Privacy Policy and HIPAA Notice of Privacy Practices

Latest Updated Sep 19, 2024

Envy Pharmacy ("we," "us," or "our") respects your privacy and is committed to protecting the privacy of your personal information, including any Protected Health Information (PHI) as defined by the Health Insurance Portability and Accountability Act (HIPAA). This document outlines how we collect, use, disclose, and safeguard your information when you visit our website or interact with our services. Please read this document carefully. By using our services or accessing our website, you agree to this Privacy Policy and HIPAA Notice of Privacy Practices.

1. Information We Collect

We may collect both personal information and health-related data in different ways, including:

  • Personal Data: Information such as your name, email address, phone number, and any other contact details that you voluntarily provide when you fill out forms, subscribe to newsletters, or contact us.

  • Protected Health Information (PHI): As a healthcare provider, we may collect health-related information about you in connection with your treatment or use of our pharmacy services, as permitted by HIPAA. This may include your medical history, prescriptions, insurance information, and other details necessary for us to provide pharmacy services.

  • Derivative Data: Information that our servers automatically collect when you access our website, such as IP address, browser type, operating system, and pages viewed.

2. How We Use Your Information

We use your information in the following ways:

  • For Treatment, Payment, and Healthcare Operations: Your PHI is used and disclosed in connection with providing you healthcare services, processing payments, and running our operations, in compliance with HIPAA regulations.

  • To Provide and Manage Services: Personal information collected through the website is used to manage your inquiries, account, or requested services.

  • To Comply with Legal Obligations: We may use or disclose your information when required by law, including for public health reporting, law enforcement requests, or other legal matters.

  • To Improve Your Experience: We may analyze usage trends to improve our website and services.

3. Your Rights Regarding PHI

Under HIPAA, you have certain rights related to your Protected Health Information (PHI):

  • Right to Access: You have the right to request and receive a copy of your PHI.

  • Right to Amend: If you believe your PHI is incorrect or incomplete, you have the right to request an amendment.

  • Right to Restrict Disclosures: You can request restrictions on certain uses and disclosures of your PHI, although we may not be able to accommodate all requests.

  • Right to Confidential Communications: You may request that we communicate with you in a specific way or at a certain location.

  • Right to File a Complaint: You can file a complaint if you believe your privacy rights have been violated. You can also contact the U.S. Department of Health and Human Services.

4. Disclosure of Your Information

We may share information we collect in certain situations, such as:

  • By Law or to Protect Rights: We may disclose information as required by law or to protect our legal rights.

  • With Third-Party Service Providers: We may share your data with vendors or service providers who assist us in delivering services, such as hosting services, data analysis, or payment processing.

  • Business Transfers: In the event of a merger or sale, your information may be transferred as part of the business assets.

5. Cookies and Similar Technologies

We may use cookies and similar tracking technologies to enhance your experience on our website and to analyze traffic. These include:

  • Essential Cookies: Necessary for the basic functioning of our website.

  • Performance and Analytics Cookies: Help us understand how you interact with our website and improve our services.

You can manage your cookie preferences through your browser settings.

6. Security of Your Information

We implement appropriate technical and administrative security measures to protect your information. However, no method of transmission over the Internet or electronic storage is completely secure, and we cannot guarantee absolute security.

7. Third-Party Websites

Our website may contain links to third-party websites. We are not responsible for the privacy practices of these websites. Please review their privacy policies when visiting third-party sites.

8. HIPAA Compliance and PHI Disclosures

We are required by law to maintain the privacy of your PHI and provide you with this Notice of our legal duties and privacy practices. We will only disclose your PHI as outlined in this policy, unless you provide written consent or as required by law. You may revoke your consent at any time in writing, except where disclosures have already been made based on your initial consent.

9. Breach Notification

If there is an unauthorized disclosure or breach of your PHI, we will notify you in compliance with HIPAA regulations and applicable laws.

10. Your Privacy Rights and Choices

Depending on your location, you may have additional privacy rights, such as:

  • Access and Rectification: The right to request copies of your personal or health-related information and correct any inaccuracies.

  • Deletion: The right to request the deletion of your personal data, where applicable by law.

To exercise your rights, contact us at [your email address].

11. Changes to This Policy

We may update this Privacy Policy and HIPAA Notice from time to time to reflect changes in our practices or legal requirements. We will notify you by updating the "Last Updated" date at the end of this policy. Please review this document periodically.

12. Contact Information

If you have any questions or concerns about this Privacy Policy, your PHI, or your privacy rights, please contact to us at chris.vo@envypharmacy.com