EasyRx: Gain New Customers & Boost Revenue Effortlessly

Introduction

At EasyRx, we are committed to protecting your privacy and safeguarding your personal information, including Protected Health Information (PHI) as defined under the Health Insurance Portability and Accountability Act (HIPAA). This Privacy Policy explains how we collect, use, disclose, and protect your information when you use our website, mobile application, or other services (collectively, the "Services"). By using our Services, you consent to the practices described in this policy.

Information We Collect

We collect information you provide directly, information collected automatically, and information from third parties to provide and improve our Services. Some of this information may qualify as PHI under HIPAA.

1. Information You Provide

Personal Information:When you create an account, place an order, or interact with our Services, we may collect:

Name, email address, phone number, mailing address, and date of birth.
Payment information (e.g., credit card details, billing address).
Health-related information, which may include PHI, such as prescriptions, medical history, diagnoses, or insurance details when you use our pharmacy or healthcare services.
Communications with us (e.g., customer support inquiries, which may contain PHI).

Account Information:Login credentials and preferences you set in your account.

2. Information Collected Automatically

Usage Data:We collect data about your interactions with our Services, including:

IP address, browser type, device information, and operating system.
Pages visited, time spent on our Services, and referring URLs.
Cookies and similar tracking technologies (see Section 7 for details).

Location Data:We may collect approximate location data based on your IP address or device settings, if permitted. This data is not considered PHI unless linked to your health information.

3. Information from Third Parties

We may receive information, including PHI, from healthcare providers (e.g., prescribers, pharmacies), insurance companies, or other partners to facilitate your use of our Services.
We may also receive non-PHI data from analytics providers or advertising partners.

How We Use Your Information

We use your information, including PHI, to:

Process and fulfill your orders, including prescription dispensing and shipping.
Provide healthcare-related services, such as coordinating with prescribers or pharmacies.
Communicate with you, including sending order confirmations, updates, appointment reminders, or promotional offers (you may opt out of marketing communications).
Improve our Services through analytics and user feedback, using de-identified or aggregated data where possible.
Personalize your experience, such as tailoring content or recommendations.
Comply with legal obligations, including HIPAA and other federal or state regulations.
Protect the security and integrity of our Services.

For PHI specifically, we use it only as permitted by HIPAA, such as for treatment, payment, or healthcare operations (TPO), or with your authorization when required. We may use de-identified data (data that cannot be linked to you) for research, analytics, or business purposes.

How We Share Your Information

We do not sell your personal information or PHI for monetary gain. We share your information, including PHI, only as permitted by law, including HIPAA:

Service Providers and Business Associates:We share information with trusted third-party vendors (e.g., payment processors, shipping companies, or cloud hosting providers) to perform business functions. For PHI, we share only with entities that have signed a Business Associate Agreement (BAA) as required by HIPAA.Healthcare Partners:We share PHI with pharmacies, prescribers, or other healthcare entities to fulfill your prescriptions or provide Services, consistent with HIPAA’s TPO provisions.Legal Requirements:We may disclose information, including PHI, to comply with laws, regulations, or legal processes (e.g., subpoenas, court orders, or public health reporting), as permitted by HIPAA and other applicable laws.Business Transfers:In connection with a merger, acquisition, or sale of assets, your information, including PHI, may be transferred to the new entity, subject to HIPAA compliance.Advertising and Analytics:We may share non-PHI data with third-party partners for analytics or targeted advertising, subject to your consent where required. PHI is never shared for marketing purposes without your explicit authorization.

