Pharmacy with 'cavalier attitude to data protection' fined under new rules

20 Dec 2019

Online pharmacy, Doorstep Dispensaree Ltd, has received the first fine under the new data protection rules in what also represents an example of inter-agency co-operation that members of the regulated professions should be aware of.

In July 2018 the Information Commissioner was informed by the Medicines and Healthcare products Regulatory Agency (MHRA) of its own investigation for the alleged unlicensed and unregulated storage and distribution of medicines. The MHRA’s investigation found that sensitive personal data had been left in 47 crates, two disposal bags and one box containing approximately 500,000 documents stored in a courtyard.

Doorstep Dispensaree was found to have contravened numerous articles of GDPR and the Information Commissioner considered them to have a ‘cavalier attitude to data protection’ imposing a fine of £275,000.

The penalty notice can be read in full here.

Those involved in the medical and dental professions handle sensitive information on a daily basis. How that information is handled is under ever greater scrutiny since the introduction of GDPR. With the co-operation demonstrated between the MHRA and the ICO no one can afford to ignore the issues arising in this case.

Connor Michaels, BLM


<< Back

Disclaimer: This document does not present a complete or comprehensive statement of the law, nor does it constitute legal advice. It is intended only to highlight issues that may be of interest to clients of BLM. Specialist legal advice should always be sought in any particular case.

Related Sectors

Who to contact

For more information about any of our news releases, please contact:

Jo Murray
+44 20 7638 2811
+44 20 7865 4849
Email Jo


Not what you are looking for? Click here!