This site is intended for Healthcare Professionals only

Well data breach compensation claims start


Well data breach compensation claims start

The Pharmacists’ Defence Association (PDA) has started processing compensation claims against the pharmacy chain Well after its leak of employees’ personal details last year.

The data breach in December, which saw an email containing a spreadsheet with the names, addresses, phone numbers, email addresses and payroll numbers of 24,099 Well pharmacy employees and locums sent to more than 1,000 people, has prompted 600 affected PDA members in the last 24 hours to bring a claim against the UK’s largest independent pharmacy chain.

The PDA, who said the breach may have affected pharmacists who have worked for or provided locum services for Well or a predecessor company in the last 16 years, suggested each claim could be worth hundreds to thousands of pounds.

“Well has informed us that the email was sent to 1,050 people, of whom 376 were potentially able to access the spreadsheet,” said Mark Pitt, the PDA’s director of defence services.

“We are looking into this claim on behalf of our members and have informed them of what we now know about the breach, what we're doing to help members and what action they can take.”

Chris Ellett, senior information risk owner at Well Pharmacy who described the incident as "human error," told ICP: “Yesterday the PDA released a message to their members in relation to the document containing personal identifiable data that was sent to a number of locums, due to human error, on 11th December 2018.

“We have been working with the PDA to ensure the information about the data breach is correct within their message.

“Following the incident on 11th December, we immediately informed the information commissioner’s officer (ICO) and acted on the advice they provided. We continue to work with the ICO in respect of the breach and have been transparent about the findings of our investigation.

“We have used all available information to contact as many of the affected data subjects via email or post, taking all appropriate steps to ensure the data we have used is as accurate as possible.

“Both data and information security are taken very seriously at Well and we are sorry that this happened. A number of changes have been made to our processes to ensure that all data is safe and secure.”



Picture: ronniechua (iStock)


Copy Link copy link button