Your Prescriptions Are Not a Secret
Think only your doctor and pharmacist know what medications you take? Here's the truth.
When you fill a prescription, you probably assume that the fact that you’re taking a medication is between you, the pharmacist, and your doctor. But a surprising number of people have access to your prescription history, which can include sensitive information like credit card numbers and your Social Security number.
Three Ways Your Information Gets Out
Pharmacies and doctors are legally bound to safeguard your prescription records and not give them to, say, an employer. (Learn more about the laws that protect your privacy.) But your records can still be shared and used in ways you might not expect, by:
- Pharmacy chains and their business partners. Pharmacies and the drug and device makers they do business with are legally allowed to remind you about refills and recently lapsed prescriptions, and provide “advice” about adhering to treatments. So if you take insulin, for example, you might get mail or email ads about a new insulin pump or supplies for testing blood sugar.
- Insurance companies. When you apply for life, disability, or long-term-care insurance, the carriers are permitted to hire information-service firms to analyze your medication records and score your health risk.
- Data miners. Pharmacies and companies that administer insurance-company drug benefits sell prescription records to so-called data miners that remove information that can identify you and “mine” or analyze the rest.
That information can be used for the public good, for example, as a basis for medical research. But this “de-identified” data can also be bought by drug makers, who use it to track prescribing patterns. That gives them an edge in persuading doctors to prescribe their products, sometimes in place of cheaper or more appropriate alternatives. And some companies have already found a way to match your de-identified data to websites you go to so they can then target you with ads.
Medication records can also be a gold mine for criminals, who may use them to get drugs illegally or file false insurance claims. High-tech data theft makes headlines, but “privacy breaches frequently arise from preventable human errors,” such as a pharmacy clerk forgetting to shred paper prescriptions, says Michelle De Mooy, deputy director of the Center for Democracy & Technology’s Privacy and Data Project. CVS, Rite Aid, and Walgreens have paid millions of dollars in settlements for disposing private patient information improperly. So think twice before allowing credit card numbers and especially Social Security numbers to be included in the office records of your pharmacy or doctor.
Reducing Privacy Risks
You can’t completely secure your prescription information, but you can minimize the potential for problems:
- Check records. Keep a log of the drugs you take and periodically ask your pharmacy and insurance company for copies of your prescription records to check for accuracy. If you’ve applied for life, disability, or long-term-care insurance in recent years, the three major reporting agencies, MedPoint (844-225-8047), Milliman Intelliscript (877-211-4816), and the Medical Information Bureau (866-692-6901) will give you a free copy of any medication history those insurers have requested that are in their files.
- Say no to marketing. You may be able to opt out of reminders or ads related to your medication.
- Ask doctors to opt out. Healthcare providers can indicate that they don't wish to share de-identified prescription information with drug makers through the American Medical Association’s Prescription Data Restriction Program.
- "De-identify" containers. Cover labels or remove identifying information on medicine containers with a permanent marker before discarding. See our report for the best ways to get rid of unwanted medication.
- Complain. If you think a pharmacist has breached your privacy, file a complaint with your state board of pharmacy. Find contact information for your state board at the National Association of Boards of Pharmacy.
For more information on how health data is used and how you can reduce the risks of abuse, see Consumer Report's free downloadable guide Medical Data: What You Need to Know Now.
Editor's Note: These materials were made possible by a grant from the state Attorney General Consumer and Prescriber Education Grant Program, which is funded by a multistate settlement of consumer fraud claims regarding the marketing of the prescription drug Neurontin (gabapentin).
Has your privacy regarding your medications been breached?
Tell us about it in the comments below.