Notices

Notice of Privacy Practices

Effective Date: March 26, 2013
Revision Date: February 1, 2026

THIS NOTICES DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

This Notice of Privacy Practices describes the privacy practices of the components of Walmart’s affiliated hybrid covered entity. The affiliated covered entity includes the pharmacy and vision / optical services of Walmart Health & Wellness and Sam’s Club Health & Wellness and the services of  Walmart Healthcare Research Institute. We understand that your health information is personal and we are committed to protecting it. We are required by law to maintain the privacy of your protected health information (“PHI”), to give you this Notice of our legal duties and privacy practices concerning your PHI, and to report to you any security breach involving your unsecured PHI. We must follow the terms of the current Notice.

Uses and Disclosures of PHI That Do Not Require Your Authorization

1. For Treatment. We may use and disclose your PHI for treatment purposes such as dispensing prescriptions or providing diagnoses or managing and coordinating health care across one or more of your health care providers. We may disclose your PHI to treating physicians, providers, pharmacies, ophthalmic providers, and other health care providers to manage and coordinate your health care or treatment.
2. For Payment. We may use and disclose your PHI so that we and other covered entities or health care providers can bill and collect payment from you, your insurance company, or a third party. This may include conducting insurance eligibility checks with state Medicaid, Medicare, or other health plans, determining enrollment status, and providing PHI to entities that help us submit bills and collect amounts owed.
3. For Health Care Operations. We may use and disclose your PHI for our health care operations and the health care operations of other covered entities with which you have or had a relationship, such as internal administration and planning and activities that improve the quality and cost effectiveness of the care that we deliver to you.
4. To Communicate with You about Health-Related Products and Services. We may use and disclose your PHI to communicate with you regarding your care and related matters, including health-related products and services we provide. For example, we may use or disclose your PHI to provide appointment and refill reminders, inform you about our  products and services, or advise you of available preventive care and alternative treatments, including those available through research opportunities.
5. To Individuals Involved in Your Care or Payment for Your Care. We may disclose your PHI to a family member, other relative, friend, or other individual identified by you, who is involved in your medical care or payment for your care, provided you agree to this disclosure, you had an opportunity to object and did not do so, or we infer from the circumstances in our professional judgment that the disclosure is appropriate.
6. As Required by Law. We will disclose your PHI when we believe we are required to do so by federal, state, or local law, court order or similar demand.
7. To Avert a Serious Threat to Health or Safety. We may use or disclose your PHI when necessary to prevent or lessen a serious threat to health or safety to any person or the public.
8. For Health Oversight Activities. We may disclose PHI to a health oversight agency for activities authorized or required by law such as audits, inspections, and licensure or other activities necessary for oversight of the health care system, benefits programs, or civil rights.
9. For Public Health and Safety. We may disclose your PHI to government authorities for public health and safety activities such as preventing or controlling disease, injuries, or disabilities, reporting abuse, neglect, or domestic violence, and reporting recalls or adverse reactions to medications.
10. For Judicial and Administrative Proceedings. We may disclose your PHI in the course of a judicial or administrative proceeding in response to a legal order or other lawful process.
11. Law Enforcement. We may disclose PHI in the course of a judicial or administrative proceeding in response to a legal order or other lawful process.
12. For Specialized Government Functions. We may disclose your PHI: (1) if you are a member of the armed forces, as required by military command authorities; (2) if you are an inmate or in custody, to a correctional institution or law enforcement official; (3) in response to a request from law enforcement, under certain conditions; (4) for national security reasons authorized by law; (5) to authorized federal officials to protect the President, other authorized persons, or foreign heads of state.
13. For Workers’ Compensation. We may disclose your PHI in compliance with state law relating to workers’ compensation or other similar programs. 
14. For Organ and Tissue Donation. We may disclose your PHI to organ procurement or similar organizations for purposes of donation or transplant.
15. For Coroners and Funeral Directors. We may disclose PHI to a funeral home director, coroner, or medical examiner consistent with applicable law to enable them to carry out their duties.
16. For Personal Representatives. We may disclose your PHI to a person legally authorized to act on your behalf, such as a parent, legal guardian, or administrator or executor of your estate.
17. For Proof of Immunization. We may provide proof of immunization to a school about a student or prospective student, as required by law, if authorized by the parent/guardian, emancipated minor, or other authorized individual as applicable.
18. Research. We may use or disclose your PHI in connection with the following research purposes: (1) pursuant to a waiver by an institutional review board or a privacy board; (2) preparatory to research; and (3) as a limited data set (PHI from which many identifying details are removed).
19. Business Associates. We may disclose your PHI to Business Associates that we contract with to perform certain services for us, such as billing or administrative services.