HIPAA Privacy Practices

As a HIPAA-covered entity, we are committed to protecting your PHI in accordance with federal regulations:

Notice of Privacy Practices (NPP):This Privacy Policy serves as our NPP under HIPAA. It describes how we may use and disclose your PHI and your rights regarding your PHI.Permitted Uses and Disclosures:We may use or disclose PHI for treatment (e.g., sharing with your doctor), payment (e.g., billing your insurance), or healthcare operations (e.g., quality improvement). Other uses or disclosures require your written authorization, except as permitted by law (e.g., public health reporting).Authorizations:For certain disclosures, such as marketing or sharing PHI with non-healthcare entities beyond TPO, we will obtain your authorization through a digital signature, such as by checking a checkbox in our Services, to confirm your consent. You may revoke this authorization at any time in your EasyRx account or by contacting us, though revocation will not affect prior disclosures.Minimum Necessary Standard:When using or disclosing PHI, we strive to limit the information to the minimum necessary to accomplish the intended purpose.Breach Notification:In the event of a breach of unsecured PHI, we will notify affected individuals, the Department of Health and Human Services (HHS), and, if required, the media, as mandated by HIPAA.For a detailed copy of our HIPAA policies or to file a complaint, contact our HIPAA Privacy Officer at compliance@easyrx.com.

Your Choices and Rights

You have certain rights regarding your personal information, including PHI, subject to applicable laws:

Access and Correction:You may access or update your account information through your account settings or by contacting us. Under HIPAA, you have the right to inspect and obtain a copy of your PHI, subject to certain limitations.Amendment:You may request amendments to your PHI if you believe it is inaccurate or incomplete.Accounting of Disclosures:You may request an accounting of certain disclosures of your PHI made by us in the past six years.Restriction Requests:You may request restrictions on how we use or disclose your PHI for TPO, though we are not always required to agree.Confidential Communications:You may request that we communicate PHI in a specific way (e.g., by email instead of phone).Deletion:You may request deletion of your personal information, though we may retain certain data, including PHI, as required by law (e.g., for regulatory compliance). HIPAA does not generally require deletion of PHI.Opt-Out:You may opt out of marketing communications by following unsubscribe instructions in emails or contacting us.California Residents:Under the California Consumer Privacy Act (CCPA), you may have additional rights, such as requesting information about data collection or opting out of certain non-PHI data sharing. Note that PHI governed by HIPAA is exempt from CCPA.To exercise your rights, contact our HIPAA Privacy Officer at compliance@easyrx.com. We may require verification of your identity before processing requests.

Data Security

We implement robust technical, administrative, and physical safeguards to protect your personal information, including PHI, as required by HIPAA and other applicable laws. These measures include encryption of data in transit and at rest, access controls to limit data access to authorized personnel, regular security assessments, and employee training on data protection. Despite these efforts, no system or method of data transmission or storage is completely secure, and we cannot guarantee absolute security against all potential threats, such as unauthorized access, cyberattacks, or data breaches. In the event of a security incident, we will take prompt action to mitigate risks and comply with notification requirements, including those under HIPAA.

Cookies and Tracking Technologies

We use cookies, web beacons, and similar technologies to enhance your experience, analyze usage, and deliver targeted advertisements. Cookies may store information like session data or preferences but do not collect PHI unless linked to your account.You can manage cookie preferences through your browser settings. Disabling cookies may limit some features of our Services.

Children’s Privacy

Our Services are not intended for individuals under 18 years of age. We do not knowingly collect personal information or PHI from minors. If you believe we have collected data from a minor, please contact us at compliance@easyrx.com.

Third-Party Links

Our Services may contain links to third-party websites or services, which have their own privacy policies. We are not responsible for the practices of these third parties.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements, including HIPAA. We will notify you of significant changes by posting the updated policy on our website or by contacting you directly. Your continued use of our Services after changes constitutes acceptance of the updated policy.

Contact Us

If you have questions, concerns, or complaints about this Privacy Policy, our data practices, or our HIPAA compliance, please contact us at compliance@easyrx.com orRanch Health Jersey City LLC (EasyRx)
420 Grand Street, Inside 99 Ranch, Jersey City, NJ 07302You may also request that we help you access, modify or delete your data, or ask that we not sell or share your data, by contacting us using the information provided above.

For Pharmacies Privacy Policy

Join our Waitlist