In a move that has raised eyebrows among pharmacy operators nationwide, AstraZeneca has begun issuing formal letters to pharmacies requesting what it describes as their "unreserved cooperation." Specifically, these letters seek comprehensive data regarding the purchasing and dispensing history of Farxiga® (dapagliflozin) for the entire calendar year of 2024.
While the tone of these letters may initially appear neutral or administrative, pharmacies should not treat them as routine. The nature of the request—combined with the sweeping language used—suggests a broader manufacturer strategy to monitor dispensing activity, enforce distribution controls, and potentially flag what AstraZeneca may perceive as noncompliant or unauthorized practices. Pharmacies should approach these communications with care and a firm understanding of the legal, contractual, and operational implications that may follow.
What's in the Letter
The letters ask for detailed documentation of Farxiga-related purchasing and dispensing data for claims dispensed in 2024. Pharmacies are being asked to provide source-level purchasing information (including wholesalers and distributors), dates and quantities of purchases, inventory data, and dispensing records that could include dates of sale, quantities dispensed, and—in some cases—potentially sensitive or identifiable information about patients.
While AstraZeneca has not publicly disclosed the purpose of this initiative, the breadth of the information requested strongly indicates an internal investigation or enforcement campaign, possibly aimed at identifying pharmacies that are:
Purchasing Farxiga® through non-authorized channels;
Dispensing unusually high quantities of the drug;
Engaged in parallel importation, resale, or gray market activity;
Involved in off-label dispensing or promotional practices that concern the manufacturer.
Pharmacies must recognize that the provision of such data is not without consequence, and that how they respond could significantly affect their operational standing with manufacturers, pharmacy benefit managers (PBMs), and state or federal regulatory bodies.
A Broader Industry Trend
This is not the first time that a manufacturer has attempted to collect pharmacy-level dispensing data under the pretext of audit or enforcement. Similar campaigns have recently been conducted by manufacturers of diabetic test strips and OTC diagnostic devices, often resulting in follow-up letters demanding rebate repayments or threatening to report pharmacies to PBMs. In several cases, manufacturers relied on the information voluntarily provided by pharmacies to build cases against them—cases which then evolved into disputes over contract violations, misuse of limited distribution products, or alleged breaches of intellectual property rights.
Manufacturers have increasingly become more aggressive in controlling the downstream flow of their products. Whether prompted by concerns over counterfeiting, diversion, improper storage, or revenue leakage, these enforcement efforts rely heavily on the cooperation—or misstep—of the dispensing pharmacy.
Potential Legal and Compliance Risks
The legal implications of responding to these letters are not insignificant. Patient-level data, even when redacted or de-identified, may still fall under the purview of HIPAA and various state privacy laws. Sharing such information without proper safeguards could expose the pharmacy to regulatory penalties or legal claims, especially if the data is later used for unintended or adverse purposes.
Furthermore, inconsistencies between a pharmacy's purchase records and its claims data could raise red flags with PBMs. If a manufacturer concludes that a pharmacy is sourcing product outside of authorized distribution channels, that information may be shared with PBMs—leading to audits, chargebacks, network suspensions, or even terminations. Pharmacies also run the risk of inadvertently creating a paper trail that could be used to assert that their conduct violated terms in their PBM agreements, wholesaler contracts, or state licensing rules.
For these reasons, pharmacies should refrain from responding hastily to AstraZeneca's letters without first performing an internal review and seeking legal guidance.
Recommended Response Strategy
Pharmacies that receive these letters should begin by carefully reviewing the contents and scope of the request. The language used—particularly phrases like "unreserved cooperation"—may give the impression that compliance is mandatory, but that is not necessarily the case.
Before providing any data, pharmacies should assess their own records for the relevant time period. This includes examining all Farxiga® purchases, reconciling those purchases against dispensing logs, and confirming that all product was sourced through authorized, licensed distributors. Any anomalies, such as irregular purchasing patterns, should be noted and explained internally.
Pharmacies should engage legal counsel or compliance professionals to determine whether they are obligated to comply, and if so, to what extent. In many cases, the pharmacy may be able to respond with limited, aggregated data rather than patient-specific or transaction-level detail. It may also be appropriate to condition the response on the execution of a confidentiality agreement that restricts how the manufacturer can use or disseminate the information.
Above all, pharmacies should maintain control over the flow of information. Responses should be deliberate, limited to the minimum necessary, and structured in a way that minimizes exposure to legal or contractual risk.
Operational Considerations
This recent development is yet another example of why pharmacies must invest in strong internal compliance protocols. All dispensing activity—especially for branded drugs with limited distribution or high reimbursement rates—should be closely tracked. Pharmacies should ensure that their sourcing and purchasing practices are consistent with PBM requirements and state law.
In addition, pharmacies would be wise to adopt formal policies for how to handle inquiries from manufacturers, PBMs, or regulatory authorities. Having a standardized response process in place—including internal escalation procedures, legal review, and documentation templates—can prevent missteps and reduce exposure when these requests arise.
Many pharmacies mistakenly assume that responding to a manufacturer's letter is a "safe" or low-risk endeavor. However, the increasing aggressiveness of manufacturer audits and the trend toward using data to drive enforcement actions suggest otherwise.
Looking Ahead
AstraZeneca's request may be limited to Farxiga® for now, but it is likely a harbinger of similar actions to come—both from AstraZeneca and other manufacturers. High-cost therapies, drugs with limited distribution networks, and medications with growing off-label use are all potential targets for similar enforcement campaigns.
Pharmacies should not wait until they receive a letter to take action. Now is the time to conduct internal audits, ensure records are in order, and assess whether their sourcing practices could withstand scrutiny from manufacturers, PBMs, and regulators alike.
Conclusion
The letters from AstraZeneca represent more than a routine inquiry—they reflect a broader strategy among pharmaceutical manufacturers to monitor and control downstream product flow. Pharmacies that receive these letters must proceed with caution, protect patient privacy, and take steps to avoid inadvertently triggering liability or enforcement actions.
With the right strategy and legal guidance, pharmacies can navigate these requests while minimizing risk and preserving their operational integrity. But ignoring the request, or responding without fully understanding the implications, could prove costly.
If your pharmacy has received a letter from AstraZeneca regarding Farxiga® dispensing records, take the matter seriously—and act wisely.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
