Main topic: Whether custom user-entered data (e.g., eyeglass prescriptions) can be stored in Shopify without apps.
Feasibility: One approach suggests custom coding a product-level form/file upload so prescription info is captured and appears in order data. No app required.
Documentation: The requester asked for resources or Shopify docs to implement this. None were provided in the thread.
Compliance concerns: Another participant warns storing prescription data may violate HIPAA (U.S. health data privacy law). They state Shopify cannot provide the required HIPAA audit trail, and non–de-identified data could create serious liability.
Clarification: The custom-code proponent says they meant a simple file upload and that verification would be done manually by the store admin, not automated.
Latest update: A clarifying question asks whether any prescription data is uploaded to Shopify or even linked from Shopify to external services (e.g., Dropbox, Jotform).
Status: No resolution. Feasibility is contested due to HIPAA. Key open question is whether any PHI should be stored or linked via Shopify at all.
This would not be HIPAA compliant and would get the merchant into serious trouble if that data is not de-identified. Shopify cannot provide a proper audit train either for the HIPAA Audit rule.
We solve this problem for clients, but it will not work as you just suggested.