A congressional review of some major pharmacy chains' privacy practices found that none require a warrant before sharing customers' records with law enforcement.
They include the seven largest pharmacy chains in the country: CVS Health Inc
The disclosure has the potential to significantly influence the discourse surrounding Americans' health privacy, especially amidst the ongoing state initiatives aimed at criminalizing abortion and medications associated with reproductive health.
U.S. Senator Ron Wyden urged the Biden administration to revise Health Insurance Portability and Accountability Act (HIPAA) rules to guard Americans' pharmaceutical records from warrantless law enforcement requests.
"Although pharmacies are legally permitted to tell their customers about government demands for this data, most don't," the letter from Wyden (D-OR) and co-investigators Reps. Sara Jacobs (D-CA ) and Pramila Jayapal (D-WA) said.
"As a result, many Americans' prescription records have few meaningful privacy protections, and those protections vary widely depending on which pharmacy they use."
Five of the eight pharmacy companies surveyed - Amazon, Cigna, Optum Rx, Walmart, and Walgreens Boots Alliance - attested that they require law enforcement demands for pharmacy records to be reviewed by legal professionals before responding to those requests.
Only Amazon Pharmacy alerts patients when it shares records with law enforcement.
CVS Health, Kroger, and Rite Aid indicated that their pharmacy staff face extreme pressure to respond immediately to law enforcement demands.
