Website Security Policy

Website Security Policy for MyMedList

A division of RJR Enterprises of SW FL, LLC
Effective Date: 08/01/2025

At MyMedList, a division of RJR Enterprises of SW FL, LLC, we are committed to ensuring the confidentiality, integrity, and security of your Personal Health Information (PHI). This Website Security Policy describes the security measures we have implemented on our website to protect the PHI you share with us while using our services. We adhere to the Health Insurance Portability and Accountability Act of 1996 (HIPAA), ensuring that your data is handled securely and in compliance with all relevant regulations.

1. Data Transmission Security

To protect your PHI, we employ the following methods to secure the transmission of your data over the internet:

SSL/TLS Encryption: All data transmitted between your device and our website is encrypted using Secure Socket Layer (SSL) and Transport Layer Security (TLS) protocols. This ensures that sensitive information, such as your login credentials, medication lists, and other PHI, cannot be intercepted during transmission.
HTTPS Protocol: Our website operates on a secure HTTPS protocol, which indicates that all data transmitted is encrypted and protected from unauthorized access during communication.

2. Authentication and Access Control

We take several steps to ensure that only authorized users have access to their accounts and PHI:

User Authentication: When you log into your account, you will be required to enter a unique username and password. For added security, we recommend using a strong password that includes a combination of letters, numbers, and special characters.
Multi-Factor Authentication (MFA): For additional security, we support multi-factor authentication (MFA). This requires users to provide two or more verification factors to gain access to their account, such as a one-time passcode sent via email or SMS.
Role-Based Access Control (RBAC): We implement role-based access controls to ensure that users can only access the information relevant to their role. For example, patients and caregivers can access their own medication lists, while healthcare providers can access patient data only with appropriate permissions.
Session Timeouts: To prevent unauthorized access due to inactivity, user sessions automatically expire after a certain period of inactivity (e.g., 15 minutes), requiring users to log in again to continue using the service.

3. Data Encryption at Rest

PHI stored on our website and in cloud databases is encrypted using strong encryption algorithms, such as AES-256. This ensures that even in the unlikely event of a breach, the data remains inaccessible and unreadable without the decryption key.

Encrypted Cloud Storage: All PHI is stored on cloud servers that meet or exceed HIPAA security standards. We use only trusted and HIPAA-compliant cloud service providers, and we regularly review their security practices to ensure they comply with our own high standards.

4. Monitoring and Logging

We implement continuous monitoring and logging to ensure the integrity of the system and to detect any unauthorized access:

Audit Logs: Every user interaction with the website, including login attempts, data updates, and access to PHI, is logged in an audit trail. These logs are regularly reviewed for suspicious activity.
Intrusion Detection: We use intrusion detection systems (IDS) to monitor for potential threats or unauthorized access to our website. These systems generate real-time alerts if they detect any anomalies or suspicious activity that could indicate a breach.

5. Protection Against Common Web Vulnerabilities

We take proactive measures to safeguard against common web vulnerabilities, including:

Cross-Site Scripting (XSS): We ensure that our website is protected from cross-site scripting attacks by validating and sanitizing all user inputs. This prevents malicious code from being executed on the site or injected into other users’ sessions.
Cross-Site Request Forgery (CSRF): We use CSRF tokens to ensure that requests made to the website are intentional and originated from legitimate users.
SQL Injection: We employ parameterized queries and other security measures to prevent SQL injection attacks, ensuring that malicious code cannot compromise our databases.

6. User Data Privacy and Protection

Your PHI is our top priority. We have implemented several safeguards to ensure that it remains protected:

Access Restrictions: We limit access to your data to only those who need it to provide the service. Your PHI is not shared with third parties unless you explicitly grant permission or as required by law.
Data Retention: We retain your PHI only for as long as necessary to provide the service, comply with legal obligations, or resolve disputes. After that period, we securely delete or anonymize the data.
Data Minimization: We collect and store only the minimum amount of information necessary to fulfill our mission and improve your experience. This reduces the amount of sensitive data that could potentially be exposed.

7. Regular Security Audits and Penetration Testing

To ensure that our security measures are effective, we conduct regular security audits and penetration tests. These tests simulate real-world attacks to identify vulnerabilities and weaknesses that could compromise your PHI. If any vulnerabilities are found, they are addressed immediately.

8. Business Associate Agreements (BAAs)

We enter into Business Associate Agreements (BAAs) with any third-party services that handle your PHI. These agreements require third parties to maintain the same level of security and compliance with HIPAA regulations, ensuring that your data is protected throughout its lifecycle.

