Source Informatics Limited, Judgment of Court Appeal, 21 December 1999
This case decided that it is acceptable for pharmacists to sell anonymised prescribing information to pharmaceutical companies, so that they may target the marketing of their products more effectively.
The Court of Appeal held as follows:
1. The aim of the law is to protect a confider's personal privacy.
2. A patient has no proprietorial claim to the prescription form or to the information it contains and no right to control its use provided only and always that his privacy is not put at risk.
3. The confidant who receives confidential information is placed under a duty of good faith to the confider.
4. The scope of the duty of confidence and whether or not it has been breached is the confidant's own conscience, i.e. would a reasonable doctor/pharmacist's conscience be troubled by the proposed use of the patient's prescription data in anonymised form for targeted marketing of drugs?
5. In the circumstances of this case, the information came into the hands of the pharmacist with no breach of confidence. This has to be distinguished from the case where information comes into the hands of, say, a journalist in breach of confidence, where the law will restrict further publication. A different approach might be taken if it were the company, not the pharmacists, who anonymised the information, although the position could still possibly be distinguished from that of journalists.
6. Pharmacists' consciences ought not reasonably to be troubled by the selling of anonymised patient data to drug companies so that the latter can achieve "targeted marketing". The patient's privacy will have been safeguarded, not invaded.
7. The Court of Appeal refused to consider whether "targeted marketing" might be contrary to the public interest in increasing the NHS drugs bill.
8. The anonymisation of data here is unobjectionable under national law. The provisions of Directive 95/46/EC on data protection, which are yet to be implemented into national law, should be interpreted with common sense and justice, and would probably not lead to a different result in the UK. Although the processing of health data is prohibited (Article 8.1) without explicit consent (8.2) or for the purposes of preventive medicine, medical diagnosis, the provision of care or treatment or the management of health-care services, and where such processing is done by a health professional (8.3), applies the principles of protection are to be applied to an identified or identifiable person but not to data rendered anonymous so that the person is no longer identifiable, and codes of conduct may usefully provide guidance on the ways in which data may be rendered anonymous (recital 26).
9. The Court indicated that strictly controlled auditing of identifiable data would be acceptable.
It is understood that this case may be appealed to the House of Lords.
For further information contact Chris Hodges on Tel 020 7367 2738 or e-mail [email protected]
Social Media cookies collect information about you sharing information from our website via social media tools, or analytics to understand your browsing between social media tools or our Social Media campaigns and our own websites. We do this to optimise the mix of channels to provide you with our content. Details concerning the tools in use are in our privacy policy.