Hannaford Bros. Co.
HIPAA AWARENESS TRAINING
I, ______________________________, on ______________, have participated in and
(Print Name) (Mo./Day/Year)
Completed the HIPPA Awareness Level 2 Training (see below), as part of my required training for
HIPPA Awareness. I’m fully aware of and understand the impact of this regulation regarding
Medical Privacy as it relates to protecting the medical privacy and the procedures that need to be
followed for people to obtain information from the Hannaford Health Plan and from the Pharmacy.
I understand that identified key personnel in my department must complete the awareness training
contingent to their employment in those positions and it is my responsibility to ensure they obtain
this communication as part of their training if deemed necessary.
I understand that employment/participating in a Practicum in the Pharmacy is contingent on this
Training and all Pharmacy Staff, Pharmacists, Pharmacy Technicians, Pharmacy Clerks,
Pharmacy Cashiers and Pharmacy Students must have this training before working in or engaging
in the Practicum experience in the Pharmacy.
I realize a violation of this regulation can result in disciplinary action and could involve fines, and /
or other legal action.
Date Manager Signature
HIPAA AWARENESS LEVEL 2 TRAINING
How we do business here at Hannaford is changing due to new legal
requirements regarding medical privacy. The purpose of this fact sheet is to
help you understand those changes.
What is HIPAA?
“HIPAA” refers to the Health Insurance Portability and Accountability Act of 1996. It is a
federal law that went into effect on April 14, 2003. This law basically standardizes rules for the
protection of medical privacy for health plans like the Hannaford Health Plan, health care
providers, like Hannaford’s Pharmacy Department, and health care clearinghouses. It also
explains the procedures that need to be followed for people to get information from the
Hannaford Health Plan and from the Pharmacy.
What is medical privacy?
Medical privacy is the right to have personal information about your health kept confidential and private.
This confidentiality must be maintained by those who provide medical care, prescription medications, and
other health-related services to you. If information is shared by health care providers or health plans in the
course of your treatment, or payment for your treatment, the people involved must take certain steps to
safeguard the confidentiality of your information.
Why is medical privacy important to Hannaford?
Hannaford prides itself on listening to customers and associates and meeting their needs. It is
part of our mission statement to be a respectful employer and a responsible corporate citizen and
We take our commitment to our customers seriously. When customers have a
prescription filled at one of our pharmacies, they deserve to know that their privacy will be
respected, and that personal information will be handled confidentially. Our customers count on
us, and when they bring in a prescription, they can be sure our associates will follow strict
procedures to safeguard their health information.
Here is an example of a customer situation that could arise at the Customer Service Desk:
A customer approaches the Customer Service Desk and has a question regarding a purchase from
the Pharmacy. The customer addresses their question to the Customer Service Desk associate.
They had a prescription filled at the Pharmacy in this store. When they got home and reviewed
the receipt, they felt they were over charged for the prescription. The customer initiates a
discussion with the Service Desk Associate about the prescription and the prices of this particular
medication and what they have paid in the past.
The associate should politely disengage from the discussion and explain to the customer that this
particular issue needs to be addressed at the pharmacy. The Associate should keep our customer
service strategy in mind as they refer the customer to the Pharmacy by contacting the Pharmacy
for the customer, walking the customer to Pharmacy (if possible) or directing them. The
associate should make sure that we make it easy for the Customer to get answers from the
appropriate resources and avoid any dialogue around prescription medications.
We take our commitment to our associates seriously, too. Associates can feel
confident that their medical privacy will be respected, and that their personal health information
will be used only for legitimate purposes.
Generally speaking, you should share health information about associates or our customers on a
need-to-know basis within Hannaford. With few exceptions, health information about associates
or our customers should never be shared with anyone outside Hannaford.
How Does HIPAA Change the Way I Work with the Pharmacy?
Associates who work for Hannaford in the Pharmacy Department, and those who support the
Pharmacy Department in key roles in other Departments, will receive special training required by
HIPAA, and will comply with HIPAA’s privacy requirements.
Except for routine maintenance and cleaning purposes, physical access to the Pharmacy must be
restricted to associates who have received HIPAA training.
The Pharmacy may use or disclose health information for purposes of treatment, payment, and
health care operations after it makes a good faith effort to have the patient acknowledge receipt
of the Notice of Privacy Practices. The Pharmacy can also share health information within the
bounds of the Pharmacist’s code of professional ethics, and as required by law.
The Pharmacy will not be able to share health information with others at Hannaford except in
very limited circumstances. For example, if a customer asks a Service Desk or Front-End
associate for information regarding his or her prescription, that associate should refer the
customer directly to the Pharmacy for assistance. For more information about HIPAA’s impact
on the Pharmacy, please see the Pharmacy’s Notice of Privacy Practices.
HITECH Act - Breach Notification Reporting
If personal health information about a customer or associate has been compromised (breached),
the Legal Department must be made aware of the circumstances immediately. By law,
Hannaford is required to take specific actions when certain types of breaches occur. The Legal
Department will determine which breaches require these specific actions.
Who can I contact with questions?
If, during the course of your employment at Hannaford, you receive personal health information,
but are not sure if you may use it or disclose it to others, you must not do so. Instead, you should
refer the matter to one of the individuals identified below for further guidance.
If you have questions about medical privacy, or the steps Hannaford takes to protect medical
information under HIPAA, you can contact the following people for more information. If you
know or suspect that a privacy violation has occurred, you must contact one of the following
people to report the violation. Please note that supervisors may be held accountable to the extent
that inadequate supervision or a lack of due diligence contributed to the violation.
Janet Britton, Ext. 7475
Lisa Toner, Ext. 3431