HIPAA Compliance & Patient Privacy Protection
HIPAA Compliance & Patient Privacy Protection
Your trust is our priority. As a healthcare delivery service, we maintain the highest standards of patient privacy and data security.
OUR COMMITMENT TO HIPAA COMPLIANCE
PharmDL LLC is a HIPAA-compliant Business Associate dedicated to protecting your Protected Health Information (PHI). We adhere to all federal regulations under the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health (HITECH) Act.
What This Means for You:
• Your prescription and medical information is encrypted and secured at every step
• Our drivers undergo rigorous HIPAA certification training before handling any deliveries
• We maintain strict chain-of-custody protocols for all medical items
• We never share your information with unauthorized third parties
| Safeguard Category | Our Implementation |
| Administrative | Annual HIPAA training for all drivers; signed Business Associate Agreements with every pharmacy partner; dedicated Privacy Officer; incident response protocols |
| Physical | Lockable, temperature-controlled vehicle compartments; tamper-evident packaging; secure pickup/delivery verification with photo documentation |
| Technical | Encrypted mobile devices and tracking systems; secure cloud storage with access controls; automatic session timeouts; no PHI stored on personal devices |
WHAT COUNTS AS PROTECTED HEALTH INFORMATION (PHI)
We treat the following as sensitive PHI requiring maximum protection:
• Patient names, addresses, and dates of birth
• Prescription details and medication information
• Medical record numbers and insurance information
• Delivery addresses linked to medical items
• Any photos or documentation from delivery sites
Important: Even your delivery address becomes PHI when linked to prescription medications.
YOUR RIGHTS UNDER HIPAA
As a patient using our services, you have the right to:
1. Access your delivery and privacy records
2. Request restrictions on how we use your information
3. Receive confidential communications (alternative delivery addresses, specific time windows)
4. File a complaint if you believe your privacy rights have been violated
5. Receive notification in the unlikely event of a data breach
To exercise these rights, contact our Privacy Officer at privacy@pharmdl.com or (800)291-0103 Ext 3
HOW WE USE YOUR INFORMATION
We ONLY use your PHI for:
• Delivering your prescriptions and groceries to your specified address
• Contacting you regarding delivery coordination (time windows, access issues)
• Proof of delivery documentation (signature, photo, timestamp)
• Emergency contact with your pharmacy regarding delivery issues
We NEVER:
• Sell your information to third parties
• Use your information for marketing without explicit consent
• Share details with grocery recipients if separate from prescription recipient
• Store your information longer than required by law (6 years maximum)
BREACH NOTIFICATION PROTOCOL
In the unlikely event of a privacy breach, we commit to:
1. Immediate containment of the breach within 1 hour of discovery
2. Notification to affected pharmacies within 24 hours
3. Patient notification within 60 days as required by federal law
4. Full cooperation with investigations and corrective actions
5. Credit monitoring services if financial information is involved
DRIVER CERTIFICATION & TRAINING
All PhrmDL LLC drivers must complete:
• ✅ 2-hour HIPAA certification course covering PHI handling, minimum necessary rule, and breach recognition
• ✅ Bloodborne Pathogen training (OSHA compliant) for handling medical items
• ✅ Background check and confidentiality agreement
• ✅ Annual refresher training with competency verification
• ✅ Role-specific scenarios: lost packages, wrong addresses, public conversation protocols
BUSINESS ASSOCIATE AGREEMENTS (BAAs)
We maintain signed BAAs with every healthcare partner, ensuring:
• Clear definitions of permitted PHI uses
• Specific safeguards for delivery services
• 24-hour breach notification requirements
• Full indemnification for HIPAA violations caused by our service
• Secure data return/destruction upon contract termination
COMPLIANCE VERIFICATION
Our Credentials:
• Certificate of HIPAA Compliance (renewed annually)
• Commercial insurance: $2M professional liability, $1M cyber liability
• California business license and commercial vehicle registration
• Regular third-party compliance audits
Questions about our compliance?
Contact our Compliance Officer: Compliance@pharmdl.com | (800)-291-0103 Ext.3
LAST UPDATED
2026 | Version 1.0