medical records are accessed and adds it to a log file.

Meuhedet strictly follows legal procedures and permissions when transmitting information protected by law to public bodies or external stakeholders. We forward information to external stakeholders to provide medical services or following a request from clients who have signed a confidentiality waiver. We also forward information to stakeholders defined in the law, such as the National Insurance Institute and the Ministry of Health.

The Meuhedet commitment to information security

Meuhedet employs a professional to ensure information security who follows the instructions of the manager of the information and computer system department. We also rely on advice from leading national consulting firms in order to provide suggestions and support for all issues relating to information security.

Questions regarding information security

All user inquiries, including regarding information security, are handled by Meuhedet’s public inquiries department.

Questions regarding information security, like other questions, are forwarded to the responsible stakeholder at Meuhedet for a response. The public inquiries department tracks all inquiries until they receive a full and satisfactory response.

The address for public inquiries is: Meuhedet, Public Inquiries Department, Ibn Gavirol 124, Postal Code 62038, Tel Aviv

Telephone: 03-5202323

Fax: 03-5235335

 Your rights

All clients may receive information from their medical records via the “My Meuhedet” section on the website or by personally visiting their clinic and bringing their magnetic card and an ID document with a photo. 

Clients who are convinced there is an error in their medical records may contact their caregivers to enter the desired correction. If the caregiver judges that the change is needed, he or she will contact the stakeholder in charge at the medical department. Changes are made after they are authorized by the stakeholder in charge at the medical department. Clients have the right to appeal the treating doctor’s decisions with the commissioner for public inquiries.

All changes to your medical records are stored in a dedicated system.

Secure access through your personal computer

The “My Meuhedet” service allows Meuhedet clients to view their medical records. To use this service, clients must register in person at a branch. To register for the service, you will need to present identifying documentation and your magnetic Meuhedet card.

The address of the “My Meuhedet” website is preceded by the letters https (as opposed to http), indicating that your connection is encrypted.

To ensure confidentiality while browsing your personal information on the website, we recommend the following security measures: 

Your username and password are personal and confidential.

Do not give your password to others whether on or offline and even if they identify themselves as Meuhedet representatives.

Do not keep your password in a file on the computer to prevent it from being stolen via a Trojan horse program or other malware.

Choose a password that is difficult to guess, is not a word appearing in the dictionary, and which you have not used as a password for another website. 

We recommend installing antivirus software and updating it daily (you can configure the software to update itself automatically).

We recommend activating the Personal Firewall program included in the Windows XP operating system or a similar program from another supplier.

If you use a wireless network, we recommend securing your network with a username and password to prevent rogue users from accessing it.