Eli Lilly E-mail Lapse Highlight Need for Privacy Policies

News

  • 24 January 2002
DHI News Team
December 1, 2016

Two news items from the US over the past week have highlighted the need for rigorous privacy policies when managing electronic patient sensitive data and electronic communications with patients.

The US Federal Trade Commission (FTC) ruled that pharmaceutical manufacturer Eli Lilly will not have to pay a fine after it accidentally disclosed the e-mail addresses of almost 700 Prozac users, but must beef up its information privacy policies and systems.

Eli Lilly sent regular e-mail messages to people using Prozac, who had registered for information at Lilly’s Prozac.com website.

The problem stemmed from the e-mail recipients addresses being revealed by hitting the wrong button on the email programme. While the mailings were supposed to be sent in a blind carbon copy (BCC) format, the company accidentally failed to hide recipients’ addresses, and sent them instead as carbon copy (CC) which revealed the addresses to all other e-mail recipients.

The company canceled the "Medi-Messenger" program in late June 2001, but in early July 2001 the American Civil Liberties Union (ACLU) asked the FTC to investigate the privacy breach.

The ACLU said that disclosing the e-mail addresses of people suffering from various forms of depression could lead to discrimination against those people.

The FTC ordered Lilly to maintain an information security programme for all information it collects from its customers for the next 20 years. It also required the firm to carry out an annual security review for the information it holds on customers.

In a separate development the Star Tribune newspaper last week reported that researchers at the University of Minnesota inadvertently told 410 kidney transplant patients the names of their deceased organ donors, a serious violation of a patient confidentiality and medical ethics.

The names of donors were accidentally revealed because of a glitch in a database that generated letters sent each year to recipients participating in a long-term study.

Subscribe To Our Newsletters

Find out more

Subscribe to our newsletter

Subscribe To Our Newsletter

Prev News

Misys Wins its Biggest Health IT Contract

Next News

NAO Praises NHS Direct Implementation

Related News

UK Biobank to get access to GP patient data for research
AI and Data February 17, 2026

UK Biobank to get access to GP patient data for research

The government will grant approval for UK Biobank researchers to access coded GP patient data for research purposes.
How to turn NHS data into ‘gold’
AI and Data August 13, 2025

How to turn NHS data into ‘gold’

The NHS holds vast stores of data it cannot use or sell.  Synthesised data is the answer, write Martin Farrier and David Chapman
UK Biobank data and AI help predict early onset of diseases
News August 4, 2025

UK Biobank data and AI help predict early onset of diseases

A study has developed an AI method to predict the early onset of 38 age-related diseases through analysis of UK Biobank data.