Pharma Companies, UK Universities Failing to Protect Data
The findings come courtesy a new investigation via The British Medical Journal (BMJ).
In healthcare, specifically the pharmaceutical industry, sharing sensitive information like clinical trial data, has become the norm over the years. It helps doctors and companies alike make better decisions and helps benefit science's greater good.
While there are by the books standards in place for a lot of these data exchanges, recent findings suggest that in the UK, they're being broken on a regular basis.
That's at least the case for pharmaceutical companies, National Health Service commissioners, and universities, entities that according to the British Medical Journal (BMJ) have continuously breached agreements around sharing patient data, something that's led to hundreds of patient data breaches.
As part of a study which examined audits carried out by NHS Digital over the last seven years, BMJ warned that many organizations are handling information outside of prescribed data contracts and may be failing to protect the confidentiality of patients.
33 organizations were audited in the last 12 months; each one breached data sharing agreements according to the BMJ.
Organizations like GlaxoSmithKline, Virgin Care - acquired by Twenty20 Capital in December 2021 - and universities like Imperial College London and the University of Cambridge are named in the study although each was found to be at different levels of risk when it comes to compliance.
The pharmaceutical company for instance was found to be in high risk to “compliance, duty of care, confidentiality, and integrity" of its data for example in December of last year. It breached the terms of its data sharing agreement with NHS Digital 10 ways, according to the BMJ, but has since been downgraded to “low risk.”
BMJ's study frames the findings with the fact that none of the entities had their access to NHS Digital's data curtailed in light of the breaches – something that would suspend the provision of data and almost certainly could be detrimental to patient care.
Suspending data sharing would "need to be balanced against any negative impact to patient care,” a NHS spokesperson told the peer-reviewed medical trade journal.
The Definitive Guide to DLP
- The seven trends that have made DLP hot again
- How to determine the right approach for your organization
- Making the business case to executives
The Definitive Guide to Data Classification
- Why Data Classification is Foundational
- How to Classify Your Data
- Selling Data Classification to the Business