We value our relationship with you and are committed to protecting your personal information. This Privacy Policy explains how your personal information may be collected, used, or disclosed. We reserve the right to make changes to this Privacy Policy as permitted by law, and in such event, we will post any such changes to this Privacy Policy. Accordingly, you should review this Privacy Policy periodically.

Personal Information

We may collect general personal information from you in connection with your use of this website. The personal information we may collect may include, among other things, your name, the last four digits of your social security number, your mailing address, your email address, and your phone number. In addition, in connection with your use of our website, our server may collect basic computer-related information related to your browsing session, including among other things, your IP address, the amount of time spent on our site, the software that you used to access our site, among other things.

We will not sell or rent to any third parties your personal information or the basic computer-related information that our website server collects during your browsing session.

We may use your personal information to contact you, whether in response to a contact initiated by you, or in order to provide you with updates concerning the services that we provide or concerning our website. We reserve the right to disclose your personal information to the extent required by law, or when necessary and in response to a judicial proceeding, an investigative proceeding undertaken by a government agency, a court order, or legal process served upon us.

We may use the basic computer-related information collected during your browsing session for our internal website development and maintenance purposes. For instance, we may use the information collected during your browsing session in order to tailor our website content or to analyze the quantity and nature of traffic to our website. In that regard, we may disclose this basic computer-related information to our web developers, who may be outside third-party consultants. However, this information will be provided on an anonymous basis, and we will require our outside consultants to protect the privacy of such information, including by maintaining its confidentiality and by not using it for purposes unrelated to our website development and maintenance purposes.

Notice of Privacy Practices for Protected Health Information

Effective beginning [date of first publish], 2011

Protected Health Information

We are required to maintain the privacy of “Protected Health Information” (“PHI”), which is information that may identify you and that relates to your past, present, or future physical or mental health or condition and related health care services. We are required to provide you with notice of our legal duties and privacy practices with respect to PHI. We are required by law to abide by the terms of this Notice.

In this Notice, we explain how we may use and/or disclose PHI, as well as your rights with respect to your PHI.

We reserve the right to change the terms of this Notice and to make any new provisions effective with respect to all PHI that we maintain. In such event, we will provide you with a revised Notice in any one of a number of ways, including by posting the new Notice on our website, sending the new Notice to your mailing address, emailing the new Notice to your email address, or providing the new Notice to you at the time a service is rendered on your behalf.

If you believe that your privacy rights have been violated, you may submit a complaint to us by contacting our Pharmacy Privacy Officer by calling (978) 400-3156, or by writing to us at 1800 A New York Avenue, Store #1 Huntington Station, NY 11746. You may also submit a complaint to the Department of Health and Human Services. More information on how to file a complaint with the Department of Health and Human Services is available on its website at http://www.hhs.gov/ocr/privacy/hipaa/complaints/index.html. Under no circumstances will we retaliate against you in anyway for filing a complaint with us or with the Department of Health and Human Services.

Your Rights under HIPAA

You are entitled to certain specified rights with respect to PHI under the Health Insurance Portability and Accountability Act (“HIPAA”). These rights are explained below. If you have any questions concerning these rights, please contact our Pharmacy Privacy Officer at __________. In addition, you may exercise any of the rights described below by contacting our Pharmacy Privacy Officer and completing the relevant necessary paperwork that our Pharmacy Privacy Officer provides to you in connection with your request.

You have a right to receive a paper copy of this Notice at any time.

You have the right to request that we restrict or limit our use or disclosure of your PHI. However, we may not be permitted to agree to your requested limitations in some cases, such as where it inhibits our ability to provide health care products or services to you or if state or federal law requires us to use or disclose your PHI contrary to your requested limitation.

You have a right to photocopies of our records that contain your PHI, including your prescriptions on file with us, our patient profile for you, and our records of billing and payment for products and services provided to you. While we will permit you to review these records during normal business hours at a mutually convenient time, we may charge you a cost-based fee for photocopies and delivery of the records that are related to fulfilling your request. If any requested records are denied, we will provide you with an explanation as to why, as well as with instructions as to how to appeal the denial, if such an appeal is available to you under federal law.

