Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

GDPR issue in Pharmacy

13

Comments

  • Closed Accounts Posts: 23,646 ✭✭✭✭qo2cj1dsne8y4k


    Well considering the complaint was made over the phone the only people privvy to it was
    - me
    - the pharmacist
    - the staff member

    There was no show down, no confrontation. I left the store, politely. The staff members brothers squeeze had it up on her Facebook. If I didn’t tell her, and the pharmacist didn’t tell her, it leaves one person


  • Posts: 8,647 ✭✭✭ [Deleted User]


    Well considering the complaint was made over the phone the only people privvy to it was
    - me
    - the pharmacist
    - the staff member

    There was no show down, no confrontation. I left the store, politely. The staff members brothers squeeze had it up on her Facebook. If I didn’t tell her, and the pharmacist didn’t tell her, it leaves one person

    But can you prove this?


  • Posts: 0 [Deleted User]


    Was patient's medical issues discussed? I don't believe so. How could you prove that the worker in the shop definitely gave the information?

    If you have concerns about my practice. I will gladly.give you my PSI registration number and you can make an official complaint.

    Are only medical related issues covered by GDPR when discussing them with a GP, Dentist, Pharmacist? They most certainly are not. All personal data, including confidential conversations are covered.

    I am astonished.


  • Closed Accounts Posts: 23,646 ✭✭✭✭qo2cj1dsne8y4k


    But can you prove this?

    Yes!

    The cctv will show I spoke to the lady for approx 10 seconds and left. The pharmacist called me back, and apologized so she will be able to clarify who she told or spoke to about it.


  • Posts: 0 [Deleted User]


    But can you prove this?

    The op was the only one in the chemist, the person who posted it on Facebook has a close relationship to the employee involved.


  • Registered Users, Registered Users 2 Posts: 17,273 ✭✭✭✭Sleeper12


    Post 14
    I went in there for a medical reason, yes. She was behind the dispensary when I walked in and she walked out to me and was rude, I left and complained and now her brothers girlfriend has it publicly on Facebook that I should find another chemist to torment.

    fair enough but it is in post 14

    Post 14 does not say that they posted online that she complained. It says that they say op ne to find another chemist.

    This is new information posted only a few hours ago. If they did post on Facebook that she complained then that could definitely be a GDPR breach. But up until a few hours ago it seemed that the only supposed breach was stating that op was in a public place and that wouldn't be a breach.

    No offence to op but I find some posts hard to make out.


  • Registered Users, Registered Users 2 Posts: 7,130 ✭✭✭ebbsy


    Were ye in for the blue pills Op ?


  • Registered Users, Registered Users 2 Posts: 17,273 ✭✭✭✭Sleeper12


    Few days later staff members brothers girlfriend posted it publicly to find another chemist to torment and when I messaged her privately (naming the chemist asking when she became spokeswoman) she screenshot it and shared it on social media. She followed it up with “please leave my in laws aloneâ€


    I read here that you shared the data with the sales assistant as a private citizen and not as a staff member of the shop. You messaged her personal account and not the business. This is a conversation between two private citizens and she can share what she wants. That's not to say that I agree her actions

    This is how I see it. I'm not taking sides & genuinely feel op has be treated terribly & bullied. I genuinely worry that this nutcase won't stop the online bullying even when sacked.


  • Registered Users, Registered Users 2 Posts: 255 ✭✭The Hound Gone Wild


    GDPR covers the collection and storage of your data and your ability to manage that data. So your PMR falls under GDPR, however, a staff member of a Pharmacy posting about you on Facebook about a complaint made against them is not covered.

    The Pharmacist is ethics bound to not discuss your medical information unless it's in your best interest. As far as I can tell no medical information has been disclosed.

    The behaviour is entirely unprofessional and I'd be having a serious word with the person concerned (upto and including dismissal) if it were my staff but nothing illegal has happened.


  • Administrators, Entertainment Moderators, Social & Fun Moderators, Society & Culture Moderators Posts: 18,781 Admin ✭✭✭✭✭hullaballoo


    I'm a pharmacist. This isn't a GDPR breach. Patient confidentiality, potentially if the person who made the breach has a regulator.

    Don't know many people who would go to their pharmacist for legal advice, with every respect.

    I'm a barrister who specialises in data protection. I have a masters in it and advise large multinationals on this stuff.

