Skip to main content

Pharma Companies, UK Universities Failing to Protect Data

by Chris Brook on Tuesday May 17, 2022

Contact Us
Free Demo

The findings come courtesy a new investigation via The British Medical Journal (BMJ).

In healthcare, specifically the pharmaceutical industry, sharing sensitive information like clinical trial data, has become the norm over the years. It helps doctors and companies alike make better decisions and helps benefit science's greater good.

While there are by the books standards in place for a lot of these data exchanges, recent findings suggest that in the UK, they're being broken on a regular basis.

That's at least the case for pharmaceutical companies, National Health Service commissioners, and universities, entities that according to the British Medical Journal (BMJ) have continuously breached agreements around sharing patient data, something that's led to hundreds of patient data breaches.

As part of a study which examined audits carried out by NHS Digital over the last seven years, BMJ warned that many organizations are handling information outside of prescribed data contracts and may be failing to protect the confidentiality of patients.

33 organizations were audited in the last 12 months; each one breached data sharing agreements according to the BMJ.

Organizations like GlaxoSmithKline, Virgin Care - acquired by Twenty20 Capital in December 2021 - and universities like Imperial College London and the University of Cambridge are named in the study although each was found to be at different levels of risk when it comes to compliance.

The pharmaceutical company for instance was found to be in high risk to “compliance, duty of care, confidentiality, and integrity" of its data for example in December of last year. It breached the terms of its data sharing agreement with NHS Digital 10 ways, according to the BMJ, but has since been downgraded to “low risk.”

BMJ's study frames the findings with the fact that none of the entities had their access to NHS Digital's data curtailed in light of the breaches – something that would suspend the provision of data and almost certainly could be detrimental to patient care.

Suspending data sharing would "need to be balanced against any negative impact to patient care,” a NHS spokesperson told the peer-reviewed medical trade journal.

Tags:  Healthcare Data Breaches

Recommended Resources

The Definitive Guide to Data Loss Prevention
The Definitive Guide to Data Loss Prevention

All the essential information you need about DLP in one eBook.

6 Cybersecurity Thought Leaders on Data Protection
6 Cybersecurity Thought Leaders on Data Protection

Expert views on the challenges of today & tomorrow.

Digital Guardian Technical Overview
Digital Guardian Technical Overview

The details on our platform architecture, how it works, and your deployment options.