AUTH/1963/2/07: Independent nurse advisor v GlaxoSmithKline (Diabetes Patient Review Service) – No breach

📅 2007 | 🖉 Dr Anzal Qurbain
📊

Key facts

CaseAUTH/1963/2/07
ComplainantIndependent nurse advisor
CompanyGlaxoSmithKline UK Ltd
Service/ActivityDiabetes Patient Review Service (DPRS) / clinic support at a medical centre
Main allegationRepresentative installed software and selected/invited patients, allegedly breaching patient confidentiality
Company positionIndividual was a non-promotional DFA; reports were anonymised with unique IDs; practice held the identifying spreadsheet; practice set criteria and decided attendees; letters produced by practice administrator; DFA supervised and did not access identifiable data
Clauses considered2, 9.1, 18.1, 18.4
Panel decisionNo breach of Clauses 18.1, 18.4, 9.1; therefore no breach of Clause 2
Complaint received19 February 2007
Case completed20 April 2007
Applicable Code year2006
AppealNo appeal

Download the full case report (PDF)


Reviewed by Dr Anzal Qurbain (FFPM) — ABPI Final Signatory

🤖

Got a question about this case?

Ask one of our 13 specialist ABPI advisors — instant answers, 24/7.

Ask AskAnzal AI
🎬 Expert Video Walkthrough
🎬
Video walkthrough — coming for members
Subscribe now and get expert video analysis for every case as we publish them.
Subscribe — from £299/yr
📋

What happened

  • A complainant alleged a GlaxoSmithKline (GSK) representative installed software (“downloaded a disc”) onto a GP practice system and, with the practice nurse’s knowledge, chose which patients should attend a GSK-provided clinic and invited them.
  • The complainant believed this amounted to a breach of patient confidentiality and wanted to prevent recurrence.
  • GSK stated the individual was a Diabetes First Associate (DFA) in a non-promotional role delivering the Diabetes Patient Review Service (DPRS), a free, non-promotional service offered unconditionally and not linked to any medicine.
  • The service involved installing third-party software to generate anonymised audit reports and (optionally) using independent agency nurse advisors to review patients if the practice requested.
  • GSK stated patient lists were generated using unique ID numbers only; the identifying key/spreadsheet was held by the practice and not accessible to the DFA. The practice set the search criteria and decided who attended; the practice administrator produced letters.
  • The DFA installed/demonstrated the software under supervision of the practice nurse and did not unmask patient names (a tick-box existed but was not clicked).
⚖️

Outcome

  • No breach of the Code was found.
  • The Panel did not consider there was sufficient evidence, on the balance of probabilities, that patient confidentiality had been breached, because the DFA did not have access to identifiable patient data.
  • No breach of Clauses 18.1, 18.4 and 9.1; therefore no breach of Clause 2.
🔒

Unlock the full case analysis

Members get the complete breakdown — Clauses, Sanction, Signatory Lens, Audit checklist, and 3 Key Questions.

Best value
£249/year
Annual — save £99
or
£29/mo
Monthly
Join Now — Instant Access

⭐ Business Intelligence Access

See the full compliance picture for every pharma company

291 Company Intelligence Reports — breach patterns, appeal history, industry ranking, PDF export.

Request Access →
⭐ Flagship Programme

AQP Flagship Path — the complete UK ABPI signatory programme

12 modules. 12 weeks. Final Signatory readiness. The industry standard for ABPI Code signatories — £995 + VAT.

Enrol — AQP Path Learn more

📰 Weekly PMCPA Case Breakdown

One real case. One key lesson. Every week — free.

Subscribe Free
🎓 AQP Training