    It is very much a data protection issue.

    What I think people don't grasp is the level of safeguards around sensitive data. Maybe it's a case of unintended consequences but the GDPR expressly regulates scenarios many people treat with casual disregard. Including gossiping about "torments" in work if you work in healthcare.

    As for proving x, y or z about it. The standard of proof for these things isn't "establish as a matter of absolute objective truth". It's on the balance of probabilities and on balance, the fact that the complaint/altercation was made known to a third party and published establishes in the absence of any evidence to the contrary that a breach occurred.


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 31,040 ✭✭✭✭AndrewJRenko


    I'm a pharmacist. This isn't a GDPR breach.
    Is GDPR within your professional competence?


  • Registered Users, Registered Users 2 Posts: 17,273 ✭✭✭✭Sleeper12


    It is very much a data protection issue.


    Exactly what data that was collected & stored by the business was shared?

    OP sent a private message to the woman's private Facebook account and not the business account. OP then revealed to a private citizen that she reported it to her boss. Sales assistant then shared this information on Facebook.


  • Banned (with Prison Access) Posts: 439 ✭✭FutureTeashock


    Sleeper12 wrote: »
    Exactly what data that was collected & stored by the business was shared?

    OP sent a private message to the woman's private Facebook account and not the business account. OP then revealed to a private citizen that she reported it to her boss. Sales assistant then shared this information on Facebook.


    The source of this river of misery originates from the Pharmacy, where all data concerned is at risk due to the employees' access to said data.


    The angry employee had the potential to access and release sensitive medical data and, given the behavior of said employee, that is absolutely plausible.


    I wouldn't feel my data was secure with the employee who plastered this matter over facebook.


    My judgement: GDPR breach.


  • Registered Users, Registered Users 2 Posts: 12,235 ✭✭✭✭Cee-Jay-Cee


    Dav010 wrote: »
    Op, Can we take it for granted that the info did not come from another customer in the shop?

    To those who say this is not a GDPR issue, you are incorrect. Also, it could be more serious than that for the pharmacy, a customer has a right to expect confidentiality when getting medications, this includes the conversation.

    In this case, the op was identified, and private details about the conversation were given to another member of the public by a staff member. If you google, you will find a well publicised case of where a member of staff at a health clinic discussed details about treatments and personality of patients at a party, a few mins later those details were on Facebook, the clinic is now closed.

    The potential downside for you op, is that if you have a history of being difficult to deal with, other health care/medication providers may be wary of accepting you as a patient/customer.

    As a Clinic owner, I would look at this as a serious breach of confidence, the staff member acted wholly unprofessionally in every way. After hearing all the facts, disciplinary action would certainly be considered.

    It’s still not GDPR, no data pertaining to the OP was leaked or divulged other than their name which isn’t a breach of GDPR laws. It’s a breach of confidence and to try and dress it up as anything else is just another typical example of how fcuked up our society has become where GDPR, discrimination, racism, LYGBT etc cards are played at every opportunity and usually in the context of looking for compensation.


  • Registered Users, Registered Users 2 Posts: 17,273 ✭✭✭✭Sleeper12


    The source of this river of misery originates from the Pharmacy, where all data concerned is at risk due to the employees' access to said data.


    OP gave the information directly to the sales assistant via both of their private Facebook accounts. The information was provided by OP directly to the sales assistant in a private Facebook account. It didn't originate from the business. A Facebook PM to a private Facebook account isn't covered in any shape or form by GDPR.


  • Closed Accounts Posts: 23,646 ✭✭✭✭qo2cj1dsne8y4k


    Sleeper12 wrote: »
    Exactly what data that was collected & stored by the business was shared?

    OP sent a private message to the woman's private Facebook account and not the business account. OP then revealed to a private citizen that she reported it to her boss. Sales assistant then shared this information on Facebook.

    No.
    I had an off putting experience with let’s call her A.
    Remaining polite, I left the chemist.
    I called chemist from outside the shop.
    Manager called me back and apologized and said she would address the issue with A.

    On Thursday, B started posting nasty comments on her Facebook status regarding my relationship, and accusing me of “mugging him off” which I ignored and did not address. On Friday night B posted “Please find another chemist to torment”

    I messaged B by phone asking her “mugging my boyfriend off? Finding another chemist to go to? Have you something to say to me B?” To which she screenshot and posted on her Facebook.

    She responded telling me my relationship was **** and to leave her and her in laws in peace. I had not contacted her, I had not spoken to her since June, I’ve nothing to do with her. As far as I was concerned, I had no hard feelings towards her at all.

    I do not know A well enough to add her on Facebook, I don’t even know her marriage surname. I have never once interacted with A outside the chemist. We were not on chatty terms ever in the chemist, even before a and b knew each other. I have no issue with A outside the fact she was very rude to me when there was no need. A has not posted on Facebook to my knowledge but B knows about the incident and has seen fit to broadcast it. B has no business knowing when I frequent my local pharmacy but especially has no right to tell me where I can and can’t go on the back of what A said. She does not work there, she does not frequent there and she is not the spokesperson on who is and isn’t allowed in there. She accused me of “torment” and asked me to leave “my in laws in peace”.


  • Closed Accounts Posts: 23,646 ✭✭✭✭qo2cj1dsne8y4k


    It’s still not GDPR, no data pertaining to the OP was leaked or divulged other than their name which isn’t a breach of GDPR laws. It’s a breach of confidence and to try and dress it up as anything else is just another typical example of how fcuked up our society has become where GDPR, discrimination, racism, LYGBT etc cards are played at every opportunity and usually in the context of looking for compensation.

    I am not looking for compensation, I use a chemotherapy drug for a long term illness and that is the chemist that deals with me, I am immunocompromised and under the care of a consultant, and went in initially in relation to my condition but given her rude manner I wasn’t comfortable discussing with her so left and complained.

    My complaint was carried out of the healthcare setting and used to humiliate me and bully me on Facebook, by a 3rd party.

    I work a full time job. I’m not afraid of grafting. I’m not hoping for €€ I’m upset that my private business is being discussed with a toxic nasty individual giving her fodder for a social media show down I want no hand act nor part in.


  • Closed Accounts Posts: 23,646 ✭✭✭✭qo2cj1dsne8y4k


    Sleeper12 wrote: »
    OP gave the information directly to the sales assistant via both of their private Facebook accounts. The information was provided by OP directly to the sales assistant in a private Facebook account. It didn't originate from the business. A Facebook PM to a private Facebook account isn't covered in any shape or form by GDPR.

    No I didn’t. I have never ever ever introduced myself or contacted her outside of her profession. I messaged her sister in law who I used to be friends with who posted the aggressive comment.


  • Registered Users, Registered Users 2 Posts: 17,273 ✭✭✭✭Sleeper12


    I do not know A well enough to add her on Facebook, I don’t even know her marriage surname. I have never once interacted with A outside the chemist. We were not on chatty terms ever in the chemist, even before a and b knew each other. I have no issue with A outside the fact she was very rude to me when there was no need. A has not posted on Facebook to my knowledge but B knows about the incident and has seen fit to broadcast it. B has no business knowing when I frequent my local pharmacy but especially has no right to tell me where I can and can’t go on the back of what A said. She does not work there, she does not frequent there and she is not the spokesperson on who is and isn’t allowed in there. She accused me of “torment†and asked me to leave “my in laws in peaceâ€.


    I'm obviously misreading your posts. Obviously my fault not yours as I'm dyslexic.

    Sorry I'm confusing things. I do hope this person & scummy friends stop harassing you.


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 12,235 ✭✭✭✭Cee-Jay-Cee


    I am not looking for compensation, I use a chemotherapy drug for a long term illness and that is the chemist that deals with me, I am immunocompromised and under the care of a consultant, and went in initially in relation to my condition but given her rude manner I wasn’t comfortable discussing with her so left and complained.

    My complaint was carried out of the healthcare setting and used to humiliate me and bully me on Facebook, by a 3rd party.

    I work a full time job. I’m not afraid of grafting. I’m not hoping for €€ I’m upset that my private business is being discussed with a toxic nasty individual giving her fodder for a social media show down I want no hand act nor part in.

    I wasn’t suggesting you were looking for compensation or anything else. My point is that in recent times every gripe or complaint appears to come under the racism, discrimination, GDPR banner.

    What happened to you was simply a mouthy rude shop assistant blabbing to an even ruder and ignorant relative who then decided to contact you about it and it shouldn’t have happened and I sincerely hope the shop owner sacks them for it.

