Current as of January 4th, 2026
Your privacy is important to us at Visits.
This Privacy Policy explains how EMPOWERX, INC (DBA VISITS) ("Company,"we," or "us") handles your information when providing Visits, a web-based pharmacy electronic health record software-as-a-service platform (the "Service").
This Policy is intended to be read together with our End User License Agreement (EULA) and Business Associate Agreement (BAA).
Company acts as a Business Associate (as defined by HIPAA) when providing the Service to pharmacy chains and independently operated pharmacies ("Covered Entities").
We do not provide direct patient care and do not act as a Covered Entity.
When acting as a Business Associate, we may create, receive, maintain, or transmit protected health information ("PHI"), including electronic PHI ("ePHI"), on behalf of Covered Entities.
The Service may process information subject to 42 CFR Part 2, including data that identifies a patient as having sought or received substance use disorder diagnoses, treatment, or referral ("Part 2 Data").
We may collect limited non-PHI information such as:
We use information solely as permitted by applicable law and contractual agreements.
PHI and Part 2 Data are used only to:
We may de-identify PHI in accordance with HIPAA Safe Harbor or Expert Determination standards and use de-identified data for:
De-identified data does not reasonably identify any individual.
We disclose PHI only as permitted by:
We may disclose PHI to subcontractors who support the Service, provided they are bound by written Business Associate Agreements.
We may disclose information when required by law, regulation, court order, or subpoena.
We may use de-identified data for product development, analytics, research, and quality improvement. De-identification is performed in accordance with HIPAA standards.
We do not sell PHI or identifiable personal information.
Where applicable:
Unauthorized disclosure of Part 2 Data is treated as a material compliance violation.
We implement administrative, physical, and technical safeguards designed to protect PHI and Part 2 Data, including:
Safeguards are designed to comply with HIPAA, 42 CFR Part 2, and applicable state law. Although we implement strong safeguards, no system is 100% secure, and we cannot guarantee absolute security.
Patients’ rights regarding their PHI (including access, amendment, and accounting of disclosures) are exercised through the Covered Entity, not directly through Company.
We assist Covered Entities in fulfilling these obligations as required by HIPAA.
This Privacy Policy is designed to comply with all applicable U.S. state privacy, security, and breach notification laws.
Where state law provides greater privacy protection than HIPAA, we comply with the more stringent requirement.
If you reside in California and have provided your personally identifiable information to us, you may request information once per calendar year about our disclosures of certain categories of your personally identifiable information to third parties for their direct marketing purposes. Such requests must be submitted to us in writing at support@visitsrx.com.
We retain PHI and other information only as long as necessary to:
We may update this Privacy Policy from time to time. Material changes will be communicated through the Service or other appropriate means.
Our Websites contain links to other sites and may contain embedded media hosted by third parties. EmpoweRx, Inc is not responsible for the content or privacy practices of other sites. We encourage you to be aware when you leave our site or engage with media hosted by third parties and to read the privacy statements of any other site that collects your information.
EmpowerRx, Inc
Privacy Officer: Mardiros Merdinian
Email: support@visitsrx.com
Address: 1155 Camino Del Mar, Del Mar, CA 92014