“After a preliminary investigation, we uncovered evidence that third-party vendor ReMy Health provided one or more of its customers unauthorized access to the health information network we maintain. In addition, it appears that ReMy Health or its customers provided fraudulent information to Surescripts when making requests for patient data from the Surescripts network.
We are still investigating the full scope of these improper activities but today are taking immediate steps to protect the data our partners entrust to us and the privacy of the patients they serve. Specifically, we have suspended ReMy Health from our network, are terminating their contract, and are turning the matter over to the FBI for further investigation.
ReMy Health contracted with Surescripts to deliver providers access to a patient’s complete medication history, in addition to other services related to electronic prescribing and prescription benefits. Under the agreement, medication history information is to be used by providers when delivering care to support clinical decision-making before prescribing new medications or during the normal process of provider-discharge planning for patients leaving a hospital or health system. We found that ReMy Health had provided this medication history data to an entity that is not a provider in this type of care setting. This not only directly violates ReMy Health’s contract with Surescripts, it violates our partners’ trust in the appropriate use of the data they provide to the network and the privacy of the patients they serve.
Moreover, we are very concerned that the data appears to have been obtained fraudulently for one or more of ReMy Health’s customers. Either ReMy Health or its customers concealed unauthorized access to the Surescripts network by fraudulently using third-party providers’ identifying information to access the system – even though those providers appear to be entirely unrelated to the patients whose information was requested.
Surescripts has spent nearly 20 years establishing trusted relationships and legal agreements with hundreds of data suppliers and EHR vendors across the country to securely exchange health information. These agreements ensure that the information we exchange is only used for patient care and not for the commercial benefit of any one data supplier. These agreements also help ensure that patient data is properly secured.”
- Tom Skelton, Chief Executive Officer, Surescripts
Our purpose is to serve the nation with the single most trusted and capable health information network, built to increase patient safety,
lower costs and ensure quality care. Since 2001, Surescripts has led the movement to turn data into actionable intelligence,
and convened the Surescripts Network Alliance™ to enhance prescribing, inform care decisions and advance the healthcare industry. Visit us at
and follow us at