Article Image
News Link • Business/ Commerce

CVS pharmacies 'bribing' customers to abandon medical privacy protections

 But a recent investigation by the Los Angeles Times (LA Times) reveals that, in order to enroll in the new program, customers must first surrender their medical privacy rights protected under HIPAA by signing them away.

Known formally as the Health Insurance Portability and Accountability Act, HIPAA was originally enacted by Congress to guard individuals' private health information from being sold, shared, or otherwise exploited by the medical industry or third parties. HIPAA's Privacy Rule specifically governs how private health information can be accessed and used legally, restricting it in such a way as to allow health providers access only to what they actually need in order to provide reasonable care, while protecting the rest.

You can read a summary of how HIPAA's Privacy Rules affect you here:

But CVS has apparently devised a way to bypass these protections by tricking its customers into signing away their HIPAA protections in exchange for store credits. According to the CVS ExtraCare Rewards signup page, all customers must "sign a HIPAA Authorization to join," a process that CVS fails to explain involves customers completely giving up their right to medical privacy.

Join us on our Social Networks:


Share this page with your friends on your favorite social network: