NOTICE OF PRIVACY PRACTICES
What is HIPAA?
HIPAA is a law passed by Congress in 1996 to improve the efficiency and effectiveness of the healthcare system. It requires health care professionals to adhere to privacy and security standards in order to protect their patient’s Personal Health Information (PHI). PHI is confidential information about a patient, including demographic information.
What are my rights under HIPAA?
Under HIPAA you have a right to request the following as long as a request is made in writing to the attention of the Privacy Officer and applicable fees are paid. There is a possibility that your request may be denied. If your request is denied we will explain why it was denied in writing.
You have a right to inspect and obtain a copy of your PHI. We will respond to your request within 30 days. In most cases your request will be honored and a copy of your PHI will be mailed to you.
You have a right to request an amendment of PHI. If you feel that your PHI is inaccurate or incomplete, you may request an amendment to your PHI. We will respond to your request within 60 days. If we honor your request we will amend your PHI and notify you and applicable parties. We will deny your request if we determine your PHI to be correct or complete, if your request was not created by us, or if PHI is not available for inspection.
You have the right to know what disclosure(s) of your PHI have been made. You have a right to request a listing of who your PHI was sent to, when it was sent, what content of your PHI was sent and for what purpose. We will respond to your request within 60 days. There will be no charge to you for an initial request. Additionally, your request may not include disclosures made for national security reasons, to law enforcement officials/correctional facilities, or disclosures made prior to April 14, 2003.
You have a right to request confidential communications of PHI. We will honor all reasonable requests to keep communications confidential. A reasonable request is one that specifies an alternative address, gives other means of contact and provides detailed information on how payment will be handled.
You have a right to request restrictions on the use and disclosure of PHI, however we are not required to agree to your request. Your request must state specific restrictions requested and to whom the restrictions would apply.
You have a right to receive a hard copy of this notice.
How will PrescriptionGiant Use and Disclose PHI under HIPAA?
HIPAA allows us to use and disclose your PHI for the purposes of Treatment, Payment and Healthcare Operations. We will specifically use and disclose your PHI to communicate with your physician and to, upon request, assist your insurance company with the processing of your claims. Additionally, we will use your basic demographic information to notify you of new services or facilities. Your authorization is not required for Use and Disclosure of PHI for the purposes of Treatment, Payment and Healthcare Operations. Listed are other instances in which Use and Disclosure of your PHI is allowed without your authorization.
USE AND DISCLOSURE OF PHI
- Use and Disclose PHI for Public Health Activities – Examples include: communicable diseases, sexually transmitted diseases, lead poisoning, Reyes Syndrome, etc., to public health officials.
- Disclose PHI about Victims of Abuse, Neglect, or Domestic Violence – Examples include: child abuse and neglect; an abused or neglected nursing home resident; a patient over 60 years old involved in elder abuse.
- Uses and Disclosure of Health Oversight Activities – we may use and release PHI to be used for audits, investigations, licensure issues, etc
- Disclosure for Judicial and Administrative Proceedings – we may disclose limited PHI to the appropriate authorities as a result of a court order subpoena, discovery request, etc.
- Disclosure for Law Enforcement Purposes – we may disclose reasonably necessary PHI to law enforcement officials to identify or locate a suspect, fugitive, material witness or missing person.
- Uses and Disclosures Related to Decedents – we may use and disclose PHI to a coroner or medical examiner and funeral directors as required by law.
- Uses and Disclosures Related to Cadaveric Organ, Eye or Tissue Donations – we may use and release PHI in order to facilitate organ, eye or tissue donations.
- Uses and Disclosures to Avert a Serious Threat to Health or Safety – we may use and release PHI to public health and other authorities required by law in order to prevent a serious threat to your health or safety.
- Uses and Disclosures for Specialized Government Functions – we may use and release PHI for military/veterans activities and national security/intelligence activities.
- Use and Disclosure of PHI in Emergency Situations – in the event of an eminent threat to the safety of a patient, we may disclose PHI to prevent or lessen the threat.
What does HIPAA require of PrescriptionGiant?
PrescriptionGiant must maintain the privacy of PHI, abide by the terms of this notice and provide patients with a revised notice, if necessary.
Where can I file a privacy complaint?
If you feel your privacy rights have been violated, contact PrescriptionGiant at 877-823-1273 or contact the regional Department of Health and Human Services at 312-886-2359.
DISCLOSURE OF NON-PHI INFORMATION
What information does PrescriptionGiant collect from you?
You can visit our site and use most of our services without having to tell us who you are or reveal any personally identifiable information to us. There are, however, a few instances where we do collect personally identifiable information in order to fulfill your request.
Whenever you visit PrescriptionGiant, our web server logs automatically receive and record from your web browser including your IP Address, PrescriptionGiant cookie information, the PrescriptionGiant page(s) you request, the time spent on each web page and any search terms you query.
For your safety and protection, your credit card information is not stored on our servers. Our payment gateway provider, Intuit Merchant Services, keeps this information encrypted and secure on your behalf.
The email address you provide for order processing, will only be used to send you information and updates pertaining to your order. If you decide to opt-in to our mailing list, you will receive emails that may include company news, updates, related product or service information, promotions, etc. However, you may opt-out at any time by clicking the unsubscribe option located at the bottom of the e-mail communication.
Do any third parties receive or collect your information through PrescriptionGiant?
In the few instances where PrescriptionGiant collects personally identifiable information, PrescriptionGiant will not share it with other companies or individuals unless:
- We have your permission to share the information;
- We need to share your information with certain third parties with which we have a business relationship in order to provide a product or service you have requested. Unless we tell you otherwise, these third parties do not have the right to use your personal information we share with them beyond what is necessary to deliver your requested product or service; or
- We have to comply with subpoenas or court orders.
Furthermore, PrescriptionGiant will not sell or disclose your personally identifiable information as customer lists to anyone. Nor will we share with anyone personally identifiable information about you that is of medical, financial or sexual nature.