    What gets to me is that rather than dealing with the issue directly with the employer you chose to try and find a label to put on it that you could obviously then take back to the shop owner.


  • Registered Users, Registered Users 2 Posts: 6,297 ✭✭✭Princess Calla


    What gets to me is that rather than dealing with the issue directly with the employer you chose to try and find a label to put on it that you could obviously then take back to the shop owner.[/quote]

    I think that's abit unfair!

    She had dealt with the matter, she complained to management and considered it case closed and went about her day!

    Then lo and behold the complaint appears on Facebook! So she again complained to management and by chance got the owner.

    Regardless of what label you want to put on it, it's shockingly unprofessional.

    If you made a confidential complaint would you like your details plastered all over Facebook?

    I'm sure the OP is extremely upset by this, and I'm sure the owner is too.

    If I was the owner of the pharmacy or any other business and someone was contacting my customers telling them not to use my services, costing me money I would be absolutely livid!

    Not to mention the reputation of the pharmacy is being dragged through the mud by no fault of the owner!


  • Closed Accounts Posts: 23,646 ✭✭✭✭qo2cj1dsne8y4k


    Hi all, just to update you on this.
    Spoke to the data protection commissioner this morning who informed me it is a data protection issue, and advised me to put my complaint in writing and get their response in writing, and advised me to submit the complaint to them.


  • Registered Users, Registered Users 2 Posts: 2,419 ✭✭✭antix80


    Hi all, just to update you on this.
    Spoke to the data protection commissioner this morning who informed me it is a data protection issue, and advised me to put my complaint in writing and get their response in writing, and advised me to submit the complaint to them.

    To a hammer everything's a nail.

    You actually sound like a trouble-maker op.


  • Registered Users, Registered Users 2 Posts: 7,664 ✭✭✭the_pen_turner


    antix80 wrote: »
    To a hammer everything's a nail.

    You actually sound like a trouble-maker op.

    not sure wy you think that.
    most people would be prity pissed off if in the same situation
    this is a very serious issue , its borderline slander and completely harrament

    i would hope the woman get very seriously reprimanded. there are far too many people out there that like to gossip and talk behind peoples back


  • Registered Users, Registered Users 2 Posts: 17,273 ✭✭✭✭Sleeper12


    antix80 wrote:
    You actually sound like a trouble-maker op.

    I don't see that at all. OP has been bullied and harassed. OP is perfectly right to take any avenue open to her to get this to stop. She is definitely the victim in this imo


  • Advertisement
  • Posts: 0 [Deleted User]


    antix80 wrote: »
    To a hammer everything's a nail.

    You actually sound like a trouble-maker op.

    So the op is right to be aggrieved, has had the DP issue confirmed, as the minority here, including a barrister specialising thought it would be, but the op is a trouble maker? I think you are trolling.


  • Closed Accounts Posts: 23,646 ✭✭✭✭qo2cj1dsne8y4k


    antix80 wrote: »
    To a hammer everything's a nail.

    You actually sound like a trouble-maker op.

    Whether I am or not, I won’t passively roll over and allow my business be spread around, including social media, by someone who has no business doing so.
    I can only take responsibility for my actions and I won’t be harassed or bullied on social media because the staff member is unable to conduct herself in a professional manner.


  • Registered Users, Registered Users 2 Posts: 5,888 ✭✭✭AtomicHorror


    antix80 wrote: »
    To a hammer everything's a nail.

    You actually sound like a trouble-maker op.

    It's hard to understand how anyone could have read this thread in full and come to this conclusion.


  • Posts: 8,647 ✭✭✭ [Deleted User]


    Don't know many people who would go to their pharmacist for legal advice, with every respect.

    I'm a barrister who specialises in data protection. I have a masters in it and advise large multinationals on this stuff.

    It is very much a data protection issue.

    What I think people don't grasp is the level of safeguards around sensitive data. Maybe it's a case of unintended consequences but the GDPR expressly regulates scenarios many people treat with casual disregard. Including gossiping about "torments" in work if you work in healthcare.

