Data security top tips and case studies

Published on: 6th December 2019 | Updated on: 2nd December 2025

Keeping patient data secure is essential for every community pharmacy. With more services being delivered in pharmacies, it’s important for pharmacy owners and teams to follow best practices for data protection and cyber security.

This page brings together practical tips and guidance from Community Pharmacy England, the NHS, and the Information Commissioner’s Office (ICO).

Community Pharmacy England and NHS guidance

Cyber security tips factsheet – Read the IT factsheet
Ten steps to data and cyber security – Read the briefing

ICO research and recommendations

The ICO is the UK regulator for data protection. It ensures compliance with the Data Protection Act and promotes good practice in handling information.

The ICO carried out voluntary visits and surveys with community pharmacies across England, Scotland, and Wales. Their research focused on:

Information governance and security
Data protection on public-facing websites
Staff training and awareness
Fair processing for customers
Records management and data disposal
Use of portable media devices
Transmission of personal and sensitive data

What the ICO found

Pharmacy teams generally understand the importance of keeping personal data safe and are motivated to do so. However, the ICO highlighted areas for improvement and shared practical tips:

Training

Provide regular, ongoing training for all staff handling sensitive information
Include confidentiality and information security in IG training

Make sure your website explains how both the site and the pharmacy use personal data
Keep software up to date on all devices processing sensitive data
If fax machines are still used, apply “Safe Haven” procedures for security
Use individual logins for systems with patient data to maintain audit trails
Smartcards must only be used by their registered holder

Policies and procedures

Put clear policies in place to:
- Control removal of personal data from the pharmacy
- Monitor staff compliance
Make policies easy for staff to access and refer to

Return to the Pharmacy IT hub

For more information on this topic please email it@cpe.org.uk

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
is-pharmacy	30 days	Hides the 'Do you work in community pharmacy?' hero prompt if the user has already selected 'yes'

Data security top tips and case studies

Latest Digital & Technology news

NHSmail becoming NHS.net Connect: New Launchpad homepage coming soon

New report sets out opportunity to make community pharmacies cornerstone of neighbourhood health

IT update: More Pharmacy First referrals flowing directly into pharmacy systems

Funding & Reimbursement Shorts: Claiming payment for EPS prescriptions

NHS App research opportunities

NHSmail is becoming NHS.net Connect – what pharmacy teams need to know

Reminder: Prescription Item Reports: Your monthly breakdown of NHS payments

Share your views: NHS App development and scan-to-shelf

Pharmacy IT workstreams update published as IT group meets

EPS has been fully rolled out to Detained Estate prescribers

Upcoming changes to the MYS Portal

Volunteer: Join the updated EPS status tracking NHS App pilot