The new GDPR that came into force last month has potentially allowed for delivery drivers to be responsible for data breaches, which has led to the National Pharmacy Association (NPA) issuing a warning over the potential risks.
The GDPR outlines that the sending of personal data to the incorrect recipient falls within the scope of a data breach, meaning delivery driver errors can be classed as a data protection breach.
According to the NPA’s latest safety report, delivery drivers accounted for 5% of all dispensing errors in a period of just three months.
An obvious error that has taken place is the delivery driver posting the medication to the wrong address. Others include medication being sent to the wrong patient as a result of similar names.
But these are serious issues. The incorrect medication can lead to a patient being hospitalised through complications, and it does happen. These kinds of errors can easily happen which is why it’s important for the issue to be sorted out before anyone else can be hurt and become the victim of a data protection breach.
It’s also understood that the NPA has reportedly slammed the requirement of the new GDPR for pharmacies to have to appoint a data expert. The NPA apparently deemed this as disproportionate, but that’s far from the truth in our opinion. Data breaches – no matter how big or no matter how they can be seen as “small” – can have a real and devastating impact on the victims. All organisations must do what they can to protect the people whose data they hold, and when we’re talking about the physical suffering of a patient as well as the distress caused by a data breach, the duty of care is higher.
When we see so many data breaches in the healthcare sector, including in the pharmaceutical sector specifically, it’s clear to us that more can – and must – be done to prevent future breaches. With simple cases of delivery drivers being responsible for data breaches that include delivering to the wrong address or to the wrong person based on similar sounding names, better protocols and procedures need to be in place.
In a pharmaceutical mistake, we’re talking the potential for both data breaches and medical negligence.