As independent regulatory monitors, it is not often that we come across findings that are exciting or alarming. However, recently we uncovered a concerning revelation in a review of electronic private prescription software used in the UK. The review in question can be found in this YouTube video (https://www.youtube.com/watch?v=tvWxvhCg_NQ). The reviewer evaluates the four most popular electronic private prescription software providers in the UK: SignatureRx, Livi, Clynxx, and Doctor Care Anywhere. Our investigation confirmed that two (2) of the above providers are creating prescriptions that are not fully regulatory compliant, which raises red flags for patient safety and indemnity. In this article, we’ll review these results, but first, we must examine the relevant regulations electronic prescriptions must comply with.
Regulations
Human Medicines Regulations 2012
The relevant UK electronic prescription regulations are Regulations 217 & 219 of The Human Medicines Regulations 2012, which can be found here:
And
In the UK, electronic prescriptions must adhere to Regulations 217 & 219 of The Human Medicines Regulations 2012. While all four providers complied with Regulation 217, only two fully complied with Regulation 219. The two non-compliant providers failed on Regulation 219 (4)(b) signed with an advanced electronic signature, and (c) sent to the person by whom it is dispensed as an electronic communication (whether or not through one or more intermediaries). In this regulation, an "advanced electronic signature" means an electronic signature linked to the data to which it relates in such a way that any subsequent change of data is detectable.
The Pharmacy Safety Group Paper
Community Pharmacy Patient Safety Group a pharmacy safety organisation forum whose members include Boots, Lloyds, Superdrug and the National Pharmacy Association has also released a paper which provides guidance to pharmacies regarding the legality of electronic private prescriptions in the UK which can be found here
Results
Software | Regulation 217 compliance | Regulation 219 compliance | Outcome |
SignatureRx | Compliant | Not Compliant | Not legal |
Clynxx | Compliant | Compliant | Legal |
Livi | Compliant | Not Compliant | Not legal |
Doctor Care Anywhere | Compliant | Compliant | Legal |
Our investigation discovered that SignatureRx prescriptions did not contain an electronic signature and could be dispensed multiple times. Although Livi prescriptions can only be dispensed once, they also did not contain an electronic signature. Clynxx and Doctor Care Anywhere prescriptions contained an encryption via electronic signature.
Discussion
There are three main concerns here: (1) public safety, (2) indemnity, and (3) client reputation. We’ll go through each in turn.
Public Safety Concerns
Failing to comply with electronic prescription regulations presents a grave risk to public safety. The medical supply chain needs careful regulation to ensure that the right people have access to the right drugs in the correct dosages. Any form of prescription forgery opens the floodgates to drugs leaving the supply chain, falling into the hands of unscrupulous actors, and posing a widespread danger to the public. Furthermore, failure to trace prescription legitimacy creates greater opportunities for abuse, leading to higher usage of incorrect medicines and dosages that can endanger public safety.
Indemnity Concerns
The issue of indemnity also arises when electronic prescription providers fail to comply with regulations. Prescribers, such as doctors, must operate within the cover of their indemnity, and non-compliance with regulations may result in cases not being covered by the prescriber's indemnity. This can put the patient at risk of losing coverage in the case of an incident.
The failure to adhere to regulatory compliance is a massive concern for indemnity providers, prescribers, and regulators. It can create an enormous financial burden and harm the reputation of all parties involved.
Reputation
For providers using non-compliant electronic prescription software, the risk to their reputation is significant. Regulators may deem the provider unfit to manage clinical practices if they are perceived as unable to perform their own due diligence. As a result, their prescriptions may be recalled, meaning that every prescription ever written using the non-compliant systems will need to be printed and signed by hand before being supplied to the dispensing pharmacy.