DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

UK: Warwickshire-based company in medical data breach

Posted on March 27, 2012 by Dissent

A Warwickshire-based company has committed to taking action to protect personal data, following a breach of the Data Protection Act (DPA).

The breach occurred when a system used by Pharmacyrepublic Limited to record the medication handed out to around 2000 patients was stolen from one of its premises, the Information Commissioner’s Office (ICO) said today.

Pharmacyrepublic Limited contacted the ICO in September to report the theft of a Patient Medication Record (PMR) system. The system contained details of the medicine handed out to patients at one of its pharmacies, and was stolen while the pharmacy was being transferred to another provider. The system was supplied by another firm and Pharmacyrepublic failed to ensure that the system was securely returned to the company before leaving the premises.

The ICO’s investigation found that the system – which was password protected – contained a limited amount of sensitive information relating to the medicine being administered to the pharmacies’ patients. The system was used to identify any problems when multiple drugs were administered to the same patient. The data hasn’t been recovered.

Stephen Eckersley, the ICO’s Head of Enforcement said:

“It is important that companies have measures in place to keep personal information secure at all times. If a company is vacating premises then they should ensure that any equipment used to store peoples’ data is handled correctly. In this case the system should have been returned to the wholesaler safely and securely.

“This incident should act as a warning to all healthcare providers – your data protection obligations do not end while the personal information of your patients remains on site and in your control.”

Pharmacyrepublic Limited has now agreed to take action to keep the personal data it handles secure. This includes updating its procedures to ensure that PMR data is securely handled prior to any future transfer of ownership. All staff will also be made aware of the company’s procedures for the safe storage and retrieval of personal data ,and appropriately trained on how to follow these.

Source: Information Commissioner’s Office

Category: Health Data

Post navigation

← GA: Ex-employee sought for stolen records
FI: Book and feature film found to violate doctor-patient confidentiality →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Data breach of patient info ends in firing of Miami hospital employee
  • Texas DOT investigates breach of crash report records, sends notification letters
  • PowerSchool hacker pleads guilty, released on personal recognizance bond
  • Rewards for Justice offers $10M reward for info on RedLine developer or RedLine’s use by foreign governments
  • New evidence links long-running hacking group to Indian government
  • Zaporizhzhia Cyber ​​Police Exposes Hacker Who Caused Millions in Losses to Victims by Mining Cryptocurrency
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Google: Hackers target Salesforce accounts in data extortion attacks
  • The US Grid Attack Looming on the Horizon
  • US govt login portal could be one cyberattack away from collapse, say auditors

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • California county accused of using drones to spy on residents
  • How the FBI Sought a Warrant to Search Instagram of Columbia Student Protesters
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Malaysia enacts data sharing rules for public sector
  • U.S. Enacts Take It Down Act
  • 23andMe Bankruptcy Judge Ponders Trump Bill’s Injunction Impact
  • Hell No: The ODNI Wants to Make it Easier for the Government to Buy Your Data Without Warrant

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.