APhA Newsroom

Fast Facts

The American Pharmacists Association is the largest association of pharmacists in the United States advancing the entire pharmacy profession.

Membership: Pharmacists, pharmaceutical scientists, student pharmacists and pharmacy technicians

Governance: 501(c)(6) nonprofit organization, governed by a 15-member Board of Trustees. Its House of Delegates (411 members plus alternates) meets annually to determine overall policy.

Location: Washington, D.C.

Founded: October 6, 1852 in Philadelphia, PA

2020 Annual Report

Media Contact

Taneishia Bundy
APhA Media Relations


Press Releases

View all press releases

Published on Wednesday, May 1, 2024

APhA’s cybersecurity recommendations to secure the pharmacy ecosystem and patient safety

Washington, DC – The American Pharmacists Association (APhA) released cybersecurity recommendations today for urgent policy changes to better secure the pharmacy ecosystem and patient safety. The recommendations were submitted as Statements for the Record to the Senate Finance Committee and the House Energy and Commerce Oversight and Investigations Subcommittee for the congressional hearings taking place today on the Change Healthcare cyberattack.

These recommendations will also be shared with the White House, the U.S. Department of Health and Human Services, and other relevant private and public organizations to bring awareness and drive change on this issue, which has caused chaos and uncertainty for pharmacies across the country for over a month.

APhA, representing pharmacists and pharmacy teams in all practice settings, urges policymakers to closely examine the cause, along with patient and business impact, aftermath, responses, penalties, and legal consequences related to the system outages and make the necessary policy changes, including the following recommendations:

  • Map out the pharmacy ecosystem to identify infrastructure vulnerabilities
  • Expand accountability for protection of protected health information
  • Increase the penalties for breaches and noncompliance
  • Clarify breach notification requirements for downstream covered entities
  • Require business continuity/backup systems for entities that transmit, hold, or otherwise manage protected health information and health care business information
  • End vertical integration practices that result in health care market consolidation
  • Incentivize minimum standards for cybersecurity
  • Establish a federal cyber-insurance program
  • Consider and appropriately fund cybersecurity within emergency preparedness and response procedures and practices across the country

APhA stands ready to work with policymakers to discuss lessons learned from the Change Healthcare cyberattack, and what’s needed to implement these recommendations for prevention, mitigation, emergency preparedness and response, and penalties to ensure this does not happen again.

APhA strongly believes that continuity of patient care is paramount and cannot be jeopardized or compromised again.

The full recommendations can be found here:


Contact: Robert Hodges

Rate this article:
No rating
Comments (0)Number of views (838)
Please login or register to post comments.