Privacy Policies – SMS Messaging Service

Last Updated: 12/22/2025

General Information 

ral Information 

Trinity Pharmacy (“we,” “our,” “the Pharmacy”), located at 2797 S. Maryland Pkwy, STE 28, Las Vegas, NV 89109, is committed to protecting your privacy. This policy describes how we collect, use, and protect your personal information in connection with our SMS messaging service for customer care. 

Personal Information Collected 

Through our SMS service, we may collect the following information when you respond to our questions: 

• First and last name 
• Date of Birth (DOB) 
• Mobile phone number 
• Delivery address for medication shipment 
• Information about allergies to medications or substances 
• Any other relevant health information you voluntarily provide in your responses 
• Communication and service preferences 

Use of Personal Information 

We use the information collected via SMS for specific, limited purposes directly related to enhancing your care and pharmacy experience. These include: 

For identity verification and service coordination, we use your information to confirm your identity as a Trinity Pharmacy patient before discussing any health information, to match your SMS responses with your existing pharmacy profile and medical records, and to coordinate the delivery of your medications to your specified address. 

For treatment support and safety, we document allergies and sensitivities in your patient profile to prevent potential adverse reactions, follow up on medication adherence, side effects, or treatment effectiveness as part of your Personalized Care Plan, and provide timely responses to your questions or concerns about your medications. 

For operational and customer care improvements, we send automated refill reminders or shipping notifications based on your preferences, gather feedback on your experience to improve our services and patient support, and offer support for our services such as home delivery, insurance coordination, or medication counseling as referenced in your Patient Welcome Packet. 

For administrative and compliance purposes, we maintain accurate records as required by law, pharmacy regulations, and ACHC accreditation standards, and support billing and payment processes with your insurance or pharmacy benefit manager (PBM), when applicable. 

We do not use your SMS data for marketing, promotional campaigns, or unrelated commercial purposes. Your responses are treated as confidential health information and integrated into your care documentation. 

Sharing of Personal Information 

Your personal information will NOT be shared, sold, or rented to third parties for their marketing, advertising, or any unrelated commercial purposes. 

SMS consent is not shared with third parties. Your explicit consent to participate in this SMS service is not shared as a business asset or for marketing lead generation. However, to operate the SMS service technically, we must share your mobile phone number and message content with our secure, HIPAA-compliant SMS platform provider. This provider acts as a “Business Associate” under HIPAA, meaning they are legally bound by contract to use your data solely and exclusively to transmit messages on our behalf; implement and maintain rigorous administrative, physical, and technical safeguards to protect your information; prohibit any use of your data for their own purposes, marketing, analytics, or sharing with other parties; and comply with all applicable privacy and data security regulations. 

Other limited scenarios for sharing include: for your treatment and healthcare operations, we may share information with your prescribing physician or healthcare team to coordinate your care; with authorized caregivers or family members only if you have provided us with prior written consent for such disclosure; and with other pharmacies or healthcare entities only if you are transferring your care or in an emergency, as permitted by law. For payment and administrative purposes, we may share information with your insurance company or Pharmacy Benefit Manager (PBM) strictly for the purposes of billing, claims processing, and verifying coverage; and with secure payment processors if a transaction is conducted via SMS (e.g., copay reminder). Card details are not stored or processed through SMS. As required or permitted by law, we may share information if required by a court order, subpoena, or other legal mandate; to government or accreditation bodies (like ACHC or the Nevada State Board of Pharmacy) during audits or investigations, under confidentiality agreements; or to prevent imminent harm to you or others, as allowed by law. 

We do not share your personal or health information collected via SMS for any purposes other than those clearly described in this policy and in our main Notice of Privacy Practices. 

Protection and Confidentiality

We implement a multi-layered approach to safeguard your personal and health information collected through our SMS service. Our protections align with and extend the comprehensive security measures detailed in our main Notice of Privacy Practices. 

For legal and regulatory frameworks, we comply with: 

• HIPAA Compliance: All SMS communications containing health information are managed as Protected Health Information (PHI) under the Health Insurance Portability and Accountability Act. 
• Nevada State Regulations: We adhere to Nevada Revised Statutes Chapter 639 (Pharmacies) and regulations set by the Nevada State Board of Pharmacy. 
• ACHC Accreditation Standards: Our practices meet or exceed the privacy and security requirements of the Accreditation Commission for Health Care.

