Loading color scheme

Amazon has entered the pharmacy sphere with its acquisition of PillPack and all signs point to positive impacts on the industry.

However, some experts have shared concerns regarding high-profile missteps. MC-Rx, a leading pharmacy benefit manager (PBM), says while the future looks promising, security must be synonymous with convenience.

GAINESVILLE, Ga., Sept. 5, 2019 -- In 2018, online retail giant Amazon set out to conquer the consumer-facing experience with its acquisition of PillPack, an online retail pharmacy. However, some pharmaceutical experts and investors have recently expressed concerns regarding their patient data management. MC-Rx, one of the top privately-owned pharmacy benefit management companies in the US and Puerto Rico, says Amazon entering the marketplace can be a positive free-market boost to increase competition and hence outcomes for patients, but consumers beware as Protected Health Information is not just another online service.

Case in point: PillPack may be forced to halt soon due to their recent battle with Surescripts, an electronic-prescription company. PillPack contracts with medical data aggregation platform ReMy, which in turn pulls its data from Surescripts (Surescripts > ReMy > PillPack). Surescripts terminated their agreement with ReMy last month, citing that ReMy was giving patient information to Amazon fraudulently. The matter has been turned over to the FBI for further investigation, but this whirlwind of activity is certainly prompting caution.[1]

"Protecting Patient Health Information is a vital aspect of our business," said LaMar Williams, Executive Vice President of MC-Rx.

MC-Rx is no stranger to high-tech security with medical records. Powered by ProCare Rx, another industry leader in innovative pharmacy management technology, MC-Rx operates its own internally developed and maintained claims processing adjudication engine. Every member prescription is evaluated electronically within the same integrated platform in real-time, whether filled by their own mail order/specialty pharmacy or within their extensive retail pharmacy network. Their technology allows prescription claims to be processed in seconds, providing improved clinical outcomes while at the same time delivering significant cost savings.

PillPack's patient data store was revealed to be vulnerable to sophisticated hackers who can gain access to Big Tech's clouds.[2] Israeli cybersecurity firm NSO Group, who was responsible for developing the "Pegasus" malware used to compromise WhatsApp in May 2019, may pose a significant threat to PillPack.[3] Sources with access to NSO Group's new product presentation have revealed that it has developed capabilities to scrape data from the cloud, and potentially lift all of an individual's data as stored by tech giants such as Facebook, Google, Amazon and Microsoft.[4]

Amazon is reportedly "[continuing] to investigate and monitor the issue," and has found no evidence of a breach from this source thus far.[5]

"This is where consumers should really read the terms of service before agreeing to submit their personal [health] information," said Williams. "This may not be convenient, but in the long run it is crucial."

Questions to ask are:

  1. Look for third-party administrators that could have access to patient data-who are they, what is their role? 
  2. Are they URAC accredited for mail order services? (URAC helps promote health care quality through the accreditation of organizations involved in medical care services.) 
  3. Are multiple quality checks performed by licensed professional pharmacists for every prescription?
  4. Is there a barcoded shipping and manifesting system that provides reliable and fast, delivery-including the ability to track every order and assure its confidentiality?


"While we applaud Amazon's foray into the prescription market in the efforts to improve convenience and affordability for consumers-it's vital all industry leaders work together to establish and maintain the best security protocols for consumers," said Williams.

MC-Rx's only data security focus, as a PBM, is on security of patient healthcare data. In order to succeed in this market that must be the number one priority above convenience.



About MC-Rx 

MC-Rx is a full-service Pharmacy Benefit Manager (PBM) with corporate offices in Gainesville, Georgia and Caguas, Puerto Rico, with focuses on transparency, best-in-class service, and offering clients "lowest net cost." MC-Rx was formed by combining two URAC certified world class PBM's - ProCare Pharmacy Benefit Manager and mc-21. The ProCare companies were founded in 1988 with the vision of providing innovative computer software systems and services to various sectors of the healthcare industry. ProCare processed their first pharmacy claim in 1994 using their proprietary, internally developed and managed systems, and expanded in 1998 to full-service pharmacy benefit management through the acquisition of NextGen PBM. Today, the ProCare companies also includes two affiliated mail-order and specialty pharmacies, ProCare PharmacyCare, and are one of only four PBM providers that own all of their component systems. MC-Rx now provides comprehensive, industry-leading service to clients in Puerto Rico and the U.S. Visit http://www.mc-rx.com/


1) Bloomberg News. "Surescripts Cuts off Vendor Linked to Amazon Unit, Citing Misuse." Health Data Management, Health Data Management, 2 Aug. 2019,

2) Srivastava, Mehul. "Israeli Group's Spyware 'Offers Keys to Big Tech's Cloud'." Financial Times, Financial Times, 19 July 2019, http://www.ft.com/content/95b91412-a946-11e9-b6ee-3cdf3174eb89.

3) Hamilton, Isobel Asher. "The Israeli Firm behind Software Used to Hack WhatsApp Reportedly Boasted That It Could Scrape Data from Amazon, Apple, Facebook, Google, and Microsoft Cloud Servers." Business Insider, Business Insider, 19 July 2019, http://www.businessinsider.com/nso-boasted-it-can-hack-apple-google-amazon-cloud-servers-2019-7.

4) Kanter, Jake. "WhatsApp Was Hacked and Attackers Installed Spyware on People's Phones." Business Insider, Business Insider, 14 May 2019, http://www.businessinsider.com/whatsapp-hacked-attackers-installed-spyware-2019-5?r=US&IR=T.

5) Srivastava, Mehul. "Israeli Group's Spyware 'Offers Keys to Big Tech's Cloud'." Financial Times, Financial Times, 19 July 2019, http://www.ft.com/content/95b91412-a946-11e9-b6ee-3cdf3174eb89.

6) "Capital One hack suspect may have breached more than 30 organizations." CBS News. August 142019, http://www.cbsnews.com/news/capital-one-data-breach-suspect-paige-a-thompson-may-have-hacked-more-than-30-other-organizations/