Shopping cart

Home
Checkout
Shop
0Wishlist
0

Categories

All Categories

Upload Prescription

  1. Home /
  2. Page

Privacy Policy

Your Health Data. Your Privacy. Our Sacred Trust.

Effective Date: March 24, 2026
Last Updated: March 24, 2026

A Letter to Our Patients

At Opioids Pharm, we understand something profound: the medications you entrust us to deliver are among the most personal and sensitive aspects of your life. When you share your health information with us your name, your address, your prescription history, your diagnosis you are placing a deep trust in our hands. That trust is the foundation of our business.

We also understand the unique anxieties of the modern world. Data breaches. Identity theft. The fear that a medical condition could be exposed to an employer, a family member, or a stranger. For patients managing chronic pain, there is an additional layer of vulnerability the stigma that society unfairly attaches to opioid therapy. A breach of your privacy is not just an inconvenience; it could be a threat to your reputation, your employment, and your peace of mind.

This Privacy Policy is our binding promise to you. It is written not in dense legal jargon meant to confuse, but in clear, plain language designed to inform. We want you to know exactly what information we collect, why we collect it, how we protect it, and most importantly what we never do with it.

Our Core Privacy Commitment:

  • We will never sell your personal data.

  • We will never share your health information with marketers or advertisers.

  • We will never contact you in a way that reveals your medical status to third parties.

  • We will treat your data with the same security standards we would demand for our own families.

Please read this policy carefully. By using the Opioids Pharm website, mobile application, or services, you acknowledge that you have read and understand this policy. If you have any questions, our Privacy Officer is available directly contact details are at the end of this document.

Section 1: Information We Collect

To provide you with safe, legal, and effective pharmacy services, we must collect certain information. We categorize this information into three types: Personal Information, Protected Health Information (PHI), and Usage Data. We collect only what is necessary to serve you.

A. Personal Identification Information

This is the information that identifies you as an individual. We collect this when you create an account, place an order, or contact customer support.

  • Identity Data: Full legal name, government-issued identification (when required for age verification for controlled substances).

  • Contact Data: Shipping address, billing address, email address, and telephone number.

B. Protected Health Information (PHI)

As a pharmacy, we are a “covered entity” under the Health Insurance Portability and Accountability Act (HIPAA). This means we are legally bound to protect your health information with the highest standards.

The PHI we collect includes:

  • Prescription Information: Medication names, dosages, quantities, refill instructions, prescribing physician details, and prescription numbers.

  • Medical History Information: Information you voluntarily provide to help our pharmacists screen for drug interactions, such as allergies, current diagnoses, other medications you are taking, and relevant medical conditions.

  • Insurance Information: Insurance policy details, if you choose to submit claims for out-of-network reimbursement (though we operate primarily as a cash-pay service).

  • Verification Data: Copies of prescriptions (uploaded images), doctor verification notes, and communication with your prescribing physician.

C. Usage Data and Technical Information

When you visit our website or use our mobile app, we automatically collect certain technical data to improve your experience and secure our platform.

  • Device Information: IP address, browser type, operating system, device identifiers.

  • Usage Patterns: Pages visited, time spent on pages, clicks, search queries, and referral URLs.

  • Location Data: Approximate geographic location derived from your IP address (used to verify compliance with state shipping regulations).

  • Cookies and Tracking Technologies: Small data files stored on your device that help us remember your preferences, keep you logged in, and analyze site traffic. You can control cookie settings through your browser.

Section 2: How We Use Your Information

We use your information for one purpose and one purpose only: to deliver your medication safely, legally, and efficiently. Every use of your data flows from this core mission.

A. Pharmacy Services Fulfillment

  • To verify your identity and age before dispensing controlled substances.

  • To process and fill your prescriptions accurately.

  • To verify prescriptions with your prescribing physician.

  • To coordinate with shipping carriers to ensure timely delivery.

  • To process payments and issue refunds when necessary.

B. Safety and Compliance

  • To screen for potential drug interactions using our pharmacist review system.