Uses and Disclosures of PHI That Require Your Authorization

Except as described herein, we will not use or disclose your PHI without your authorization or as otherwise permitted by law. You may revoke your authorization or by writing to HIPAA Compliance, 1 Customer Drive, Mailstop 0230, Bentonville, AR 72716. Your revocation will stop further use or disclosure of PHI for purposes set forth in your signed authorization, except to the extent we have already acted in reliance upon such authorization or we are prohibited by law. We must also follow applicable law that is stricter than HIPAA.

1. Sale of PHI. We will not sell your PHI without your written authorization, or as permitted by HIPAA.
2. Psychotherapy Notes. Except in limited circumstances, we may not use or disclose psychotherapy notes recorded by a mental health professional documenting your conversation during a counseling session without your authorization.
3. Marketing. We must obtain your written authorization prior to using or disclosing your PHI for marketing purposes.
4. Research Purposes. We may use or disclose your PHI for other research purposes not described above only with your authorization.

Part 2 Program Records: We may receive your PHI from a substance use disorder program that includes information subject to 42 CFR Part 2 (“Part 2”) governing the confidentiality of substance use disorder records. Part 2 provides additional confidentiality protections to substance use disorder records we receive from a Part 2 program.  We will not use or disclose substance use disorder records that we receive from a Part 2 program, or testimony relaying the content of such records, in civil, criminal, administrative, or legislative proceedings against you unless based on your written consent or a court order after notice and an opportunity to be heard is provided to you or the holder of the record. A court order authorizing use or disclosure must be accompanied by a subpoena or other legal requirement compelling disclosure before the requested record is used or disclosed.

You Have the Following Rights with Respect to Your PHI

1. You may request restrictions on the use or disclosure of your PHI for treatment, payment or health care operations, or our disclosure of your PHI to someone involved in your care or payment for your care, like a family member or friend. We are not required to agree. If we agree, we will comply with your request except in certain emergency situations or as required by law.
2. You may request restrictions on certain disclosures of your PHI to your health plan for purposes of carrying out treatment, payment or health care operations regarding services paid for in full (out of pocket).
3. You may inspect and receive a paper or electronic copy of your medical records in our designated record set or direct that we provide them to your designee. Under limited circumstances, we may deny you access to a portion of your records. If you request copies, we may charge you a reasonable copy fee.
4. You may request we amend certain PHI if it is incorrect or incomplete. You must provide a reason to support your request. We may deny your request if the PHI is accurate and complete or is not part of the PHI kept by or for the relevant provider in our organized health care arrangement. If we deny your request, you have the right to submit a statement of disagreement. Your request will become part of your medical record, to be included when we make a disclosure of the item or statement you believe to be incomplete or incorrect.
5. You may request an accounting of disclosures of your PHI. This is a list of disclosures made of your PHI, other than for treatment, payment or health care operations, and other exceptions allowed by law. Your request must specify a time period, which may not be longer than six years from the date of the request.
6. You may request we contact you in a certain way or at a certain location. For example, you may request we contact you only at work or at a different residence or post office box. Your written request must state how or where you wish to be contacted. We will grant reasonable requests. If you would like to exercise any of these rights, contact the Walmart or Sam’s Club location that provided your services to get the appropriate form, or submit a written request to HIPAA Compliance, 1 Customer Drive, Mailstop 0230, Bentonville, AR. 72716-0230. You may obtain a paper copy of this Notice from your Walmart, Sam’s Club, or online at: https://corporate.walmart.com/privacy-security/notices.

Language Assistance Services and Auxiliary Aids

Under Section 1557 of the Affordable Care Act, we provide language assistance services and appropriate auxiliary aids and services upon request and free of charge to customers and members, as well as to patients, participants, beneficiaries, enrollees, and applicants of our healthcare programs, activities, or services.

Changes to This Notice

We reserve the right to change this Notice and to make the revised Notice effective for PHI we already maintain or receive in the future. We will post a copy of the current Notice. If we change our Notice, you may obtain a copy of the revised Notice upon request or online at: https://corporate.walmart.com/privacy-security/notices/.

