We are an online supplement store. We sell retail and prescription-only supplements. Only customers who have been prescribed a prescription-only product are allowed to see said product. So, allowing all logged in customers to see all locked away prescription-only products is not an option.
We’re looking for an app that will enable us to do the following:
Hide the prescription-only products from retail.
A login / register section to access prescription-only products
Assign specific prescription-only products to specific customers (this will have to be done manually)
Allow permitted users to purchase their prescribed supplements
Happy to purchase an app or subscribe to one. Currently bogged down with Wordpress, so a Shopify solution would be perfect!
If this is a legal requirement with consequences you should probably only be using shopify’s storefront apis for a completely custom frontend , or integration into your existing stores that you can invest in.
Avoid using use shopify’s online-sales channel for any legally regulated private product information as the online-sales channel is leaky when it comes to product information.
While you can lockdown theme pages with apps and advanced customizations , there will still be things like the ajax api which you cannot disable, meta tags, og-tags, schema.org, etc that will expose data to those who know how to look for it when a product is published to the online-sales channel.
So you’d need to do some advanced stuff to not have products published to the online sales channel but still able to somehow lets customers create a cart/checkout, such as proxy apps, buy-buttons with a second store, or generating draft-orders using an app like mechanic (also made by lightward).
Also bear in mind which payment-gateways you will use as not all will accept risky product industries.
If you have the budget and need this explored or need related themes customizations then contact me by mail for services.
ALWAYS please provide context, examples: store url, theme name, post url(s) , or any further detail in ALL correspondence.
Contact info in signature.
This cannot be done using a 3rd-party app if you hope to remain HIPAA compliant. Lockdown doesn’t de-identify the prescription products from an order in Shopify so it cannot be HIPAA compliant.
There’s several ways that can do this, but they all involve creating a broker app and transacting through the Shopify API while separating the PHI data elsewhere. This means de-identifying the product as well. Shopify is not optimum as an end to end HIPAA solution for vending these products. It can be done, but middleware becomes the conduit for doing so. Some products are easier than other to make this work for, such as testing kits, prescription eyeglasses, etc. Where you separate the PHI from the purchase.
e.g. We’ve built solutions for selling prescription eyeglasses by decoupling the frame purchase from the prescription submission or allergy testing kits where the sale of the kit is not PHI until they register it in a separate system we built for results retrieval.
Happy to talk with anyone interested in learning more if they have that need.
