GDPR: First UK fine handed to London-based company

A suburban pharmacy in London has become the first UK company to be issued with a fine under the General Data Protection Regulation rules. Doorstep Dispensariee Ltd, a pharmacy based in Edgware, was handed a £275,000 penalty by the Information Commissioners Office for its “cavalier attitude to data protection”.

The ICO has proposed a fine of £183m on British Airways and £99m on hotel chain Marriott over data breaches at their respective organisations, but the only fine the ICO has followed through with so far is the £275,000 fine levied on Doorstep Dispensaree in December regarding the disposal of records about vulnerable care home residents.

According to reports, approximately 500,000 documents which included patient names, dates of birth, NHS numbers, medical information and prescriptions were left at back of premises. Under the GDPR, data must be handled in a way that ensures appropriate security against unauthorised or unlawful processing and accidental loss, destruction or damage. Failure to act in accordance with the latest data protection requirements will result in financial repercussions for offending businesses.

The company was also issued with an enforcement notice to improve its data protection processes within three months or face further penalties.

Steve Eckersley, director of investigations at the ICO said: “The careless way Doorstep Dispensaree stored special category data failed to protect it from accidental damage or loss. This falls short of what the law expects and it falls short of what people expect.”

GDPR was adopted on 14th April 2016 and became enforceable on the 25th May 2018.

    Share Story:

Recent Stories


Your people and the pandemic: Are you doing enough?
Employee health, well-being and security have always been a vital part of risk management, and as organisations seek ways to ensure a smooth, successful and sustainable return to operations amid the evolving environment, careful consideration has to be given to all these areas, and quickly. Published August 2020

Responding to COVID-19: A safe and secure return to work
Learn more from the experts that worked on the recovery of the Diamond Princess. Published July 2020