    As for proving x, y or z about it. The standard of proof for these things isn't "establish as a matter of absolute objective truth". It's on the balance of probabilities and on balance, the fact that the complaint/altercation was made known to a third party and published establishes in the absence of any evidence to the contrary that a breach occurred.
    With regards GDPR, it is about systematic collection of data and minimising the amount that can be held/minimisation.
    This was a disagreement between two individuals, it is 100 percent not a GDPR issue. Hypothetically, if I as the pharmacist had acted as the shop attendant did, the OP would be right to lodge a complaint with my regulator but not the data protection commissioner.


  • Registered Users, Registered Users 2 Posts: 20,568 ✭✭✭✭cnocbui


    antix80 wrote: »
    To a hammer everything's a nail.

    You actually sound like a trouble-maker op.

    No, but you do.


  • Advertisement
  • Closed Accounts Posts: 32,688 ✭✭✭✭ytpe2r5bxkn0c1


    antix80 wrote: »
    To a hammer everything's a nail.

    You actually sound like a trouble-maker op.

    So you'd let a breach like this just go?

    Have you read the thread?

    The OP is dead right and more people need to stand up to people who overstep the mark.


  • Posts: 5,121 ✭✭✭ [Deleted User]


    Sounds like A (rightly) got in trouble after your first complaint and complained to B.

    I can't imagine why B then went and messaged you directly / posted it publically.


  • Registered Users, Registered Users 2 Posts: 17,273 ✭✭✭✭Sleeper12


    With regards GDPR, it is about systematic collection of data and minimising the amount that can be held/minimisation. This was a disagreement between two individuals, it is 100 percent not a GDPR issue. Hypothetically, if I as the pharmacist had acted as the shop attendant did, the OP would be right to lodge a complaint with my regulator but not the data protection commissioner.

    As more & more information came out yesterday it became clear that it is a GDPR breach. For the first 7 pages I was reading that someone posted on Facebook that OP was in a public place. Obviously nothing to do with GDPR but the last few pages it turns out that sales assistant shared a discussion between OP & the shop owner. This is 100 percent GDPR breach.

    I'd love to follow this case & see what happens to the shop owner. Assuming they store data in the same way that all pharmacy's store data & they followed all the correct procedures you would think that they aren't responsible. They are responsible for their staff members obviously. I mean what more can they do to protect data. They can empty staffs brains at the end of the day to remove data that they took in throughout the day. I'm not sure if there are penalties for staff members who deliberately steal or misuse data

    It would seem unfair in my mind for the store owner to be hit with penalties and the person who deliberately misused the data not to face penalties


  • Registered Users, Registered Users 2 Posts: 950 ✭✭✭laros


    Hello....
    I have a question for the O/P... Were you specifically mentioned in the Facebook post...?


  • Closed Accounts Posts: 4,676 ✭✭✭strandroad


    It’s still not GDPR, no data pertaining to the OP was leaked or divulged other than their name which isn’t a breach of GDPR laws.

    This is completely incorrect. Identifying information, such as person's name, is "personal data" and well covered under GDPR. Customer interaction related to a named customer leaking out is definitely a GDPR breach.

    This is regardless of whether the sales assistant knows the customer socially or not (in this case she didn't anyway); if they are interacting in the context of the business with customer's data stored or processed GDPR applies.


  • Closed Accounts Posts: 4,676 ✭✭✭strandroad


    With regards GDPR, it is about systematic collection of data and minimising the amount that can be held/minimisation.

    GDPR is also about data protection. Releasing customer's name (which is "personal data" and therefore protected by GDPR) to any unauthorised third party is definitely a breach.


  • Administrators, Entertainment Moderators, Social & Fun Moderators, Society & Culture Moderators Posts: 18,781 Admin ✭✭✭✭✭hullaballoo


    With regards GDPR, it is about systematic collection of data and minimising the amount that can be held/minimisation.
    This was a disagreement between two individuals, it is 100 percent not a GDPR issue. Hypothetically, if I as the pharmacist had acted as the shop attendant did, the OP would be right to lodge a complaint with my regulator but not the data protection commissioner.

    Look I'm not here to rub salt in the wounds but although one on the objectives of GDPR is data retention management/minimisation, there are many other objectives. A vital one that you appear to have missed being that data controllers and processors cannot divulge data to third parties without consent of the data subject. This is a manifestation of the EU legislature's views on privacy, which are very strongly protective of individuals' privacy rights. (Clearly there are very many more objectives in play with GDPR but I only have 5 minutes! :o)

    If you are a pharmacist with an outlet, presumably you have staff who deal with customers while you inexplicably take 30 minutes to put 12 tablets in a brown bottle (I jest!) Those staff are at the very least data processors and you, as the data controller, are obliged to have sufficient structures in place to ensure anyone who processes data on your behalf, including simply maintaining a register of names, do not do so in such a way as to offend any of the many provisions of the GDPR.

