THIS NOTICE DESCRIBES HOW YOUR PROTECTED HEALTH INFORMATION MAY BE USED AND DISCLOSED AND HOW YOU CAN ACCESS THIS INFORMATION PLEASE READ IT CAREFULLY.
The following is the privacy policy (“Privacy Policy”) of Drug Mart Pharmacy (“Covered “Entity”) as described in the Health Insurance Portability and Accountability Act of 1996 and regulations promulgated thereunder, commonly known as HIPAA. HIPAA requires Covered Entity by law to maintain the privacy of your personal health information and to provide you with notice of Covered Entity’s legal duties and privacy policies with respect to you Personal health information. We are required by law to abide by the terms of this Privacy Notice.
Your Protected Health Information (PHI)
We collect personal health information from you through prescriptions, payment and related healthcare activities, the application and enrollment Process, and/or healthcare providers or health plans, or through other means, as applicable. Your personal health information that is protected by law broadly includes any information, oral, written or recorded, that is created or received by certain health care entities, including health care providers, such as physician and hospitals, Pharmacies, Home health care agencies, as well as, health insurance companies or plans. The law specifically protects health information that contains data, such as your name, address, social security number, and others, that could be used to identify you as the individual patient who is associated wit hat health information.
Uses or Disclosures of Your Personal Health Information
Generally, we may not use or disclose your personal health information without your permission. Further, once your permission has been obtained, we use or disclose your personal health information in accordance with the specific terms of that permission. The following are the circumstances under which we are permitted by law to use or disclose your personal health information.
Without Your Consent
Without your consent, we may use or disclose your personal health information in order to provide you with services and the treatment you require to request, or to collect payment for those services, and to conduct other related health care activities otherwise permitted or required by law. Also, we are permitted to disclose your personal health information within and among our workforce in order to accomplish these same purposes. However, even with your permission, we are still required to limit such uses or disclosures to the minimal amount of personal health information that is reasonably required to provide those services or complete those activities.
Examples of treatment activities include: (a) the provision, coordination, or management of health care and related services by health care providers (b) consultation between health care providers relating to a patient; or (c) the referral of a patient for health care from one health care provider to another.
Examples of payment activities include: (a) billing and collection activities and related data processing; (b) actions by a health plan or insurer to obtain Premiums or to determine or fulfill its responsibilities for coverage and provision of benefits under its health plan or insurance agreement, determinations o eligibility or coverage, adjudication or subrogation of health benefit claims; (c) medical necessity and appropriateness of care reviews, utilization review activities; and (d) disclosure to consumer reporting agencies of information relating to collection of premiums or reimbursement.
Examples of health care activities include:(a) development of clinical guidelines; (b) contacting patients with information about treatment alternatives or communications in connection with case management or care coordination; (c) reviewing the qualifications of and training health care professionals; (d) underwriting and premium rating; (e) medical review, legal services, and auditing functions; and (f) general administrative activities such as customer service and data analysis.
As Required By Law
We may use or disclose your personal health information to the extent that such use or disclosure is required by law and the use or disclosure comply with and is limited to the relevant requirements of such law. Examples of instances in which we are required to disclose your personal health information include: (a) public health activities including, preventing or controlling disease or other injury, public health surveillance or investigations, reporting adverse events with respect to food or dietary supplements or product defects or problems to the Food and Drug Administration, medical surveillance of the workplace to evaluate whether the individual has a work-related illness or injury in order to comply with Federal or state law; (b) disclosures regarding victims of abuse neglect, or domestic violence including, reporting to social service or protective services agencies; (c) health oversight activities including, audits, civil administrative, or criminal investigations, inspections, licensure or disciplinary actions, or civil, administrative, or criminal proceedings or actions, or other activities necessary for appropriate oversight of government benefit programs; (d) judicial and administrative proceedings in response to an order of a court administrative tribunal, a warrant, subpoena, discovery request, or other lawful process; (e) law enforcement purposes for the purpose of identifying or locating suspect, fugitive, material witness, or missing person, or reporting crimes in emergencies, or reporting a death; (f) disclosures about decedents for purposes of cadaveric donation of organs, eyes or tissue; (g) for research purposes under certain conditions; (h) to avert a serious threat to health or safety; (i) military and veterans activities; (j) national security and intelligence activities, protective services of the President and others; (k) medical suitability determinations by entities that are components of the Department of State; (1) correctional institutions and other law enforcement custodial situations; (m) covered entities that are government programs providing public benefits, and for workers’ compensation.