  • To comply with state and federal Prescription Drug Monitoring Program (PDMP) reporting requirements.

  • To detect and prevent fraud, identity theft, or illegal activities (such as “doctor shopping”).

  • To maintain legally required records of controlled substance distributions (as mandated by the DEA).

C. Communication and Customer Support

  • To respond to your inquiries via phone, email, or live chat.

  • To send order confirmations, shipping notifications, and refill reminders (you may opt out of non-essential communications).

  • To notify you of important safety information, recalls, or changes to your medication.

  • To provide customer service related to delivery issues or billing questions.

D. Operational Improvement

  • To analyze website usage patterns and improve user experience.

  • To troubleshoot technical issues and enhance platform security.

  • To develop new features that serve patient needs.

What We DO NOT Use Your Information For:

  • Marketing to non-patients: We do not sell or rent your information to third-party marketers.

  • Cross-selling: We will never use your prescription history to market unrelated products (such as weight loss supplements or vitamins) without your explicit consent.

  • Profiling for discrimination: We do not use your health data to discriminate in pricing, service availability, or access.

Section 3: Our HIPAA Compliance Commitment

Opioids Pharm operates as a covered entity under HIPAA. This means we are legally obligated to protect your Protected Health Information (PHI) and to provide you with rights regarding that information.

A. HIPAA Privacy Rule Compliance

We maintain physical, technical, and administrative safeguards to ensure the confidentiality, integrity, and availability of your PHI. We limit access to your PHI to only those employees who need it to perform their jobs—primarily our licensed pharmacists, customer support specialists, and fulfillment staff. All employees undergo annual HIPAA training and sign confidentiality agreements.

B. Your HIPAA Rights

Under HIPAA, you have the following rights regarding your health information:

  • Right to Access: You may request a copy of your health records held by Opioids Pharm. We will provide this in a readable electronic format within 30 days of your request.

  • Right to Amend: If you believe information we hold about you is incorrect or incomplete, you may request an amendment.

  • Right to an Accounting of Disclosures: You may request a list of instances where we disclosed your PHI to third parties (excluding disclosures for treatment, payment, or healthcare operations).

  • Right to Request Restrictions: You may request that we restrict how we use or disclose your PHI. While we will consider all requests, we are not required to agree to restrictions that would impede our ability to provide safe care.

  • Right to Confidential Communications: You may request that we communicate with you about your medication through alternative means (e.g., a different phone number or email) or at alternative locations.

To exercise any of these rights, please contact our Privacy Officer using the information in Section 11.

Section 4: When We Share Your Information

We do not sell your data. However, to fulfill your prescriptions and comply with the law, we must share your information with specific, trusted third parties. Each of these partners is contractually bound to protect your data and use it only for the purposes we specify.

A. Prescribing Physicians

We share your prescription details with your prescribing physician to verify authenticity, clarify instructions, and coordinate care. This is essential for your safety and is a standard part of pharmacy operations.

B. State and Federal Regulatory Agencies

As a licensed pharmacy dispensing controlled substances, we are legally required to report certain information to:

  • Prescription Drug Monitoring Programs (PDMPs): We submit dispensing data to state PDMPs to help prevent diversion and doctor shopping. This is a legal requirement in all states where we operate.

  • Drug Enforcement Administration (DEA): We maintain records of all controlled substance transactions as required by federal law. These records are available for inspection by the DEA.

  • State Boards of Pharmacy: We provide information as required for licensing and compliance audits.

C. Shipping and Logistics Partners

We share your name, shipping address, and tracking information with our contracted carriers (such as FedEx, UPS, and USPS) to deliver your medication. We use plain packaging and a discrete return address to protect your privacy. These carriers are prohibited from using your data for any purpose other than delivery.

D. Payment Processors

We share necessary billing information with our PCI-DSS compliant payment processors (Stripe, PayPal, etc.) to process transactions. Your full payment details are encrypted and never stored on our primary servers.