    This is vital stuff for any business and frankly, posts like the above highlight just how deficient the GDPR readiness industry (so-called GDPR "consultants") was in making businesses GDPR-ready.

    On the other hand, the lack of any real knowledge about data protection and privacy is good for business. :)


  • Registered Users, Registered Users 2 Posts: 2,419 ✭✭✭antix80


    strandroad wrote: »
    GDPR is also about data protection. Releasing customer's name (which is "personal data" and therefore protected by GDPR) to any unauthorised third party is definitely a breach.

    The op was in a public place and she made a bit of a show of herself by storming out of it because she felt slighted by the sales assistant.
    I know the op protests she doesn't know the sales assistant or the woman she got into a slanging match with on facebook. I think there's enough animosity there for the sales assistant to say "guess who stormed out on me earlier and then made a complaint to my manager?" and for her relative to know exactly who she was talking about.


  • Registered Users, Registered Users 2 Posts: 72,015 ✭✭✭✭L1011


    antix80 wrote: »
    The op was in a public place and she made a bit of a show of herself by storming out of it because she felt slighted by the sales assistant.
    I know the op protests she doesn't know the sales assistant or the woman she got into a slanging match with on facebook. I think there's enough animosity there for the sales assistant to say "guess who stormed out on me earlier and then made a complaint to my manager?" and for her relative to know exactly who she was talking about.

    You are being less than helpful here.

    I'd suspect the GDPR discussion may be more suited to Legal Discussion at this stage but I'm not sure a thread-split is practical at this point. If anyone wants to continue that I think a new thread in LD may be best.


  • Closed Accounts Posts: 4,676 ✭✭✭strandroad


    antix80 wrote: »
    The op was in a public place and she made a bit of a show of herself by storming out of it because she felt slighted by the sales assistant.
    I know the op protests she doesn't know the sales assistant or the woman she got into a slanging match with on facebook. I think there's enough animosity there for the sales assistant to say "guess who stormed out on me earlier and then made a complaint to my manager?" and her relative to know exactly who she was talking about.

    It wouldn't matter even if it was true. Businesses are public places by definition. GDPR applies to public places. The OP is a named customer of a business, on the premises of the business, engaging in a business interaction. The pharmacy is the data controller here and the sales assistant is data processor who cannot release customer data to anyone if there is no valid professional purpose. The pharmacy has a duty to train and enforce data protection protocols. The assistant failed them.


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 6,297 ✭✭✭Princess Calla


    antix80 wrote: »
    To a hammer everything's a nail.

    You actually sound like a trouble-maker op.

    The OP is getting bullied and harassed on Facebook, she doesn't need that here!

    She is the injured party here, though I do have sympathy for the owner also.


  • Registered Users, Registered Users 2 Posts: 1,178 ✭✭✭Mango Joe


    Assuming all happened as you have said and theres not 2 sides to every story......(Ahem)

    Pharmacy worker sounds like a very unpleasant and unprofessional piece of work, ditto for her malicious and vindictive Facebook using friend.

    If I was the Pharmacy owner I'd be horrified at my Employee for being hostile to Customers and then bringing my businesses name onto Facebook in such a bad light.

    Yes people do go through the door of a Pharmacy with very confidential and sensitive business in mind - Pharmacy staff should be sympathetic professionals not small time eejitts carrying on like a gang of 12 years old hanging around outside a Centra shop looking for trouble.


  • Registered Users, Registered Users 2 Posts: 1,859 ✭✭✭NickNickleby


    It's definitely a customer confidentiality issue and a serious one.
    Not GDPR like stated above.
    Sounds like she got told off for being rude to you, went home and blabbed, which she absolutely should not have done.
    Her sister in law has less sense than she has to contact you.
    They've both made their own bed, I'd be glad to see them both get a boll*king.
    The owner was very nice and took this very seriously when I spoke to him and I don’t want to damage his business without giving him the opportunity to remedy the situation. I’m sure they all have a bitch about customers from time to time but he couldn’t control the third party posting it to Facebook.

