Pharmacy 2 U sold details of more than 20,000 customers to marketing companies, but got away with a paltry £130,000 fine.
Details of the sick and vulnerable were passed onto health supplements companies - which have been cautioned for misleading as well as an Australian lottery company that is being investigated by trade authorities.
Pharamacy 2 U advertised its database as a one-stop shop for information on people suffering from ailments such as asthma, Parkinson’s disease and erectile dysfunction. Breakdowns of customers, such as men over 70 years old, were available for a bargain £130 per 1000 records.
There are times when customer information can be used for different purposes or sold on, but Pharmacy 2U hadn’t informed its customers that it was making money off their personal details and buying habits.
It seems particularly shocking coming from a healthcare company.
“Patient confidentiality is drummed into pharmacists. It is inconceivable that a business in this sector could believe these actions were acceptable. Put simply, a reputable company has made a serious error of judgement, and today faces the consequences of that. It should send out a clear message to other companies that the customer data they hold is not theirs to do with as they wish.
“Once people’s personal information has been sold on once in this way, we often see it then gets sold on again and again. People are left wondering why so many companies are contacting them and how they come to be in receipt of their details,” said ICO Deputy Commissioner David Smith.
The news is a blow for the NHS’ plans to digitise medical records, care.data, as well as other e-insurance initiatives.
The general public are already suspicious, with fears that medical history could be linked to an individual and affect insurance premiums as well as employment opportunities.