Pharmacist Suspended for Three Months After Data Breach Involving Tesco 83,000 Patients
Date of Decision: April 27, 2023
Registrant's Role: Pharmacist
Allegations:
- While working as Duty Pharmacy Manager at Tesco Walkden Extra, Manchester, the pharmacist:
- Downloaded confidential patient data from the pharmacy’s internal system (RxWeb) on 9 February 2019.
- Emailed an Excel spreadsheet containing 83,000 patient records to his personal email account.
- The data included:
- Names
- Addresses
- NHS numbers
- Dates of birth
- Contact details
- GP details
- Initially denied involvement when confronted by the Superintendent Pharmacist on 15 February 2019.
- Later admitted sending the email, claiming he planned to use the data to "grow the business" at an online pharmacy he was also involved with (Pharmadirect, FTP Healthcare Ltd).
- Admitted that his actions were dishonest and intended for personal or financial gain.
Outcome: Suspended for three months
GPhC Standards Breached:
- Standard 5 – Use Professional Judgment
- Standard 6 – Behave in a Professional Manner
- Standard 7 – Respect and Maintain Patient Confidentiality
- Standard 8 – Speak Up When Things Go Wrong
Case Summary
The General Pharmaceutical Council (GPhC) Fitness to Practise Committee investigated a pharmacist after he was caught transferring confidential patient data to his personal email account while working at Tesco Pharmacy.
Between 9 and 15 February 2019, he:
Continue Reading the Full Case
Create a free account or log in to access the complete case summary.
- Full allegations considered by the GPhC
- Panel findings and reasoning
- Outcome of the investigation
- Sanctions considered and imposed on the Pharmacist
- Key professional learning points
Original Case Document
View the Full Determination Document
The original determination transcript is available to registered users.
- Download the official GPhC determination
- Full hearing transcript
- Detailed findings of fact
- Sanction reasoning
- Details of the pharmacy professionals involved