Refill patient data handling
Refill handles patient information because placing a compounded order requires patient details, a prescriber, and a SIG, and Refill Connect adds patient portal, assessment, and billing surfaces that also touch PHI. Protected health information flows from the clinic, through Refill's platform, to 503A partner pharmacies and potentially to Refill's provider network. Refill states HIPAA compliance and offers platform BAA tooling, but it does not publish the specifics of how it stores, transmits, and restricts access to that data. This page maps the PHI flow and lists the data-handling questions a clinic should verify before sending patient information.
This page explains where patient data goes in the Refill stack and what to confirm about access, encryption, and partner sharing.
What patient data does telehealth infrastructure handle?
To place a compounded order, the platform needs the patient identity tied to the medication, the prescriber, and the directions for use — all protected health information. Refill Connect expands that surface with patient-facing assessments, portal access, and billing, which adds more PHI beyond clinic-side ordering alone. Data is created or entered at the clinic or by the patient, stored and processed by Refill, and transmitted to 503A pharmacies that fill orders and potentially to Refill prescribers when you use the provider network. Each hop must be safeguarded: access limited to authorized users, encryption in transit and at rest, and sharing governed by appropriate agreements. Refill does not publish these specifics publicly, so a clinic should confirm them in writing before transmitting any patient information.
How to evaluate Refill patient data handling
Each row is a data-handling criterion, what is publicly known about Refill, and what to confirm before sending PHI.
Sourced from Refill public materials (refill.co), reviewed June 2026. Confirm data-handling terms in writing and review with your own counsel.
Negotiate data terms per vendor, or start with scoped access built in?
Refill
You want patient portal and provider network bundled and will review data terms during onboarding.
- You are prepared to ask how PHI is stored, transmitted, and accessed before sharing it.
- You plan to use Refill Connect and accept the broader PHI surface area.
- Your compliance team reviews vendor data terms case by case.
Fizy Health
You want PHI access scoped and audited from the first order.
- You want patient-linked cart actions audited per line with organization-scoped access.
- You prescribe in-house and want a narrower PHI footprint focused on clinic ordering.
- You want a BAA signed at onboarding before any patient data enters the system.
What scoped, auditable patient data looks like.
Patient data handling is easier to trust when access is organization-scoped and every cart action leaves a record.
-
Patient data scoped to the right team
Patient records and cart lines stay organization-scoped, so only authorized users in your clinic see PHI.
-
An audit trail on every order
Per-line order status and history give compliance a defensible record of who ordered what for whom.
-
Fewer paid orders rejected by the pharmacy
Cart validation catches issues before payment, reducing the back-and-forth that scatters PHI across email.
What clinics ask about Refill patient data.
- Definition
What patient data does Refill handle?
Refill handles patient identity, prescriber, and medication details required for compounded orders, plus additional PHI if you use Refill Connect for patient portals, assessments, and billing. All of this is protected health information that must be safeguarded under HIPAA.
- Flow
Where does patient data go in the Refill stack?
Patient data flows from the clinic or patient through Refill's platform to 503A partner pharmacies that fill orders and potentially to Refill prescribers when you use the provider network. Each hop should be covered by appropriate agreements and safeguards.
- Connect
Does Refill Connect change how patient data is handled?
Yes. Refill Connect adds patient-facing portal, assessment, and billing surfaces, which expands the PHI footprint beyond clinic-side ordering. Ask how Connect data is scoped, logged, and covered under the platform BAA.
- Access
Who can access patient data on Refill?
Refill does not publish role-based or organization-scoped access controls on refill.co. Ask who can view and modify patient records, whether access is logged, and how team permissions work.
- Deletion
Can I delete or export patient data from Refill?
Refill does not publish retention, deletion, or export policies for patient data. Ask about retention periods, deletion on cancellation, and whether you can export records in a usable format.
- Alternative
How does Fizy Health handle patient data?
Fizy Health keeps patient records organization-scoped, signs a BAA at onboarding, and audits patient-linked cart actions per line. PHI access controls are built into the clinic ordering product rather than spread across a separate patient portal stack.
Sources reviewed June 2026
- Refill public website (refill.co), reviewed June 2026.
- Data-handling terms should be confirmed in writing with Refill and reviewed by your own counsel.
- Fizy Health platform capabilities reflect the live product.
Know where patient data goes before you send it.
Fizy Health scopes patient access to your organization and audits every cart action per line. Free to start.