Regarding our Notice of Privacy Practices, when you began care with Trinity Pharmacy, you received and discussed with us our “Notice of Privacy Practices.” This comprehensive document explains in detail how we protect all your protected health information (PHI), describes your rights under HIPAA to access, correct, and control your information, specifies how we use and disclose your information for treatment, payment, and operations, provides information on how to file a complaint if you believe your privacy rights have been violated, and is available at any time by requesting it from our staff. 

For incident response, in the unlikely event of a data breach involving your SMS information, we follow a strict incident response protocol that includes immediate investigation and containment, notification to affected individuals as required by HIPAA and state law, reporting to appropriate regulatory bodies, and implementation of corrective measures to prevent recurrence. 

Our SMS service operates as an extension of these established privacy practices, applying the same rigorous protections to text message communications. 

Your Rights and Choices  

You have the right to: 

• Opt out of the SMS service at any time by replying “STOP” to any message 
• Request access to the information we have about you 
• Request corrections to your information 
• Limit certain uses and disclosures of your information 
• Obtain a copy of our complete Notice of Privacy Practices 
• File a complaint if you believe your privacy rights have been violated by contacting: 
  • Our Privacy Officer: Sanjay Veerkar at (702) 776-8210 or compliance@txtinity.com 
  • The U.S. Department of Health and Human Services (HHS) 
  • The Nevada State Board of Pharmacy 

Data Retention and Destruction 

We maintain your information collected through SMS communications for specific periods based on regulatory requirements and legitimate healthcare purposes. 

For retention periods, your actual SMS messages and responses are retained in our secure systems for a minimum of 5 years from the date of the communication, as required by Nevada state law for pharmacy records (NAC 639.695). Information extracted from SMS conversations (allergies, side effects, delivery preferences) becomes part of your official health record and is retained for a minimum of 7 years from your last date of service, consistent with HIPAA requirements and Nevada pharmacy regulations. Your consent to participate in SMS communications is retained for as long as you remain an active patient plus 6 years after your last interaction or the termination of this service. 

The basis for retention is that we retain your information only for as long as necessary to provide continuity in your healthcare and pharmaceutical services; fulfill our legal and regulatory obligations under HIPAA Privacy and Security Rules, Nevada State Board of Pharmacy regulations (NAC 639), and ACHC accreditation standards; defend against potential legal claims or audits; support quality improvement and patient safety initiatives; and maintain accurate billing and payment records. 

When retention periods expire or when information is no longer needed for legitimate purposes, we securely destroy it using methods that prevent reconstruction, including: 

• Electronic Data: Secure deletion methods that overwrite data following NIST 800-88 guidelines for media sanitization. 
• Paper Records (if applicable): Cross-cut shredding or professional destruction services. 
• Verification: We maintain records of destruction as required by law. 

Regarding your rights about retention, you may request access to your SMS-related information while it is retained, an accounting of disclosures of your information, and early deletion of certain information, subject to legal exceptions (e.g., we cannot delete information required by law or for ongoing treatment). 

For business associate compliance, our SMS platform provider is contractually obligated to adhere to these retention schedules and destruction protocols for any data they process on our behalf. 

Security  

We implement technical, administrative, and physical security measures to protect your information against unauthorized access, disclosure, or misuse, including: 

• Technical Safeguards for SMS Communications: 
  • End-to-End Protection: SMS messages are secured during transmission through our HIPAA-compliant messaging platform. 
  • Secure Integration: Information collected via SMS is encrypted before being integrated into your electronic health record within our secured pharmacy management system. 
  • Access Controls: Strict role-based access ensures only authorized pharmacy staff involved in your care can view your SMS communications. 
  • Audit Trails: We maintain detailed logs of all access to your SMS-derived information for monitoring and compliance purposes. 
• Administrative and Physical Safeguards: 
  • Staff Training: All Trinity Pharmacy employees receive regular training on HIPAA compliance, privacy practices, and secure handling of electronic communications. 
  • Business Associate Agreements: We maintain signed agreements with all vendors (including our SMS platform provider) that mandate compliance with HIPAA security standards. 
  • Secure Facilities: Physical access to our systems and records is controlled through security measures at our Las Vegas location. 

Contact  

For questions about this privacy policy or our SMS service: 

• Trinity Pharmacy: (833) 419-2921 

• Privacy Officer: Sanjay Veerkar – (702) 776-8210 

• Email: compliance@txtinity.com 

• Address: 2797 S. Maryland Pkwy, STE 28, Las Vegas, NV 89109 

Changes to this Policy  

We reserve the right to update this policy periodically. The most current version will always be available on our website, and we will notify you of significant changes.