    I will meet with him and if I’m not satisfied with what he has to say, I’ll be filing a case with the psi and the data commissioner

    I think we've all met these types, in Pharmacies, Doctors Surgeries and Dentists. Assistants who forget that they are the assistants, instead thinking they are the like the Pope - God's representative to the little people. If it wasn't for the Facebook post, I'd have just said "Ah, sure let it go, this person isn't worth your effort". The addition of the Facebook post is definitely horrendous, but my rage would be more about the cheek of someone to call me a torment on Facebook, along with the implied suggestion that the pharmacy wouldn't miss me. This somehow gives more weight to the scurrilous post, albeit without the pharmacists knowledge or consent - presumably. Actually, presumably is not a strong enough word. Who could imagine a pharmacist would deliberately permit this to happen. No one.

    First bolded bit above I would consider a reasonable outcome.

    The second bolded bit.... You've contacted the Data Commissioner, would not not wait until the owner comes back with his suggestion?

    Can I ask, what outcome are YOU hoping for? We already know that you will have moral support from some on here asking for someone to be sacked, should that be the outcome. Is THAT what you're hoping for? Or perhaps a large fine to be given to the business owner? (now that you've already initiated a process with the Data Commissioner, I suppose that now becomes a real possibility). It doesn't seem to me , from your posts, that you'd want either of these things to actually happen. There are a few posters in this thread who already have the branding irons in the fire. That type of posting only serves to further inflame feelings, and I feel they (the suggestions, not the posters) are best ignored.

    Lastly, while it might seem that I'm being antagonistic toward you, I'm really not that kind of person, I just feel you're using a sledgehammer to crack a nut, and I'm trying to persuade you that the sledgehammer route may be a little drastic - to say the least. I agree you have a real grievance, and I'm sure this kind of carry-on (I'm referring to the assistant et al). is the last thing you need in your life right now. I wish you well, and I hope this is resolved quickly and amicably, so that this needless additional stress is removed from your life. I'd suggest that the owner will go out of his way to remedy the situation.


  • Registered Users, Registered Users 2 Posts: 5,161 ✭✭✭homer911


    I would be very surprised if there is not something in the employee's contract of employment related to customer confidentiality, and the implications of breaching this


  • Closed Accounts Posts: 23,646 ✭✭✭✭qo2cj1dsne8y4k


    On Thursday my relationship was dogged into the ground on Bs profile.
    On Friday “please find another chemist to torment” was posted on social media, and followed up with a text message starting with “please leave my in laws in peace”.

    I don’t want my business discussed with her as it’s fodder for social media. I am unsure what I expect the business to do; but I’m meeting him on Friday so I’ll hear what he says. If I’m unhappy with the outcome, I will lodge a complaint with the data protection commissioner but I will listen to what he has to say first.


  • Posts: 11,614 ✭✭✭✭ [Deleted User]


    This thread is an absolute car wreck.



    Having read the whole thing I think some posters were reading a different thread because the OPs posts were perfectly clear to me.



    It is a GDPR issue. Comparing it to being in Spar is nonsensical, it's not Spar. Spar does not keep information on as much as your spending habits never mind medical conditions.



    Pharmacy attendant shared personal information to a 3rd party. Said attendant also has access to significant other personal information and could have shared that too. GDPR is about managing and securing personal data. In this situation personal data is at risk by the demonstrated misconduct of an employee.


    The only advice I can give is to unfriend from Facebook the sister inlaw and limit future interactions with that family going forward. I expect the pharmacy owner to take it very seriously, and a letter from the Data Protection commissioner will see to that.



    Finally, the attacks on the OP through-out this thread are really quite depressing.


  • Registered Users, Registered Users 2 Posts: 1,859 ✭✭✭NickNickleby


    On Thursday my relationship was dogged into the ground on Bs profile.
    On Friday “please find another chemist to torment” was posted on social media, and followed up with a text message starting with “please leave my in laws in peace”.

    I don’t want my business discussed with her as it’s fodder for social media. I am unsure what I expect the business to do; but I’m meeting him on Friday so I’ll hear what he says. If I’m unhappy with the outcome, I will lodge a complaint with the data protection commissioner but I will listen to what he has to say first.