For More Information or to Report a Problem

If you have questions about this Notice, contact HIPAA Compliance, Walmart Inc., 1 Customer Drive, Mailstop 0230, Bentonville, AR 72716-0230, or phone (800) WAL-MART. If you believe your privacy rights have been violated, you may file a written complaint, and there will be no retaliation, with our HIPAA Compliance Officer at the above address, or with the Secretary of the Dept. of Health and Human Services, Office for Civil Rights.

Patient Bill of Rights

Effective Date: March 26, 2013
Revision Date: August 1, 2024

Patient Bill of Rights

1. Be fully informed in advance about care/service to be provided, including the services areas that furnish care and the frequency of visits, as well as any modifications to your plan of care;
2. Participate in the development and revision of your plan of care;
3. Refuse care or treatment after the risks of refusing care or treatment are fully presented;
4. Be informed, orally and in writing, in advance of care being provided, of the charges, including payment for care/service expected from third parties and any charges for which the client/patient will be responsible;
5. Have your property and person treated with respect, consideration and recognition of dignity and individuality;
6. Be able to identify visiting personnel members through proper identification;
7. Be free from mistreatment, neglect, or verbal, mental, sexual and physical abuse, including injuries of unknown source, and misappropriation of your property;
8. Voice grievances/complaints regarding treatment or care, lack of respect of property, or recommend changes to policy, personnel or care/service without restraint, interference, coercion, discrimination or reprisal;
9. Have grievances/complaints regarding treatment or care that is (or fails to be) furnished, or lack of respect of property investigated;
10. Choose a health care provider; including an attending physician, if applicable;
11. Confidentiality and privacy;
12. Be advised on agency’s policies and procedures regarding the disclosure of clinical records;
13. Receive appropriate care without discrimination in accordance with provider orders;
14. Be informed of any financial benefits when referred to an organization;
15. Receive information about the scope of services the organization will provide and specific limitations on those services;
    
16. Be fully informed of one’s responsibilities.

Patient Responsibilities

1. Provide complete and accurate information concerning your present health, medication, allergies, etc., when appropriate to your care/service;
2. Be involved, as needed and as able, in the development, carrying out and modifying your care plan.
3. To properly clean and maintain equipment and supplies;
4. To contact us with any questions or problems concerning your equipment, supplies or service;
5. To notify your attending physician or provider when you feel ill;
6. To notify us prior to changing your place of residence or your telephone number;
7. To notify us when encountering any problem with equipment or service;
8. To notify us if your physician or other provider modifies or ceases your prescription;
9. To notify us of denial and/or restriction of our privacy policy.

Customer Concerns

You may call (800) WALMART if you have a concern regarding fraud and abuse or any treatment or services provided by our organization, or you may contact Accreditation Commission for Health Care (ACHC) at (919) 785-1214 or (855) 937-2242 if your complaint is not resolved. You can also call the Office of Inspector General at (800) 447-8477. Within five days of receiving a complaint you will be contacted by telephone, email, fax, or letter that we have received your complaint. Within 14 calendar days we will provide a written notification of the results of your inquiry and the resolution.

Medicare DMEPOS Supplier Standards

The products and/or services provided to you by Walmart Inc. are subject to the Supplier Standards contained in the federal regulations shown at 42 Code of Federal Regulations Section 424.57(c). These Standards concern business professional and operational matters (e.g., honoring warranties and hours of operation). The full text of these Standards can be obtained at www.ecfr.gov. Upon request we will furnish you a written copy of the Standards.

Warranty Information

All Medicare equipment sold or rented by our company carries a one-year manufacturer’s warranty. We will notify all Medicare beneficiaries of the warranty coverage, honor all warranties under applicable law, repair or replace, free of charge, Medicare-covered equipment under warranty. In addition, an owner’s manual with warranty information will be provided to beneficiaries for all durable medical equipment when this manual is available. For more information on warranty information or instructions please speak to your pharmacy.

Related Links

Accessibility & Non-Discrimination Notice
Arabic Notices
Armenian Notices
Burmese Notices
Chinese (Simplified) Notices
Chinese (Traditional) Notices
English Notices
Farsi Notices
French Notices
German Notices
Haitian Creole Notices
Hindi Notices
Hmong Notices
Italian Notices
Japanese Notices
Khmer Notices
Korean Notices
Nepali Notices
Polish Notices
Portugese (Brazil) Notices
Punjabi Notices
Romanian Notices
Russian Notices
Somali Notices
Spanish Notices
Swahili Notices
Tagalog Notices
Vietnamese Notices