All Other Situations With Your Specific Authorization
Except as otherwise permitted or required, as described above, we may not use or disclose your personal health information without your written authorization. Further, we are required to use or disclose your personal health information consistent with the terms of your authorization. You may revoke you authorization to use or disclose any personal health information at any time, except to the extent that we have taken action in reliance on such authorization or you provided the authorization as a condition of obtaining insurance coverage, other law provides the insurer with the right to contest a claim under the policy.
Miscellaneous Activities. Notice
We may contact you to provide appointment reminders or information about treatment alternatives or other health-related benefits and services that may be of interest to you.
Your Rights With Respect to Your Personal Health Information
Under HIPAA, you have certain rights with respect to your personal health information. The following is a brief overview of your rights and our duties with respect to enforcing those rights.
Right To Request Restrictions On Use Or Disclosure
You have the right to request restrictions on certain uses and disclosures of your personal health information about yourself. You may request restrictions on the following uses or disclosures: to carry out treatment, payment, or healthcare operations; (b) disclosures to family members, relatives, or close personal friends of personal health information directly relevant to your care or payment related to your health care, or your location, general condition, or death; (c) instances in which you are not present or your permission cannot practicably be obtained due to your incapacity or an emergency circumstance; (d) permitting other persons to act on your behalf to pick up filled prescriptions, medical supplies, X- rays, or other similar forms of personal health information; or (e) disclosure to a public or private entity authorized by law or by its charter to assist in disaster relief efforts.
While we are not required to agree to any requested restriction, if we agree to a restriction, we are bound not to use or disclose your personal healthcare information in violation of such restriction, except in certain emergency situations. We will not accept a request to restrict uses or disclosures that are otherwise required by law.
Right To Receive Confidential Communications
You have the right to receive confidential communications of your personal health information. We may require written requests. We may condition the provision of confidential communications on you providing us with information as to how payment will be handled and specification of an alternative address or other method of contact. We may require that a request contain a statement that disclosure of all or a part of the information to which the request pertain could endanger you. We may not require you to provide an explanation of the basis for your request as a condition of providing communications to you on confidential basis. We must permit you to request and must accommodate reasonable requests by you to receive communications of personal health information from us by alternative means or at alternative locations.
Right To Inspect And Copy Your Personal Health Information
Your designated record set is a group of records we maintain that includes Medical records and billing records about you, or enrollment, payment claims adjudication, and case or medical management records systems, as applicable. You have the right of access in order to inspect and obtain a copy of your personal health information contained in your designated record set, except for (a) psychotherapy notes, (b) information complied in reasonable anticipation or for use in, a civil, criminal, or administrative action or proceeding, and (c) health information maintained by us to the extent to which the provision of access to you would be prohibited by law. We may require written requests. We must provide you with access to your personal health information in the form or format requested by you, if it is readily producible in such form or format, or, if not, in a readable hard copy form or such other form or format. We may provide you with a summary of the personal health information requested, in lieu of providing access to the personal health information or may provide an explanation of the personal health information to which access has been provided, if you agree in advance to such a summary or explanation and agree to the fees imposed to such summary or explanation. We will provide you with access as requested in a timely manner, including arranging with you a convenient time and place to inspect or obtain copies of your personal health information or mailing a copy to you at your request. We will discuss the scope, format, and other aspects o our request for access as necessary to facilitate timely access. If you request a copy of your personal health information or agree to a summary or explanation of such information, we may charge a reasonable cost-based fee for copying, postage, if you request a mailing, and the costs of preparing an explanation o summary as agreed upon in advance. We reserve the right to deny you access to and copies of certain personal health information as permitted or required by law. We will reasonably attempt to accommodate any request for personal health information by, to the extent possible, giving you access to other personal Health information after excluding the information as to which we have a ground to deny access. Upon denial of a request for access or request for information we will provide you with a written denial specifying the legal basis for denial, a statement of your rights, and a description of how you may file a complaint with us. If we do not maintain the information that is the subject of your request for access but we know where the requested information is maintained, we will inform you of where to direct your request for access.
