(NaturalNews) The CVS/pharmacy corporation recently launched a new
pharmaceutical marketing scheme that pushes customers to fill more drug
prescriptions at its stores by enticing them with cash prizes and other
rewards, an initiative that is now part of the company's "ExtraCare
Rewards Program." But a recent investigation by the Los Angeles Times (LA Times)
reveals that, in order to enroll in the new program, customers must
first surrender their medical privacy rights protected under HIPAA by
signing them away.
Known formally as the Health Insurance
Portability and Accountability Act, HIPAA was originally enacted by
Congress to guard individuals' private health information from being
sold, shared, or otherwise exploited by the medical industry or third
parties. HIPAA's Privacy Rule specifically governs how private health
information can be accessed and used legally, restricting it in such a
way as to allow health providers access only to what they actually need
in order to provide reasonable care, while protecting the rest.
You can read a summary of how HIPAA's Privacy Rules affect you here:
http://www.hhs.gov
But
CVS has apparently devised a way to bypass these protections by
tricking its customers into signing away their HIPAA protections in
exchange for store credits. According to the CVS ExtraCare Rewards
signup page, all customers must "sign a HIPAA Authorization to join," a
process that CVS fails
to explain involves customers completely giving up their right to
medical privacy. CVS discreetly admits this later on in the last step of
the process, where customers are required to acknowledge that their
"health information may potentially be re-disclosed."
"CVS takes
the liberty of assuming you know that HIPAA and the 'federal Privacy
Rule' are one and the same, although it has nowhere made the connection
clear," writes David Lazarus for the LA Times about the final
step in the signup process, which explains to customers that they are no
longer protected by the federal Privacy Rule. "The company also assumes
you are aware of what it means to no longer be protected by HIPAA,
although, again, it hasn't spelled out the implications of giving up
your HIPAA rights."
No comments:
Post a Comment