Join the DDA or

You are here: News » Pharmacy owners' news » GPhC to investigate possible standards breaches by Pharmacy 2U

GPhC to investigate possible standards breaches by Pharmacy 2U

Newspaper alleges patient data leak

April 2nd 2015

Tagged: Pharmacy owners' news

By Ailsa Colquhoun

The General Pharmaceutical Council has pledged to look into possible breaches of patient confidentiality by Pharmacy2U.

It will assess concerns relating to possible breaches of the following professional and pharmacy standards :

  • Standard 1.7 of the standards for registered pharmacies: Information is managed to protect the privacy, dignity and confidentiality of patients and the public who receive pharmacy services
  • Standard 3.5 of the standards for conduct, ethics and performance: Respect and protect people’s dignity and privacy. Take all reasonable steps to prevent accidental disclosure or unauthorised access to confidential information. Never disclose confidential information without consent unless required to do so by the law or in exceptional circumstances.

The action by the pharmacy regulator follows the publication of an article on March 31 by the Daily Mail alleging that Pharmacy 2U had sold customers’ names and addresses.

But Pharmacy2U told DDA Online: “Pharmacy 2U does not, and has never sold, information relating to patients’ medical conditions to anyone.

“Between November 2014 and December 2014, we trialled a small-scale project with Alchemy Direct Media (UK) Ltd, a data handling company registered with the Information Commissioner’s Office (ICO).

“This project involved us selling limited information – some customers’ names and postal addresses only – for use in selected marketing activity.  Data was only shared where there was patient consent. No medical information, emails or telephone numbers were sold. In conducting this trial project, we acted in line with current data protection and ICO guidelines.

“The sale of customer data for marketing purposes is a widespread practice within business and also government. However, in light of public concern about this issue we have decided not to continue with this trial and we can reassure our customers that Pharmacy2U will no longer share customer data for use in third party marketing. All data that was held by Alchemy Direct Media (UK) Ltd has been destroyed by them and is no longer available for use.

“We have asked the Information Commissioner’s Office to work with us to review our privacy policy and have also contacted the General Pharmaceutical Council, our industry regulator, and the NHS, to discuss this matter.”

By April 2, the online pharmacy  business had updated its website privacy policy. This now reads: “Pharmacy2U will not disclose your personal information to anyone outside Pharmacy2U without your prior consent. We will not sell your personal information to anyone outside Pharmacy2U. We may disclose information to outside parties if we are required by law to do so.”

Claire Bryce-Smith, director of inspection and fitness to practise at the pharmacy regulator, said: “We take seriously any instances where patient confidentiality is alleged to have been breached, and particularly where there may have been an impact on the safety of patients.”

 

News filters

News RSS feed

Resource Zone

Business and practice resources for DDA members