COVID-19 VACCINATIONS: If, in addition to indemnity for your main employment, you would like cover for delivering COVID-19 Vaccinations please apply for our standalone extension Apply Today

Home  »   Latest News   »   PDA are progressing a compensation claim for members affected by the Well Data Breach

PDA are progressing a compensation claim for members affected by the Well Data Breach

On 11th December 2018, a data breach at Well pharmacy resulted in a spreadsheet containing the data of 24,099 people, mostly pharmacists, being leaked. The PDA has been asked by affected members to start a claim on their behalf against Well and are currently gathering information to progress this.

Wed 13th March 2019 The PDA

The breach may be relevant to pharmacists that have ever worked for or provided locum services to Well (or a predecessor company) since at least as far back as 2003. Each affected pharmacist may be entitled to compensation, possibly ranging from hundreds to the low thousands of pounds, depending on individual circumstances and facts.

“Well has informed us that the email was sent to 1,050 people, of whom 376 were potentially able to access the spreadsheet,” said Mark Pitt, PDA Director of Defence Services. “We are looking into this claim on behalf of our members and have informed them of what we now know about the breach, what we’re doing to help members and what action they can take.”

The spreadsheet contained 24,099 rows of data, with one person per row. There were 68 columns of data, with an average of 28 columns completed per person. The data in the spreadsheet included names, address, phone numbers, email addresses and payroll numbers.

The data in the spreadsheet also included, amongst other things:

  • Locum hourly rates (including premium rates, Saturday rates and holiday rates)
  • Whether or not the pharmacist will work with an ACT, the distance they’re willing to travel and what services they can provide
  • A column entitled “Reason for Inactivation” including almost 6,000 entries, which could potentially have the unintended consequence of amounting to a “blacklist” of individuals.  This is denied by Well, who say that at no time has it ever operated a “blacklist” or would ever consider such improper practice.
  • 34 different “Reasons for Inactivation” for individuals, which it appears could be selected from a defined list. The reasons used include the following:
    • Being Investigated speak to PST
    • Business Risk
    • Ex-employee – dismissed
    • Health Concerns
    • Maternity leave
    • Branch feedback
    • RDM feedback
    • Inappropriate behaviour [it is not known what this is based on]
    • Fitness to Practice Issue [Well has stated this was captured from the GPhC website]
    • Datix feedback
    • Don’t use in busy branches
    • Payment Rates/Overclaiming
    • Unreliable Locum (ORPD)
  • Details of whether a person is a key holder, has CRB clearance, or has religious requirements (Yes or No fields)
  • A free type comment field including comments made about 500 of the people on the spreadsheet.

It is unclear why such sensitive data was held in this easily-shared format rather than in a restricted corporate database. Well have said this was shared due to a human error.

Well has advised the PDA that it has sent an email to those with a valid email address. Well also advised that it has used the services of a secure external mailing house to validate addresses and send letters to everyone else affected.

PDA members that would like to be part of the claim have been invited to complete this short survey to notify the PDA that they wish to be included in any collective action. This is a free PDA member benefit. FAQs can be found here.

Pharmacists that are not yet PDA members are also encouraged to join the PDA and get further help and support.

The Pharmacists' Defence Association is a company limited by guarantee. Registered in England; Company No 4746656.

The Pharmacists' Defence Association is an appointed representative in respect of insurance mediation activities only of
The Pharmacy Insurance Agency Limited which is registered in England and Wales under company number 2591975
and is authorised and regulated by the Financial Conduct Authority (Register No 307063)

The PDA Union is recognised by the Certification Officer as an independent trade union.

Cookie Use

This website uses cookies to help us provide the best user experience. If you continue browsing you are giving your consent to our use of cookies.

General Guidance Resources Surveys PDA Campaigns Regulations Locums Indemnity Arrangements Pre-Regs & Students FAQs Coronavirus (COVID-19)