HIPPA Policy

This notice describes how medical information about you may be used and disclosed and how you can get access to this information. Please review it carefully.

1. What is HIPAA?

Health Insurance Portability and Accountability Act (HIPAA)

Is a federal law requiring that health care providers and health plans must protect patient information, and may not use or disclose an individual patient’s health information except for treatment, payment, or regular health care operations. Additional uses of a patient’s health information would require an advanced authorization signed by the patient.

**We must give you a notice about how we protect your information.

2. What role does Chief Privacy Officer play and who is the officer at Philly Drugstore?

The chief privacy officer is responsible for creating the privacy policy and implementing it. The officer is responsible for answering any questions anyone has about the security of patient information at Philly Drugstore.

Philly Drugstore Privacy Officer – Chadd Levine 215-423-1368
2729 N. 5th St. Philadelphia, PA 19133

3. Types Of Information

A. Protected Health Information (PHI)

Protected Health Information (PHI) refers to any patient information in any form that:

1. is created or received by a covered entity;
2. relates to a patient’s health condition in the past, present, or future;
3. and identifies the patient.

PHI is any information transmitted or maintained in any form, such as prescription records, billing records, patient profiles, and oral communications on the phone or during patient counseling.

B. De-identified Health Information

This refers to patient information that cannot be used to identify an individual. This type of information can be given out WITHOUT patient authorization.

De-Identified Is Information That DOES NOT Contain: names, street addresses, social security numbers, e-mail addresses, telephone and fax numbers, license numbers, full face photographs, med ID numbers, finger prints

De-Identified Information Can Include: city, state, zip code, date of birth, and date of death

** All other disclosures require a patient’s written authorization, which may be revoked at any time

4. What can we use your for and who can we give it to?

a.) Pharmacist CAN disclose information to another health care provider as long as the other health care provider has a treatment relationship with the patient and has informed the patient of their own privacy policy. Information shared must be only pertinent to the services being provided. Information can include (if necessary) diagnoses, social history and family history, etc.

Ex. Physician, Nurse, Etc.

b.) HIPAA does permit friends or family members to pick up prescriptions for a patient

c.) HIPAA also allows health professionals, at their discretion and with certain limitations, to speak to relatives, friends, or caregivers…unless the patient specifically requests them not to.

d.) In the case of civil matters, such as divorce proceedings, patient related health information should only be turned over pursuant to a subpoena or appropriate legal document.

e.) HIPAA does allow for incidental disclosures as long as policies are in place to protect patient information.

Ex. Talking with a patient in a semi-private counseling area, or discussing the patient’s condition at a nurses station, and someone accidentally overhears you

5. Finding out who the pharmacy gave your information (or “disclosed it”) to.

Every time the pharmacy gives your information out to someone in non-routine instances, they must keep a record of it. The records must be kept at the pharmacy for 6 years. At anytime, you may request to see those records. The records will show the name and address of the person who received the records, the date the information was disclosed, the details of the information disclosed, and the reason the information was given out. Once you ask the pharmacy to see records of disclosure, that pharmacy will have 60 days to provide them to you.

The pharmacy does NOT have to maintain detailed records when:

a.) Information is used for treatment, billing, accounting, or conversations you had directly with the patient

b.) unintended disclosures of patient health information occur, for example, if someone accidentally overhears a conversation, also do NOT need to be documented and included in the list of disclosures.

c.) Legally required to make, such as to a court under a subpoena or other law or governmental authorities

d.) If the patient authorizes the disclosure to me made

6. My Pharmacy Records

You always a right to receive a copy of your pharmacy records. Once your request is made, the pharmacy will have up to 30 days to produce that record. Certain changes can be made to record at your request and the pharmacy will have up to 60 days to consider the appropriateness of the requested changes. Once assessed, the pharmacy may make the requested changes if the pharmacy is legally able to do so.

7. Does the pharmacy need my permission to give out my information?

No as health care professionals, we do not need your permission to disclose your information to the appropriate parties for the appropriate reasons. But of course we must make sure all people and reasons are appropriate.

8. More steps we take to insure your privacy is protected:

a. All labels and vials in the pharmacy bearing your information are placed into a separate bin and destroyed in a shredder

b. All pharmacy staff are trained on the importance of protected health information and are aware that they can only disclose your information while in the pharmacy with the right people for the right reasons.

c. Philly Drugstore only provides the minimum necessary information whenever disclosing your information to anyone. Basically we only tell other providers and payers what they need to know, nothing more. And we decide based on who they are, what they can and cannot know. Meaning, just because they ask does not mean we will tell them.

d. We store some of your Protected Health Information in electronic computer files.We backup our electronic records daily, and employ other precautions to safeguard the integrity of your Protected Health Information. In spite of these precautions it is possible but unlikely that a computer crash or other technological failure could cause the loss of data. In addition reasonable safeguards are employed to protect your Protected Health Information stored on electronic media

9. Additional Questions and Concerns

If you are at all unhappy with how we have handled your information or you have any more questions regarding HIPAA you may contact:

1.) Our privacy officer:
Chadd Levine
2729 N. 5th St.
Philadelphia, PA 19133

2.) The Secretary of The United States Health and Human Services Department:
Hubert H. Humphrey Building
200 Independence Avenue SW
Washington, DC 20201

Offering free next day delivery, 6 days a week! Dismiss

Share This