DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

UK: Warwickshire-based company in medical data breach

Posted on March 27, 2012 by Dissent

A Warwickshire-based company has committed to taking action to protect personal data, following a breach of the Data Protection Act (DPA).

The breach occurred when a system used by Pharmacyrepublic Limited to record the medication handed out to around 2000 patients was stolen from one of its premises, the Information Commissioner’s Office (ICO) said today.

Pharmacyrepublic Limited contacted the ICO in September to report the theft of a Patient Medication Record (PMR) system. The system contained details of the medicine handed out to patients at one of its pharmacies, and was stolen while the pharmacy was being transferred to another provider. The system was supplied by another firm and Pharmacyrepublic failed to ensure that the system was securely returned to the company before leaving the premises.

The ICO’s investigation found that the system – which was password protected – contained a limited amount of sensitive information relating to the medicine being administered to the pharmacies’ patients. The system was used to identify any problems when multiple drugs were administered to the same patient. The data hasn’t been recovered.

Stephen Eckersley, the ICO’s Head of Enforcement said:

“It is important that companies have measures in place to keep personal information secure at all times. If a company is vacating premises then they should ensure that any equipment used to store peoples’ data is handled correctly. In this case the system should have been returned to the wholesaler safely and securely.

“This incident should act as a warning to all healthcare providers – your data protection obligations do not end while the personal information of your patients remains on site and in your control.”

Pharmacyrepublic Limited has now agreed to take action to keep the personal data it handles secure. This includes updating its procedures to ensure that PMR data is securely handled prior to any future transfer of ownership. All staff will also be made aware of the company’s procedures for the safe storage and retrieval of personal data ,and appropriately trained on how to follow these.

Source: Information Commissioner’s Office

No related posts.

Category: Health Data

Post navigation

← GA: Ex-employee sought for stolen records
FI: Book and feature film found to violate doctor-patient confidentiality →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems
  • 222,000 customer records allegedly from Manhattan Parking Group leaked
  • Breaches have consequences (sometimes) (1)
  • Kansas City Man Pleads Guilty for Hacking a Non-Profit
  • British national “IntelBroker” charged with causing $25 million in damages; U.S. seeks his extradition from France

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data
  • Sacred Secrets: The Biblical Case for Privacy and Data Protection
  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach
  • Nestle USA Settles Suit Over Job-Application Medical Questions

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.