How safe is your prescription
information online?

Your prescriptions are part of your protected
health information. Understand how it is
used, shared and protected.

May 25, 2022 | 3 minute read

The prescription medicines you take are part of your private health information. Knowing who has access to your information, understanding how that information will be used and taking steps to keep it secure can put you at ease that your privacy is maintained.

Typically, when you need a new prescription, your pharmacist receives your request from either your health care provider, your previous pharmacy, or from the documentation you have provided.

To ensure you receive the best possible health care, your pharmacist may require more information to complete your prescription. He or she may need to inquire about other medicines or supplements you are taking, to make sure everything you take works well together. They may also need to know if you have any other health conditions that are relevant for the prescription being filled.

If you are using a reputable pharmacy, the pharmacist enters the information contained within your prescription and other pertinent health information into a secure database that is required by federal law under the Health and Information Portability Act (HIPAA). This law protects you from having any of your health information shared without your knowledge or consent.

The HIPAA Privacy Rule regulations apply to every healthcare provider, including pharmacists, who have access to your protected health information (PHI). Other staff, such as customer service and billing may also have access to your prescription information and must follow this privacy law, too.

Throughout the prescription process, a reputable pharmacy team keeps your PHI secure through a specially designed pharmacy database. The database has protocols such as encryption, which is the process of converting your data into a code to prevent unauthorized access, as well as other security measures.

When selecting a pharmacy that you can trust with your PHI, look for security standards such as these to ensure your information is safe:

  • They follow HIPAA practices. If you are using an online pharmacy, look for the HIPPA Compliant seal on their website, showing they are HIPPA verified.

  • They adhere to the HIPAA Privacy Rule standards that address the use of individuals’ protected health information.

    • The Privacy Rule gives you, with few exceptions, the right to inspect, review, and receive a copy of all your personal health records, including both medical-related and billing.

    • The Rule also gives individuals rights to examine and obtain a copy of their health records, to request transmission to a third party, an electronic copy of their protected health information, and to request corrections.

  • They are certified by LegitScript. LegitScript certification means that the drug dispensing business adheres to all privacy laws and regulations in the area they serve. They must prove that the transmission of any information that would be considered Protected Health Information (PHI) under the HIPAA Privacy Rule occurs following HIPAA requirements.

  • They are willing and able to provide you with a copy of their privacy policy and details on how they may use your information. If a pharmacy is unwilling to do this, consider it a red flag that it might not be a secure place for your health information.

Your health information is yours. You have a right and a personal responsibility to understand who has access to it, what they are using it for and how it is kept secure.

Learn more about the DiRx privacy policy and all we do to ensure your personal health information is kept safe.

This content has been approved by Rima Arora, PharmD, RPh, DiRx Director of Pharmacy