Right To Amend Your Personal Health Information
You have the right to request that we amend your personal health information or a record about you contained in your designated record set. We have the right to deny your request for amendment, if: (a) we determine that the information or record that is the subject of the request was not created by us unless you provide a reasonable basis to believe that the originator of the information is no longer available, (b) the information is not part of your designated record set maintained by us, (c) the information is prohibited from inspection by law, or (d) the information is accurate and complete. We may require that you submit written requests and provide a reason to support the requested amendment. If we deny your request, we will provide you with a written denial stating the basis of the denial, your right to submit a written statement disagreeing with the denial, and a description of how you may file a complaint with us or the Secretary of the U.S. Department of Health and Human Service “DHHS”). This denial will also include a notice that if you do not submit a statement of disagreement, you may request that we include your request for amendment and the denial with any future disclosures of your personal health information that is the subject of the requested amendment. Copies of all requests denials, and statements of disagreement will be included in your designated record set. If we accept your request for amendment, we will make reasonable efforts to inform and provide the amendment within a reasonable time to persons identified by you as having received personal health information of yours prix o amendment and persons that we know have the personal health information that is the subject of the amendment and that may have relied, or could foreseeably, on such information to your detriment. All requests for amendment shall be sent to Drug Mart Pharmacy, 1249 W. 7th St., South Plainfield, NJ 07080.
Right To Receive An Accounting Of Disclosures Of Your Personal Health Information
Beginning April 14, 2003, you have the right to receive a written accounting of all disclosures of your personal health information that we have made within the six (6) year period immediately preceding the date on which the accounting is requested. You may request an accounting of disclosures for a period of time less than six (6) years from the date of the request. Such disclosures will include the date of each disclosure, the name and, if known, the address of the entity or person who received the information, a brief description of the information disclosed, and a brief statement of the purpose and basis of the disclosure of in lieu of such statement, a copy of your written authorization or written request for disclosure pertaining to such information. We are not required to provide accountings of disclosures for the following purposes: (a) treatment, payment, and healthcare operations, (b) disclosures pursuant to your authorization, (c) disclosures to you, (d) for a facility directory or to persons involved in your care, (e) for national security or intelligence purposes, (f) to correctional institution, and (g) with respect to disclosures occurring prior to 4/14/03. We reserve our right to temporarily suspend your right to receive an accounting of disclosures to health oversight agencies or law enforcement officials, as required by law. We will provide the first accounting to you in any twelve (12) month period without charge, but will impose a reasonable cost-based fee for responding to each subsequent request for accounting within that same twelve (12) month period. All requests for an accounting shall be sent to Drug Mart Pharmacy, 1249 W. 7th St., South Plainfield, NJ 07080.
Complaints
You may file a complaint with us and with the Secretary of DHHS if you believe that your privacy rights have been violated. You may submit you complaint in writing by mail or electronically to our privacy officer at Drug Mart Pharmacy, 1249 W. 7th St., South Plainfield, NJ 07080.
A complaint must name the entity that is the subject of the complaint and describe the acts or omissions believed to be in violation of the applicable requirements of HIPAA or this Privacy Policy. A complaint must be received by us or filed with the Secretary of DHHS within 180 days of when you knew or should have known that the act or omission complained of occurred. You will not be retaliated against for filing any complaint.
