YES. The pharmacist is required to obtain permission that is documented as a patient's express written consent.
A consumer may refuse to have his/her information entered into a shared database. The pharmacy that originally filled the prescription must place a "firewall" around the data. This "firewall" must prevent access to patient-specific information by an unauthorized individual at another location.