Grandparents Pharmacist
Grandparents Pharmacist
  • Home
  • What's a consult? & FAQs
  • Subscription plan & price
  • Subscribe Here!
  • The GPJ (our newsletter)
  • Meet our Team
  • Our free services
  • More
    • Home
    • What's a consult? & FAQs
    • Subscription plan & price
    • Subscribe Here!
    • The GPJ (our newsletter)
    • Meet our Team
    • Our free services
  • Sign In
  • Create Account
  • My Account

  • Signed in as:

  • filler@godaddy.com

  • My Account

  • Sign out

Signed in as:

filler@godaddy.com

  • Home
  • What's a consult? & FAQs
  • Subscription plan & price
  • Subscribe Here!
  • The GPJ (our newsletter)
  • Meet our Team
  • Our free services

Account

  • My Account

  • Sign out

  • Sign In
  • My Account

HIPAA Policy

 Last Updated: 20-Jan-2025


Our TLDR:

At Grandparents Pharmacist, we're committed to protecting your Protected Health Information (PHI). We follow strict HIPAA guidelines, train our staff, and have strong security measures in place. We only use and disclose your PHI when necessary and permitted by law. Your privacy and the security of your health information are our top priorities.


Purpose

The purpose of this policy is to ensure that Grandparents Pharmacist complies with the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the Health Information Technology for Economic and Clinical Health Act (HITECH), and all applicable state and federal privacy and security laws and regulations. We are committed to protecting the privacy and security of our clients' Protected Health Information (PHI). 


Policy Statement

Grandparents Pharmacist is dedicated to maintaining the confidentiality, integrity, and availability of all PHI that we create, receive, maintain, or transmit. We will implement and maintain appropriate administrative, technical, and physical safeguards to prevent any unauthorized use or disclosure of PHI. 


Scope

This policy applies to all workforce members of Grandparents Pharmacist, including employees, contractors, volunteers, and any other individuals who have access to PHI in the course of their work with or for our organization.


Definitions

  • Protected Health Information (PHI):  Individually identifiable health information that is transmitted by electronic media, maintained in electronic media, or transmitted or maintained in any other form or medium. This includes, but is not limited to: 
    • Demographic information (name, address, date of birth, etc.)
    • Medical history
    • Medication lists
    • Diagnoses
    • Treatment plans
    • Insurance information
    • Any other information that can be used to identify an individual and relates to their past, present, or future physical or mental health or condition. 
  • Minimum Necessary: The principle that PHI should only be used or disclosed to the minimum extent necessary to accomplish the intended purpose.
  • Workforce: Employees, volunteers, trainees, and other persons whose conduct, in the performance of work for a covered entity or business associate, is under the direct control of such covered entity or business associate, whether or not they are paid by the covered entity or business associate. 


Procedures

  1. Uses and Disclosures of PHI:
     
    • Grandparents Pharmacist will only use or disclose PHI as permitted or required by HIPAA and applicable state and federal laws.
    • We will obtain written authorization from the individual or their personal representative before using or disclosing PHI for any purpose not otherwise permitted or required by law.
    • We will adhere to the "minimum necessary" standard when using or disclosing PHI.
    • We will use or disclose PHI for treatment, payment, or healthcare operations as outlined in our Notice of Privacy Practices.

  1. Safeguards:
     
    • Administrative Safeguards: 
      • We have designated a Privacy Officer, [Insert Name and Contact Information], who is responsible for developing and implementing our HIPAA policies and procedures.
      • We will provide HIPAA training to all workforce members upon hire and at least annually thereafter.
      • We will implement appropriate sanctions against workforce members who violate this policy.
      • We will conduct regular risk assessments to identify and mitigate potential threats to the security of PHI.
      • We will maintain documentation of our HIPAA compliance efforts, including policies, procedures, training records, and risk assessments.
    • Technical Safeguards: 
      • We will use encrypted computers and secure networks to store, process, and transmit electronic PHI (ePHI).
      • We will implement access controls to ensure that only authorized workforce members have access to ePHI.
      • We will utilize audit controls to monitor access to and use of ePHI.
      • We will implement procedures for secure data backup and disaster recovery.
    • Physical Safeguards: 
      • We will restrict physical access to areas where PHI is stored or processed.
      • We will implement procedures for the secure disposal of PHI, including shredding paper documents and securely erasing electronic media.
      • We will maintain a clean desk policy to minimize the risk of unauthorized access to PHI.

  1. Individual Rights:
     
    • Grandparents Pharmacist will respect the rights of individuals with respect to their PHI, including the right to: 
      • Request access to their PHI.
      • Request amendment of their PHI.
      • Request an accounting of disclosures of their PHI.
      • Request restrictions on certain uses and disclosures of their PHI.
      • Receive confidential communications of their PHI. 
      • File a complaint if they believe their privacy rights have been violated.

  1. Breach Notification:
     
    • In the event of a breach of unsecured PHI, Grandparents Pharmacist will comply with the HIPAA Breach Notification Rule and any applicable state breach notification laws.
    • We will notify affected individuals, the Secretary of Health and Human Services (HHS), and, in certain cases, the media, without unreasonable delay and in accordance with the requirements of the law.

  1. Business Associates:
     
    • We will enter into Business Associate Agreements (BAAs) with any third-party vendors or contractors who may have access to PHI in the course of providing services to Grandparents Pharmacist.
    • We will require our Business Associates to implement appropriate safeguards to protect the privacy and security of PHI.

  1. Policy Review and Updates:
     
    • This HIPAA Compliance Policy will be reviewed and updated at least annually or more frequently as needed to reflect changes in the law, our business practices, or other relevant circumstances.


Responsibilities

  • Privacy Officer:  Responsible for overseeing HIPAA compliance, developing and implementing policies and procedures, providing training, and investigating potential breaches.
  • Workforce Members: Responsible for complying with this policy, completing required training, and reporting any potential privacy or security incidents to the Privacy Officer.


Enforcement

Violations of this policy may result in disciplinary action, up to and including termination of employment or contract, as well as potential civil and criminal penalties under HIPAA and other applicable laws. 


Contact Information

If you have any questions about this policy or our HIPAA compliance program, please contact our Privacy Officer:


David Lee

Privacy Officer 

Grandparents Pharmacist 

503-893-2095 

info@grandparentspharmacist.com

PO Box 80296 

Portland OR 97280

Copyright © 2025 Grandparents Pharmacist - All Rights Reserved.


Logo: Final drawing by Max Tower; original design concept by (E+M)KYL 

Powered by GoDaddy

  • Home
  • What's a consult? & FAQs
  • Subscription plan & price
  • Subscribe Here!
  • The GPJ (our newsletter)
  • Meet our Team
  • Our free services
  • Privacy Policy
  • HIPPA policy
  • Terms of Service

This website uses cookies.

We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.

DeclineAccept