Your Data Protection Rights Under the California Consumer Privacy Act (CCPA)
The California Consumer Privacy Act ("CCPA") provides consumers with specific rights regarding their Personal Information. If you are a California resident, you have the right to:
• Request we disclose to you free of charge the following information covering the 12 months preceding your request: (a) the categories of Personal Information about you that we collected; (b) the categories of sources from which the Personal Information we collected; (c) the purpose for collecting Personal Information about you; (d) the categories of third parties to whom we disclosed Personal Information about you and the categories of Personal Information that was disclosed (if applicable) and the purpose for disclosing the Personal Information about you; and (e) the specific pieces of Personal Information we collected about you;
• Request we delete Personal information we collected from you, unless the CCPA recognizes an exception;
• If the business sells Personal Information, you have a right to opt-out of that sale.
Consistent with California law, if you choose to exercise your applicable rights, we will not charge you different prices or provide you a different quality of services. If we ever offer a financial incentive or product enhancement that is contingent upon you providing your Personal Information, we will not do so unless the benefits to you are reasonably related to the value of the Personal Information that you provide to us. If you are a California resident and wish to exercise your rights under the CCPA, please contact us at info@drugmartpharmacy.com.
What Personal Information About Customers Does This Site Gather?
The information we learn from customers helps us personalize and continually improve your shopping experience at this site. Here are the types of information we gather.
• Information You Give Us: We receive and store any information you enter on our Web site or give us in any other way. You can choose not to provide certain information, but then you might not be able to take advantage of many of our features. We use the information that you provide for such purposes as responding to your requests, customizing future shopping for you, improving our stores, and communicating with you.
• Automatic Information: We receive and store certain types of information whenever you interact with us. For example, like many Web sites, we use “cookies,” and we obtain certain types of information when your Web browser accesses this site. A number of companies offer utilities designed to help you visit Web sites anonymously. Although we will not be able to provide you with a personalized experience at this site if we cannot recognize you, we want you to be aware that these tools exist. Information from Other Sources: We might receive information about you from other sources and add it to our account information.
reCAPTCHA Information
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Do we use Cookies? Yes
• Cookies are alphanumeric identifiers that we transfer to your computer’s hard drive through your Web browser to enable our systems to recognize your browser and to provide features in the purchasing process, personalized greetings, and storage of items in your shopping cart between visits.
• The Help portion of the toolbar on most browsers will tell you how to prevent your browser from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether. However, cookies allow you to take full advantage of some of this site’s coolest features, and we recommend that you leave them turned on.
Does This Site Share the Information It Receives?
Information about our customers is an important part of our business, and we are not in the business of selling it to others. We share customer information only as described below controls that either are subject to this Privacy Notice or follow practices at least as protective as those described in this Privacy Notice.
• Affiliated Businesses We Do Not Control: We work closely with our affiliated businesses. You can tell when a third party is involved in your transactions, and we share customer information related to those transactions with that third party.
• Agents: We employ other companies and individuals to perform functions on our behalf. Examples include fulfilling orders, delivering packages, sending postal mail and e-mail, removing repetitive information from customer lists, analyzing data, providing marketing assistance, providing search results and links (including paid listings and links), processing credit card payments, and providing customer service. They have access to personal information needed to perform their functions, but may not use it for other purposes.
• Promotional Offers: Sometimes we send offers to selected groups of customers on behalf of other businesses. When we do this, we do not give that business your name and address.
• Business Transfers: As we continue to develop our business, we might sell or buy stores, subsidiaries, or business units. In such transactions, customer information generally is one of the transferred business assets but remains subject to the promises made in any pre-existing Privacy Notice (unless, of course, the customer consents otherwise). Also, in the unlikely event that we are acquired or assigned, customer information will of course be one of the transferred assets.
• Protection of our store and Others: We release account and other personal information when we believe release is appropriate to comply with the law; enforce or apply our Terms and Conditions of Use and other agreements; or protect the rights, property, or safety of this company, our users, or others. This includes exchanging information with other companies and organizations for fraud protection and credit risk reduction. Obviously, however, this does not include selling, renting, sharing, or otherwise disclosing personally identifiable information from customers for commercial purposes in violation of the commitments set forth in this Privacy Notice.
• With Your Consent: Other than as set out above, you will receive notice when information about you might go to third parties, and you will have an opportunity to choose not to share the information.
How Secure Is Information About Me?
• We work to protect the security of your information during transmission by using Secure Sockets Layer (SSL) software, which encrypts information you input.
