Catalina Health Resource

Intelligent DTC & DTP

• Home
• Start Here
  • Matching patients
    with messages
  • What types of messages
    are sponsored?
  • How is PatientLink Not Traditional Advertising?
  • The CHR Network
  • Parent Company
• Our Products
  • PatientLink™
  • CheckoutRx®
  • PharmAware®
  • PatientLinkMC™
• Patient Privacy
• Patient Benefits
• Client Benefits
  • How do companies make
    use of CHR?
• Retail Pharmacy Benefits
  • How do retail pharmacy
    chains make use of CHR?
• How We Measure Results
  • Program Results
  • Research Methodology
• Contact Us

Hypertension. On medication and non-compliant. Education could improve this.

Patient Privacy

Protection of patient privacy is not, and never will be, a matter for debate within CHR. The trust placed in us by patients and pharmacists is our greatest asset, and not something we will ever place in jeopardy. Catalina Health Resource (CHR) programs are compliant with the federal Privacy Rule, implementing the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). (The Privacy Rule is the primary federal law that protects patient privacy).

We do understand, however, that the powerful data management capabilities which CHR has built can make a person wonder about what information we "see" as we help their pharmacist fill their prescriptions. We hope this page answers those questions.

CHR does not see or take possession of any information that would allow us to personally identify a patient. CHR carries out its programs without having access to that information by using a filtering and encryption process that resides on the pharmacy’s "side" of the information transaction. Before any information is transmitted to CHR, the process removes all information that might be used to identify a particular person, and replaces it with a number that is unique to that particular file of information. It is that number, rather than the identity of the individual, that is used to create messages and select patients that match those messages. The individual’s name, address, social security number -- even the patient’s home zip code -- all stay on the pharmacy side of this filtering process and cannot pass through to the CHR side of the transaction. Once identifying information is completely filtered out from a record, the information remaining in the file is used to create a communication that patients will find useful, relevant, and helpful.

To further protect the patient’s privacy, CHR does not possess the ability to "reverse" this process. Once the pharmacy has removed the personally identifiable information and then assigned the unique number to the information file, it cannot be restored by anyone in CHR. CHR’s processes have been reviewed by an independent HIPAA-compliance auditor, which has certified that CHR does not receive individually identifiable information (or information that can be used to identify an individual) from any of its partner pharmacies.

Finally, CHR does not keep any information that would allow the company or any message sponsor to identify a patient after the transaction, nor does CHR sell names or maintain a database of patient-identifiable information. In fact, we could not contact a patient outside of the pharmacy, even if we wanted to, since the necessary personal information is not available to us. CHR is proud to have developed a system that allows us to provide important and relevant health information to consumers in a way that does not violate the patient’s right to privacy.