E. Technology and Security Partners

We use third-party services for:

  • Cloud Hosting: Secure servers that store your encrypted data.

  • Security Monitoring: Tools that detect and prevent unauthorized access attempts.

  • Communication: Encrypted email and chat platforms to communicate with you.

Each of these partners signs a Business Associate Agreement (BAA) that legally binds them to HIPAA compliance and data protection standards.

F. Legal Obligations

We may disclose your information if required to do so by law, such as in response to a court order, subpoena, or law enforcement request. We will notify you of such requests unless prohibited by law.

What We NEVER Share:

  • Your health information with employers.

  • Your health information with family members without your explicit consent (unless required by emergency circumstances).

  • Your data with advertisers, data brokers, or marketing firms.

  • Your prescription history with insurance companies without your authorization (unless you specifically request us to submit a claim).

Section 5: Data Security, How We Protect You

We have implemented enterprise-grade security measures to protect your data from unauthorized access, alteration, disclosure, or destruction. We treat your health information with the same security standards used by major hospitals and financial institutions.

A. Encryption Standards

  • In Transit: All data transmitted between your browser and our website is encrypted using TLS 1.3 (Transport Layer Security) with 256-bit encryption. Look for the padlock icon in your browser—it means your connection is secure.

  • At Rest: Your personal information and PHI are encrypted on our servers using AES-256 encryption. Even in the unlikely event of a breach, the data would be unreadable without the encryption keys.

B. Access Controls

  • Role-Based Access: Employees have access only to the minimum necessary information required to perform their jobs. Pharmacists see full prescription details; fulfillment staff see only shipping addresses and order contents needed for packing.

  • Multi-Factor Authentication (MFA): All employees with access to patient data are required to use MFA to log into our systems.

  • Biometric Security: Access to our physical fulfillment center requires biometric verification (fingerprint scanning).

C. Network Security

  • Firewalls: Our networks are protected by advanced firewalls that monitor and block unauthorized traffic.

  • Intrusion Detection: 24/7 automated monitoring systems detect and alert us to suspicious activity, such as multiple failed login attempts or unusual data access patterns.

  • Regular Penetration Testing: We hire independent security firms to conduct regular penetration tests, attempting to breach our systems so we can identify and fix vulnerabilities before they can be exploited.

D. Physical Security

Our office and fulfillment center are located in a secure facility with:

  • 24/7 security personnel

  • Video surveillance

  • Restricted access requiring keycard and biometric verification

  • Climate-controlled storage for medication integrity

E. Incident Response Plan

In the unlikely event of a data breach, we have a formal Incident Response Plan that includes:

  • Immediate containment and investigation

  • Notification to affected patients within the timeframe required by law (typically 60 days)

  • Free credit monitoring services offered to affected individuals

  • Full cooperation with law enforcement and regulatory agencies

Section 6: Your Privacy Rights (Beyond HIPAA)

In addition to your HIPAA rights, depending on your state of residence, you may have additional privacy protections. We honor the strongest privacy protections available to our patients.

A. California Consumer Privacy Act (CCPA) Rights

If you are a California resident, you have the following rights:

  • Right to Know: You may request a disclosure of the categories and specific pieces of personal information we have collected about you.

  • Right to Delete: You may request that we delete your personal information, subject to certain exceptions (such as retaining data required for legal compliance or to complete pending transactions).

  • Right to Opt-Out: You have the right to opt out of the sale of your personal information. We do not sell your personal information, so no action is required.

  • Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.

To exercise CCPA rights, contact our Privacy Officer. We will verify your identity before responding.

B. Nevada Privacy Rights

Nevada residents have the right to opt out of the sale of their personal information. As we do not sell data, this right is automatically satisfied.

C. European Union GDPR (for EU Visitors)

While our primary patient base is in the United States, we welcome visitors from around the world. If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR), including the right to data portability and the right to withdraw consent.

Section 7: Cookies and Tracking Technologies

Our website uses cookies to enhance your experience. We believe in transparency about these technologies.