• We reveal only the last five digits of your credit card numbers when confirming an order. Of course, we transmit the entire credit card number to the appropriate credit card company during order processing.
• It is important for you to protect against unauthorized access to your password and to your computer. Be sure to sign off when finished using a shared computer.
Which Information Can I Access?
This site gives you access to a broad range of information about your account and your interactions with this site for the limited purpose of viewing and, in certain cases, updating that information.
Children
This site does not sell products for purchase by children. We sell children’s products for purchase by adults. If you are under 18, you may use this site only with the involvement of a parent or guardian.
Conditions of Use, Notices, and Revisions
If you choose to visit this site, your visit and any dispute over privacy is subject to this Notice and our Terms and Conditions of Use, including limitations on damages, arbitration of disputes, and application of the law of the State of New Jersey. If you have any concern about privacy at this site, please contact us with a thorough description, and we will try to resolve it.
Our business changes constantly, and our Privacy Notice and the Terms and Conditions of Use will change also. We may e-mail periodic reminders of our notices and conditions, unless you have instructed us not to, but you should check our Web site frequently to see recent changes. Unless stated otherwise, our current Privacy Notice applies to all information that we have about you and your account. We stand behind the promises we make, however, and will never materially change our policies and practices to make them less protective of customer information collected in the past without the consent of affected customers.
Information You Give Us
You provide most such information when you search, buy, bid, post, participate in a contest or questionnaire, or communicate with customer service. For example, you provide information when you search for a product; place an order through this site or one of our third-party sellers; make an auction bid or purchase; provide information in your account (and you might have more than one if you have used more than one e-mail address when shopping with us) or about you; communicate with us by phone, e-mail, or otherwise; complete a questionnaire or a contest entry form; provide employer information when opening a corporate account. As a result of those actions, you might supply us with such information as your name, address, and phone numbers; credit card information; people to whom purchases have been shipped, including addresses and phone number; people (with addresses and phone numbers); e-mail addresses of other people; content of reviews and e-mails to us; and financial information, including Social Security and driver’s license numbers.
Automatic Information
Examples of the information we collect and analyze include the Internet protocol (IP) address used to connect your computer to the Internet; login; e-mail address; password; computer and connection information such as browser type and version, operating system, and platform; purchase history, which we sometimes aggregate with similar information from other customers; the full Uniform Resource Locator (URL) clickstream to, through, and from our Web site, including date and time; cookie number; products you viewed or searched for. During some visits we may use software tools such as JavaScript to measure and collect session information, including page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page.
Information from Other Sources
Examples of information we receive from other sources include updated delivery and address information from our carriers or other third parties, which we use to correct our records and deliver your next purchase or communication more easily; account information, purchase or redemption information, and page-view information from some merchants with which we operate co-branded businesses or for which we provide technical, fulfillment, advertising, or other services; search results and links, including paid listings (such as Sponsored Links from Google); and credit history information from credit bureaus, which we use to help prevent and detect fraud and to offer certain credit or financial services to some customers.
Information You Can Access
Examples of information you can access easily at this site include up-to-date information regarding recent orders; personally identifiable information (including name, e-mail, password, communications preferences, and address book); payment settings (including credit card information and gift certificate, gift card, and check balances); e-mail notification settings; guides, and personal profile.
Amendments to this Privacy Policy
We reserve the right to revise or amend this Privacy Policy at any time. These revisions or amendments may be made effective for all personal health information we maintain even if created or received prior to the effective date of the revision or amendment. We will provide you with notice of any revisions or amendments to this Privacy Policy, or changes in the law affecting this Privacy Notice, by mail or electronically within 60 days of the effective date of such revision, amendment, or change.
On-going Access to Privacy Policy
We will provide you with a copy of the most recent version of this Privacy Policy at any time upon your written request sent to Drug Mart Pharmacy, 1249 W. 7th St., South Plainfield, New Jersey 07080.
For any other requests or for further information regarding the privacy of your personal health information, and for information regarding the filing of a complaint with us, please contact our privacy officer at the telephone number listed above.