A major pharmacy chain has apologised after admitting sensitive employee information was leaked.
The details of more than 24,000 staff and locum workers employed by the Manchester-based Well Pharmacy group were accidentally included in an email.
The leaked data included names, addresses, phone and payroll numbers and email addresses.
The company has stressed that no patient information formed part of the data.
The Well Pharmacy group – formerly the Co-Operative Pharmacy – describes itself as the biggest independent chain in the UK.
It employs more than 7,000 staff in 780 shops.
The data leak occurred earlier this month when an email was sent to an undisclosed number of locum pharmacists.
The email contained a spreadsheet that included the details of employees and locums.
Efforts were made to recall the email but now the company has apologised and launched an investigation.
In an email to staff, Chris Ellett, a senior manager responsible for safeguarding data at Well, said the email did not contain bank details, National Insurance numbers or dates of birth.
“How we handle your personal data at Well is very important and I am truly sorry that this has happened,” he said.
“Any incident involving personal data is serious and I have launched a full investigation.
“Changes have already been made to prevent this happening again.
“The Information Commissioner’s Office has been informed and we will act immediately on any advice they provide.”
The Pharmacists’ Defence Association, the professional trade union, has advised those members who have received the email “not to open the attachment and to permanently delete the spreadsheet”.
In a statement, the union said that some pharmacists have expressed concerns about what other data is included in the email.
“Members believe the information includes data about their religion, pay rates, fitness to practice information and criminal record checks.
“There are also concerns that the data held about them by Well Pharmacy amounts to a “blacklist”, as it includes a column entitled “reasons for inactivation”.
“Our members want to know what information has been recorded about them and how it was put in the public domain.”
In his email to Well staff, Mr Ellett denies this is the case.
“The document also contains additional information to assist us in successfully placing individuals where appropriate.
“It does not contain any information relating to personal characteristics.
“We have been made aware that a number of locums believe this is a list of ‘banned’ individuals.
“We want to reassure you that this is not true.”