Membership CPD Pre-reg Portfolio
Search the register

Breach of the Data Protection Act

The Pharmaceutical Society has written to members affected by a breach of its Data Protection procedures. A small number of registrants have been notified of a breach of its Data Protection Procedures where documents intended for shredding were inadvertently mixed with general waste designated for landfill and, unknown to the Society, ended up in a public place. The documents in question were recovered and have now been securely destroyed.

 

The Society has now contacted directly all individuals that it knows have been affected. The Information Commissioner’s Office has been notified as have the Police.

The Pharmaceutical Society takes the security of your personal data very seriously. We have in place a number of measures to ensure that your data is kept secure. The Pharmaceutical Society ensures that any documents containing personal data are the subject of secure shredding and disposal.

In this instance, documents awaiting shredding were placed in a secure storeroom. Unfortunately in the course of maintenance works, some materials intended for shredding were inadvertently mixed with general waste designated for landfill. These documents ended up in a public place.

We were made aware of the presence of the material and immediately commenced an investigation. We were subsequently able to recover the majority of the material. Having sorted the contents we have contacted all those we know have been affected.

We believe that the risk to you arising out of this incident is minimal.  However, you may wish to take some basic steps to prevent the risk of identity theft, such as:

  • If you receive an unsolicited email or phone call from what appears to be your bank or building society asking for your security details, never reveal your full password, login details or account numbers. A bank will never ask for your pin or full security password;
  • If you are concerned about the source of the call, hang up, wait for a few moments and then call your bank back at a legitimate phone number printed on the back of your bank card or statements. Ideally this call should be made from a different telephone line to that on which the call was received;
  • Check your statements carefully and report anything suspicious;
  • If you are expecting a bank or credit card statement and it doesn’t arrive, tell your bank or credit card company;
  • You may wish to contact one of the three credit reference agencies : callcredit; Equifax or Experian to provide a credit report to alert you to any changes to your credit file which may indicate any potential fraudulent activity.

Further advice and guidance can be found at:

www.actionfraud.police.uk/fraud_protection/identity_fraud

We would like to apologise for this loss and to offer you the opportunity to contact us for further information or to discuss any implications arising from the loss

As a consequence of the loss we have done a complete review of our data handling procedures which will ensure that all sensitive and potentially sensitive material is destroyed, that nothing other than domestic style waste will be taken to landfill and further training has been provided in all aspects of data handling for all staff.

 

END

Bookmark and Share