The online pharmacy company, Pharmacy 2U has been fined a hefty £130,000 by the Information Commissioner’s Office for selling customers’ personal details to a marketing company without their consent. This contravened the Data Protection Act and signified a breach of trust between the pharmacy and its users. The company released a statement apologizing for their behavior which reads:
“This is a regrettable incident for which we sincerely apologise,”
“While we are grateful that the ICO recognise that our breach was not deliberate, we appreciate this was a serious matter.”
“As soon as the issue was brought to our attention, we stopped the trial selling of customer data and made sure that the information that had been passed on was securely destroyed,”
“We have also confirmed that we will no longer sell customer data.”
While the company is promising to never engage in data selling activities again, the damage has been done. Handing over people’s data without any consultation or agreement is unbelievable and illustrates how poorly personal information can be treated. Perhaps, the fine will prevent other companies from trying a similar tactic and ensuring that each person’s information is protected within the confines of the law. However, if companies can get away with it, this won’t change anytime soon.