The FDA, in partnership with other federal and international agencies, took action against websites that sell potentially dangerous, unapproved prescription drugs to US consumers. The FDA and the US Customs and Border Protection (CBP) also conducted extensive examinations at US-based international mail facilities, where many packages containing prescription drugs enter the US, and found that most of the examined packages contained illegal prescription drugs that had been ordered from online sources.

These actions took place in support of the 7th annual International Internet Week of Action (IIWA) — May 13 to May 20, 2014 — sponsored by Interpol, and also known as Operation Pangea VII. During Operation Pangea VII, law enforcement, customs, and regulatory authorities from 111 countries collaborated to identify the makers and distributors of illegal drug products and medical devices that used the Internet to sell their products and remove these products from the supply chain.

Operation Pangea VII‘s coordinated efforts at mail facilities resulted in the detention or seizure of 19,618 packages containing medicines purportedly from Australia, the United Kingdom (UK), New Zealand and Canada. These packages contained unapproved or suspected counterfeit drugs from other countries, such as India, China, Singapore, Taiwan, Mexico, Laos, Malaysia, as well as Australia, New Zealand, and the UK.

The FDA and the CBP inspected packages at the mail facilities in Los Angeles, New York, and Chicago, and detained or seized 583 packages. The FDA also notified Internet service providers, domain name registrars, and related organizations that 1,975 websites were selling products in violation of US law.

Investigations and operations such as Operation Pangea VII have revealed that many American consumers order medicines from online sources believing they will receive the same medicine as the US approved version. These medicines, however, are often unapproved or counterfeit and from countries with less stringent manufacturing standards or regulatory controls. Many illegal online pharmacies purport to sell drugs identical to the US-approved versions to attract consumers but then send them unapproved, counterfeit or substandard versions.

Patients should know that the FDA provides consumers with information on how to identify an illegal pharmacy website and advice on how to find a safe online pharmacy through BeSafeRx: Know Your Online Pharmacy.


A security risk assessment (SRA) tool to help guide health care providers in small to medium sized offices conduct risk assessments of their organizations is now available from the US Department of Health & Human Services (HHS).

The SRA tool is the result of a collaborative effort by the HHS Office of the National Coordinator for Health Information Technology (ONC) and Office for Civil Rights (OCR). The tool is designed to help practices conduct and document a risk assessment in a thorough, organized fashion at their own pace by allowing them to assess the information security risks in their organizations under the Health Insurance Portability and Accountability Act (HIPAA) Security Rule. The application, available for downloading at www.HealthIT.gov/security-risk-assessment also produces a report that can be provided to auditors.

By conducting these risk assessments, health care providers can uncover potential weaknesses in their security policies, processes, and systems. Risk assessments also help providers address vulnerabilities, potentially preventing health data breaches or other adverse security events. A vigorous risk assessment process supports improved security of patient health data.

Conducting a security risk assessment is a key requirement of the HIPAA Security Rule and a core requirement for providers seeking payment through the Meaningful Use Program.

The SRA tool's website contains a User Guide and Tutorial video to help providers begin using the tool. Videos on risk analysis and contingency planning are available at the website to provide further context.

The tool is available for both Windows operating systems and iOS iPads. Download the Windows version at www.HealthIT.gov/security-risk-assessment. The iOS iPad version is available from the Apple App Store (search under “HHS SRA tool”).


Modernizing Medicine's EMA has achieved ONC HIT 2014 Edition Complete EHR certification, meaning that it will be capable of supporting eligible providers and hospitals with meeting the Stage 1 and Stage 2 Meaningful Use measures of the EHR incentive program. EMA version 4.0 and EMA Mobile version 4.0 were certified by ICSA Labs, an Office of the National Coordinator-Authorized Certification Body (ONC-ACB), and are compliant in accordance with applicable criteria adopted by the Secretary of HHS. Certification is granted to those technologies that are capable of meeting the testing criteria developed to support providers and hospitals who wish to demonstrate Stage 2 Meaningful Use, which focuses on the capability of health IT to deliver higher quality patient care and exchange clinical information securely.