You have the right to request changes in the content of your PHI that is contained in our records if you believe the content is incomplete, inaccurate, or for some other reason needs to be changed. If we are unable to make all the requested changes in the content of your PHI in our records, we will provide a written explanation of why. You have the right to request that confidential communications concerning your PHI at alternative locations (for example, by use of a private post office box) or by alternative means specified by you (for example, by use of your personal cell phone number).

You have the right to obtain an accounting of how your PHI has been disclosed. Due to limitations under HIPAA, this accounting of PHI disclosures may not include certain disclosures, including those made for purposes of treatment, obtaining payment, and carrying out health care operation, as well as disclosures made directly to you or to persons you specifically authorize, such as family, friends, and others who assist you in your care, among other things. In addition, such an accounting may be limited to the sixyear period immediately preceding the date of your request. You are entitled to one accounting in each 12 month period free-of-charge. If you request additional accountings during the same 12 month period, we may charge you a cost-based fee for photocopying and delivery expenses that are related to fulfilling your request. We will notify you in advance of the cost, if any, of obtaining such additional accountings, and you will be given the option to withdraw your request before we prepare such additional accountings.

How We May Use or Disclose Your PHI

This section of this Notice explains the various ways in which we may use or disclose your PHI.

We may disclose your PHI to you.

We may use or disclose your PHI in connection with our treatment of you. For instance, your PHI may be used to provide health care products and services, and it may also be disclosed to other health care providers in connection your treatment. For example, we may disclose your PHI to your physician in order to coordinate care.

We may use or disclose your PHI in seeking payment for services and products we provided to you. For example, we may disclose your PHI to your health care plan in order to obtain payment.

We may use or disclose your PHI in connection with other health care operations activities. For example, your PHI may also be used or disclosed in connection with quality assessment and improvement activities or in connection with assessing the quality of care and services provided by our staff.

We may disclose your PHI as you have previously permitted or authorized us to do so, including informally. For instance, if you have given us permission to do so, we may disclose certain PHI to specified members of your family, to your friends, or to others, to the extent such disclosure is directly relevant to that person’s involvement in your care or in payment for your care.

In addition, your PHI may also be used or disclosed without your authorization in the following situations:

  1. Where required by law, regulation, or court order;
  2. To public health authorities; to FDA-regulated companies concerning regulatory information, such as the quality, safety, and effectiveness of a drug or device; and to individuals who may have been exposed to a communicable disease when such notification is authorized by law.
  3. To appropriate government authorities regarding victims of abuse, neglect, or domestic violence;
  4. To health oversight agencies for audits and investigations necessary for oversight of the health care system and government benefit programs;
  5. In a judicial or administrative proceeding in response to court/tribunal order, a subpoena, or other lawful process;
  6. To law enforcement personnel for identifying or locating a fugitive, suspect, material witness, or missing person; in response to a request for information about a victim or suspected victim of a crime; to alert law enforcement of a person’s death if criminal activity is believed to have caused it; when the protected health information is believed to be evidence of a crime occurring on our premises; or in a medical emergency when necessary to inform law enforcement about a crime;
  7. To coroners and medical examiners as needed to determine cause of death or to identify a deceased person, and to funeral directors to enable them to carry out their responsibilities with respect to a deceased person;
  8. To facilitate the donation and transplantation of cadaveric organs, eyes, and tissue;
  9. Under limited circumstances and subject to compliance with specific regulatory conditions, for research purposes;
  10. Where we believe in good faith that use or disclosure is necessary to prevent or lessen a serious and imminent threat to a person or the public;
  11. For certain governmental functions, including military, veterans, intelligence, and national security functions; protective services for the President and other officials designated under federal law; medical suitability determinations for State Department employees; and prisonrelated functions; and
  12. As authorized by and to comply with state workers’ compensation laws.

For any purpose not identified above or as otherwise permitted or required by law, we will obtain your written authorization before using or disclosing your PHI. You are entitled to revoke any such authorization in writing, and upon receipt of such a written revocation, we will discontinue use or disclosure of your PHI, except to the extent that we have already taken action in reliance upon your previous authorization.