Christian Falvey reports:
The Office for Personal Data Protection says it has never encountered such a large-scale database of illegally collected personal data: information from 200,000 drug prescriptions a day for the last six months showing who uses what kind of medicine. And the body collecting it? The State Institute for Drug Control.
What the law calls for is central storage of electronic prescriptions, the idea being to ensure that inappropriate combinations of medicines were not being prescribed and that narcotics producers were not amassing ingredients for their trade. Doctors have not even started using electronic prescriptions though, and the database began filling up anyway. The Office for Personal Data Protection was asked to investigate whether the database was being put to a completely different use. It was, as the office’s Hana Št?pánková explains:
“What was actually happening in that central database was that personal information was being taken from written prescriptions, not from electronic prescriptions at all; it was being collected in pharmacies and processed by the State Institute for Drug Control beyond the scope of what it was authorised to do by law; the Institute was actually demanding that pharmacies send this information.”
The database of tens of millions of prescriptions filled across the country by more than 1,500 pharmacies was even accessible on the internet with a code. It was promptly erased when the personal information office revealed the full extent of the problem, and the State Institute for Drug Control has said the information was not compromised. But as Ms. Št?pánková points out, the ramifications of potential misuse were huge.
Read more on radio.cz