Privacy Statement
1. Introduction
ETC Solutions LLC (“we,” “us,” or “our”) is committed to protecting the privacy and security of the personal information we receive and analyze. As a data analytics provider to pharmacies and healthcare providers, we handle sensitive information—including patient and healthcare provider data—with the highest standards of confidentiality and compliance.
This Privacy Statement explains how we collect, use, disclose, and safeguard information when providing our services.
2. Scope of Services
ETC Solutions LLC provides data analytics solutions to pharmacies to support operational, financial, and clinical decision-making. In doing so, we may process information that includes but is not limited to:
• Prescription records
• Patient demographics
• Physician prescribing patterns
• Insurance claims
• Medical history data (as permitted)
3. Information We Collect
We may collect and process the following categories of data:
a. Patient Information
• Name (when necessary and permitted)
• Date of birth
• Prescription data
• Medical history
• Insurance and billing information
• Unique identifiers (e.g., MRN, patient ID)
b. Provider Information
• Name and NPI (National Provider Identifier)
• Specialty and prescribing history
• Affiliated organizations
• Contact information (when relevant)
c. Pharmacy Data
• Dispensing records
• Refill history
• Inventory and workflow analytics
• Reimbursement and payer-related data
4. How We Use Information
We use the collected data for purposes such as:
• Providing data analytics services to contracted pharmacies
• Generating reports on prescribing trends and medication adherence
• Supporting pharmacy quality improvement and compliance
• De-identifying and aggregating data for research or benchmarking (when applicable)
5. Legal Basis and Compliance
We operate in accordance with applicable U.S. federal and state privacy laws, including the Health Insurance Portability and Accountability Act (HIPAA). As a Business Associate under HIPAA, we:
• Enter into Business Associate Agreements (BAAs) with Covered Entities (e.g., pharmacies)
• Implement appropriate technical and administrative safeguards
• Limit the use and disclosure of Protected Health Information (PHI) to permitted purposes only
We do not sell personal health information to third parties.
6. Data Security
We implement robust security measures to protect the confidentiality, integrity, and availability of data:
• Encryption of data in transit and at rest
• Role-based access controls
• Secure audit logging
• Ongoing vulnerability and risk assessments
• Staff training on privacy and data handling policies
7. Data Retention and De-identification
We retain identifiable data only as long as required for our business purposes or as directed by our clients and regulatory obligations. When possible, we de-identify data according to HIPAA standards to support research, benchmarking, and operational insights.
8. Data Sharing and Disclosure
We do not share or disclose personal information except:
• To contracted Covered Entities for legitimate business purposes
• When legally required (e.g., subpoenas, court orders)
• To authorized third-party service providers under strict confidentiality obligations
• In aggregated or de-identified form that cannot be used to identify individuals
9. Your Rights
If you are a patient or healthcare provider and your data is processed as part of our services, your rights will typically be exercised through the pharmacy or healthcare provider with whom you have a direct relationship. We assist our clients in meeting their privacy obligations, including access and correction of data when applicable.
10. Changes to This Privacy Statement
We may update this Privacy Statement from time to time to reflect changes in law, technology, or our business practices.