    Ah, I completely understand your anger. At least, internally, try to find a way round this. Remember 99.9% of people who heard the exchange in the Pharmacy or read the Facebook post (ok, it might be a bit of a stretch on Facebook:pac:) would be thinking "what an eejit" about the assistant or the Facebook poster! I imagine most people's immediate would reaction would be "fair play to your woman for walking out". YOUR reputation has not suffered here, theirs has. Your dignity has been assailed and yes, you're rightly annoyed. But in the end, YOUR dignity is still intact. You're already the winner here, you have the moral high ground.

    Over years (or because I'm getting older) I've noticed this behaviour has gradually tapered off. Your assistant is the dinosaur. You were unlucky. Get her the bollocking and the admonition to treat you with perfect courtesy at the risk of her job, then watch as she tries to be smarmy, all the while squirming inside. Now, THERE's your reward!

    Be well !!


  • Closed Accounts Posts: 8,492 ✭✭✭Sir Oxman


    This thread is an absolute car wreck.



    Having read the whole thing I think some posters were reading a different thread because the OPs posts were perfectly clear to me.



    It is a GDPR issue. Comparing it to being in Spar is nonsensical, it's not Spar. Spar does not keep information on as much as your spending habits never mind medical conditions.



    Pharmacy attendant shared personal information to a 3rd party. Said attendant also has access to significant other personal information and could have shared that too. GDPR is about managing and securing personal data. In this situation personal data is at risk by the demonstrated misconduct of an employee.


    The only advice I can give is to unfriend from Facebook the sister inlaw and limit future interactions with that family going forward. I expect the pharmacy owner to take it very seriously, and a letter from the Data Protection commissioner will see to that.



    Finally, the attacks on the OP through-out this thread are really quite depressing.




    I find this happens all the time on forums like this.
    I come into a forum like this one on the basis every OP is telling the truth.
    That's the way it should be unless and until any OP is obviously holding something back/exaggerating/leaving bits out/making it up.


    A liar will always slip up and some contributors haven't the sense they were born with.



    PS I totally believe the OP here and I think she's been perfectly clear in what happened and I am at a loss as to the snipey post from one poster on here.
    I was surprised it's a GDPR breach but I think GDPR for the ordinary soul is a minefield.


  • Banned (with Prison Access) Posts: 439 ✭✭FutureTeashock


    Sir Oxman wrote: »
    I find this happens all the time on forums like this.
    I come into a forum like this one on the basis every OP is telling the truth.
    That's the way it should be unless and until any OP is obviously holding something back/exaggerating/leaving bits out/making it up.


    A liar will always slip up and some contributors haven't the sense they were born with.



    PS I totally believe the OP here and I think she's been perfectly clear in what happened and I am at a loss as to the snipey post from one poster on here.
    I was surprised it's a GDPR breach but I think GDPR for the ordinary soul is a minefield.


    The reason I believe her is because it's an all too familiar experience: you enter a business to pay for a product/service and the staff use you as an anger misplaced punching bag.
    It's why I do 99% of my shopping online now.


  • Advertisement
  • Posts: 2,799 ✭✭✭ [Deleted User]


    This thread is an absolute car wreck.



    Having read the whole thing I think some posters were reading a different thread because the OPs posts were perfectly clear to me.



    It is a GDPR issue. Comparing it to being in Spar is nonsensical, it's not Spar. Spar does not keep information on as much as your spending habits never mind medical conditions.



    Pharmacy attendant shared personal information to a 3rd party. Said attendant also has access to significant other personal information and could have shared that too. GDPR is about managing and securing personal data. In this situation personal data is at risk by the demonstrated misconduct of an employee.


    The only advice I can give is to unfriend from Facebook the sister inlaw and limit future interactions with that family going forward. I expect the pharmacy owner to take it very seriously, and a letter from the Data Protection commissioner will see to that.



    Finally, the attacks on the OP through-out this thread are really quite depressing.

    Is your name really priviledge information? This all sounds like a small town thing where everyone knows everyone, and their girlfriends and in-laws.

    Nasty, but that's what also is going in small towns. If facebook wasn't invented it would be gossiped anyway.

    Small towns are awful in many ways.

    It is not right how people use facebook for mean ness, and am sorry for the OP. Is this happening in a place where everyone lives like in a box of hamsters?


This discussion has been closed.
Advertisement