Chemist + Druggist is part of Pharma Intelligence UK Limited

This is operated by Pharma Intelligence UK Limited, a company registered in England and Wales with company number 13787459 whose registered office is 5 Howick Place, London SW1P 1WG. The Pharma Intelligence group is owned by Caerus Topco S.à r.l. and all copyright resides with the group.

This copy is for your personal, non-commercial use. Please do not redistribute without permission.

Printed By


Delivery driver errors considered 'data breaches' from next week

Errors made by delivery drivers could be classed as “data breaches” under EU regulations coming into force next week, the National Pharmacy Association (NPA) has warned.

Under the General Data Protection Regulation (GDPR) – which comes into force on May 25 – “sending personal data to an incorrect recipient”, would be considered a breach of personal data.

In its latest medication safety report, published last week (May 10), the NPA referred to errors made by delivery drivers for the first time.

Drivers were involved in 5% of dispensing errors reported to the NPA in the first three months of 2018, which the organisation’s chief pharmacist Leyla Hannbeck told C+D yesterday (May 16) was “an increase compared to previous quarters”.

Read some examples of the delivery driver errors reported to the NPA so far in 2018 here.

While the NPA had not highlighted errors by drivers in the past, the fact that the delivery of medicines with a patient's name and address to the wrong person may be classed as a data breach under GDPR meant “it was important to highlight how common such errors are and therefore action that needs to be taken by pharmacy teams to prevent such errors”, Ms Hannbeck explained.

According to the Information Commissioner’s Office (ICO), organisations are required to inform the ICO of any data breach within 72 hours of becoming aware of it.

“Failing to notify a breach when required to do so can result in a significant fine up to €10 million or 2% of your global turnover,” it warned. “So it’s important to make sure you have a robust breach-reporting process in place to ensure you detect and can notify a breach, on time; and to provide the necessary details.”

On Monday, the NPA slammed the GDPR requirement for all pharmacies to appoint a data ‘expert’ by May 25 as “disproportionately impacting” independents. Pharmacy law expert David Reissner also warned  that it will be hard for pharmacies to appoint someone for this role in time for the deadline.

Are you going to inform your pharmacy's delivery driver about the risk of a 'data breach'?

Related Content


Pharmacy Manager / Pharmacist

Apply Now
Latest News & Analysis
See All



Ask The Analyst

Please Note: You can also Click below Link for Ask the Analyst
Ask The Analyst

Thank you for submitting your question. We will respond to you within 2 business days. my@email.address.

All fields are required.

Please make sure all fields are completed.

Please make sure you have filled out all fields

Please make sure you have filled out all fields

Please enter a valid e-mail address

Please enter a valid Phone Number

Ask your question to our analysts