A. Types of Cookies We Use

  • Essential Cookies: Required for the website to function. These enable secure login, shopping cart functionality, and prescription uploads. You cannot opt out of these.

  • Preference Cookies: Remember your settings, such as language preference and saved login information.

  • Analytics Cookies: Help us understand how visitors use our site so we can improve functionality. We use Google Analytics with IP anonymization enabled.

B. Your Cookie Choices

You can control cookies through your browser settings. However, disabling essential cookies may prevent you from using our services. We do not use cookies to track you across other websites for advertising purposes.

Section 8: Children’s Privacy

Our services are intended for adults aged 18 and older. We do not knowingly collect personal information from children under 18. If we discover that we have inadvertently collected information from a minor, we will delete it immediately. If you are a parent or guardian and believe your child has provided us with information, please contact us.

Section 9: Retention of Your Information

We retain your information for as long as necessary to fulfill the purposes outlined in this policy, comply with legal obligations, resolve disputes, and enforce our agreements.

Specific Retention Periods:

  • Prescription Records: Federal law requires that records for controlled substances be maintained for a minimum of 2 years. We retain records for 7 years to align with standard medical record retention practices and to support patient continuity of care.

  • Account Information: If you close your account, we will retain your information for the legally required periods, after which it will be securely deleted or anonymized.

  • Financial Records: Billing records are retained for 7 years for tax and audit purposes.

Section 10: Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or regulatory guidance.

  • Minor Changes: For minor updates (such as clarification of existing terms), we will post the revised policy on our website with an updated “Last Updated” date.

  • Material Changes: For significant changes (such as new data uses or sharing practices), we will notify you directly via email and provide a prominent notice on our website. We will obtain your consent if required by law.

We encourage you to review this policy periodically. Your continued use of our services after changes take effect constitutes your acceptance of the revised policy.

Section 11: Contact Our Privacy Officer

If you have questions about this Privacy Policy, wish to exercise your privacy rights, or suspect a privacy violation, please contact our dedicated Privacy Officer:

Email: info@opioidspharm.com
(This email is monitored by the Privacy Officer and is not for customer service inquiries)

Phone: +1(319) 299-8584
(For privacy-related concerns only. For order support, please use our main support line.)

Secure Portal: Log into your account and select “Privacy Request” from the menu.

Response Time: We will respond to all privacy inquiries within 5 business days. Complex requests may take up to 30 days, and we will notify you if an extension is needed.

Section 12: Complaint Process

If you believe your privacy rights have been violated, we want to know immediately. We take all privacy complaints seriously and will investigate thoroughly.

Internal Complaint Process:

  1. Contact our Privacy Officer with details of your concern.

  2. We will acknowledge receipt within 3 business days.

  3. We will conduct a full investigation and provide a written response within 30 days.

  4. If we find that a violation occurred, we will take corrective action and notify you of the steps taken.

External Complaint Options:
If you are unsatisfied with our response, you have the right to file a complaint with:

  • Office for Civil Rights (OCR), U.S. Department of Health and Human Services:

  • Your State Board of Pharmacy: Contact information varies by state; we can provide your state’s contact details upon request.

Final Promise

We close this Privacy Policy with a simple promise: Opioids Pharm exists to serve you. Your trust is not something we take for granted—it is something we earn every day, with every package we ship, every call we answer, and every piece of data we protect.

We do not view your health information as a commodity. We view it as a sacred trust.

You are not a data point. You are a patient. You are a person fighting for relief, for dignity, and for life restored. We are honored to walk alongside you on that journey, and we pledge to guard your privacy with the same vigilance we would demand for ourselves.

Thank you for choosing Opioids Pharm.

Opioids Pharm: Precision in Medicine. Compassion in Care. Privacy as Promise.

*This Privacy Policy is effective as of March 24, 2026. A printable PDF version is available upon request. For patients with visual impairments, we offer this policy in large-print format—please contact our Privacy Officer.*

Top
Top