HIPAA Privacy Policy
Effective Date: June 3, 2024
Last Updated: August 19, 2024
​
​
​
1. Introduction
This HIPAA Privacy Policy ("Policy") explains how Oval Pharmacy ("we," "us," or "our") at OvalRX.com collects, uses, stores, and discloses your protected health information ("PHI") in compliance with the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"). This Policy applies to all users of our services, including patients who use our website, OvalRX.com (the "Website").
2. Our Commitment to Your Privacy
Oval Pharmacy is committed to protecting the privacy and security of your PHI. We take our responsibilities under HIPAA seriously and have implemented policies and procedures designed to ensure that your PHI is handled in compliance with all applicable laws and regulations.
3. Collection of Protected Health Information (PHI)
3.1 Types of Information Collected
We may collect the following types of PHI from you:
-
Personal identification information (e.g., name, address, date of birth, Social Security number)
-
Medical history, medication history, and other health-related information
-
Insurance information, including policy numbers and coverage details
-
Billing and payment information
3.2 Methods of Collection
We collect PHI through:
-
Direct interactions with you when you provide information through our Website, over the phone, or in person
-
Your healthcare providers, who may share relevant PHI with us
-
Insurance companies and other third parties involved in your care
4. Use of Protected Health Information (PHI)
We may use your PHI for the following purposes:
-
Treatment: To dispense medications and coordinate your care with your healthcare providers.
-
Payment: To process billing and payment for the services we provide.
-
Healthcare Operations: To improve our services, conduct quality assessments, and manage business operations.
-
Legal Requirements: To comply with legal obligations, including responding to subpoenas, court orders, or regulatory requests.
5. Sharing of Protected Health Information (PHI)
We may share your PHI under the following circumstances:
-
With Your Consent: We will share your PHI with third parties only with your explicit consent or as authorized by law.
-
With Healthcare Providers: We may share your PHI with your doctors, nurses, or other healthcare professionals involved in your care.
-
With Insurance Companies: We may share your PHI with insurance providers to verify coverage, process claims, or obtain payment.
-
As Required by Law: We may disclose your PHI when required to do so by federal, state, or local laws, including for public health reporting, law enforcement purposes, or regulatory compliance.
6. Storage and Security of Protected Health Information (PHI)
6.1 Storage
Your PHI is stored in secure, encrypted databases that comply with HIPAA standards. We retain your PHI only for as long as necessary to fulfill the purposes outlined in this Policy or as required by law.
6.2 Security Measures
We have implemented a comprehensive set of physical, administrative, and technical safeguards to protect your PHI from unauthorized access, use, or disclosure. These measures include:
-
Encryption: All electronic PHI (ePHI) is encrypted both in transit and at rest.
-
Access Controls: Access to PHI is limited to authorized personnel who need it to perform their job functions.
-
Auditing: Regular audits are conducted to monitor access to and use of PHI.
-
Training: All employees receive regular training on HIPAA compliance and data protection practices.
7. Your Rights Regarding Your Protected Health Information (PHI)
You have the following rights concerning your PHI:
-
Right to Access: You have the right to access and obtain a copy of your PHI. You may request this information in writing by contacting us at the address provided below.
-
Right to Amend: If you believe that your PHI is incorrect or incomplete, you have the right to request an amendment. We may deny your request in certain situations, but we will provide a written explanation.
-
Right to an Accounting of Disclosures: You have the right to request a list of certain disclosures of your PHI made by us in the past six years.
-
Right to Request Restrictions: You have the right to request restrictions on the use or disclosure of your PHI. While we are not required to agree to your request, we will accommodate it if possible.
-
Right to Request Confidential Communications: You have the right to request that we communicate with you about your PHI in a specific manner or location (e.g., only at your home address or via a specific phone number).
-
Right to File a Complaint: If you believe that your privacy rights have been violated, you may file a complaint with us or with the U.S. Department of Health and Human Services. We will not retaliate against you for filing a complaint.
8. Changes to This Policy
We may update this Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any significant changes by posting the updated Policy on our Website and indicating the effective date at the top of the Policy.
9. Contact Us
If you have any questions, concerns, or requests regarding this HIPAA Privacy Policy, please contact us at:
Oval Pharmacy
Oval Pharmacy
11 Edward M Morgan Pl
New York, NY 10032
Email: contact@ovalrx.com
​
​
Thank you for trusting Oval Pharmacy with your healthcare needs. We are committed to maintaining the privacy and security of your health information in compliance with HIPAA and other applicable laws.