9. Incident Response and Breach Notification

In the event of a security breach or data compromise, we have an Incident Response Plan in place. If your PHI is affected, we will:

Notify you: In accordance with HIPAA requirements, we will inform you of the breach and the steps we are taking to mitigate it.
Notify Authorities: We will report the breach to the U.S. Department of Health and Human Services (HHS) and other relevant authorities as required by law.
Take Corrective Action: We will conduct a full investigation into the breach, identify any vulnerabilities, and take corrective actions to prevent future occurrences.

10. User Responsibilities

As a user of the MyMedList website, you also play an important role in keeping your account secure:

Keep Your Credentials Confidential: Do not share your username, password, or multi-factor authentication details with others.
Secure Your Devices: Access the website only from secure, trusted devices and networks. Use antivirus and anti-malware software to protect your devices.
Report Suspicious Activity: If you notice any suspicious activity or suspect that your account has been compromised, contact us immediately so we can take appropriate action.

11. Updates to This Security Policy

We may update this Security Policy periodically to reflect changes in our practices, technology, or applicable laws. When updates are made, we will post the new policy with an updated “Effective Date” at the top of this page. We encourage you to review this policy regularly to stay informed about how we protect your information.

12. Contact Us

If you have any questions about this Website Security Policy or our security practices, or if you would like to report a security issue, please contact us at:

RJR Enterprises of SW FL, LLC
MyMedList Division
PO Box 116
Placida, FL 33946-9998
info@mymedlist.net
(941) 681-8422

Online Pharmacist Consultation Services

>> MyMedList offers online pharmacist consultations designed to help patients manage medications safely and confidently. Our licensed pharmacists provide professional guidance through secure digital consultations, supporting medication management, drug interaction awareness, and safer healthcare decisions.

Medication List Management

>> Effective medication list management is essential for preventing medication errors and improving communication with healthcare providers. MyMedList helps patients create, organize, and maintain an accurate medication list online, making it easy to update and share when needed.

Healthcare & Medical Support for Seniors

>> MyMedList supports individuals and families managing complex healthcare needs, particularly older adults and seniors. Our services help simplify medication management and support safer long-term care planning.

Medication Safety & Error Prevention

>> Medication safety is at the core of everything we do. MyMedList focuses on reducing medication errors by improving how medications are documented, reviewed, and communicated.

Frequently Asked Questions (FAQ)

1. What is MyMedList?

MyMedList is an online medication management service designed to help individuals organize, maintain, and share accurate medication lists. Our goal is to strengthen the pharmacist–patient relationship and support safer medication use.

2. How does MyMedList help with medication management?

We provide a secure, user-friendly platform that allows patients to create, update, and communicate their medication lists across healthcare providers, helping reduce medication errors and improve care coordination.

3. What services do you offer?

MyMedList offers web-based subscription plans and individual online pharmacist consultations, all tailored to support accurate medication management and enhance patient safety.

4. Who can benefit from MyMedList?

Anyone managing multiple medications, seeing multiple healthcare providers, or experiencing frequent medical visits can benefit—especially seniors and individuals with chronic conditions.

5. How do I get in touch for more information?

You can reach us through the contact form on our website or by calling (941) 681-8422.

6. What if I have more questions?

You’re welcome to contact us directly or explore our blog for educational resources and medication management tips.

7. Is there a fee for using MyMedList?

MyMedList offers subscription-based plans for ongoing support. Individual pharmacist consultations may involve additional fees, which are clearly explained before services begin.

8. How do I create my medication list?

You can create your medication list using our online platform. Our pharmacists guide you step-by-step to ensure accuracy and completeness.

9. What should I do if I experience a medication error?

If you believe a medication error has occurred, contact your healthcare provider immediately. You may also consult a MyMedList pharmacist for guidance on next steps.

10. Can I use MyMedList if I have health conditions?

Yes. MyMedList is designed to support individuals with various health conditions who are managing multiple medications.

11. How often should I update my medication list?

We recommend updating your medication list any time there is a change to your medications or healthcare team—such as when a medication is started, stopped, or replaced; a dose, strength, or schedule changes; you switch providers or pharmacies; or after a hospital or emergency visit—to support medication safety, improve provider communication, and reduce the risk of medication errors.

12. Are your pharmacists licensed?

Yes. All MyMedList pharmacists are licensed healthcare professionals with experience in medication management and patient safety.

13. What technology do you use to keep my information secure?

We use modern security technologies, including encryption and secure databases, to protect your personal and health information in accordance with privacy standards.

14. Do you offer services for healthcare providers?

Yes, medical providers can register to access our services for their patients. This collaboration helps improve medication management across the continuum of care.

Are you a Healthcare Provider?

Register as a Healthcare Provider

Login as a Healthcare Provider

Help

Give Us Feedback

This product uses publicly available data from the U.S. National Library of Medicine (NLM), National Institutes of Health and Human Services; NLM is not responsible for the product and does not endorse or recommend this or any other product.