Data Security Promotional Emails Claiming a “CPE Requirement”

Written by AlisonFreemantle on Friday 22nd May 2026

These emails are not from Community Pharmacy England and are not a requirement

You may have seen emails from the Data Protection Officers Association (DPOA) that reference Community Pharmacy England and suggest an urgent or new “CPE requirement” for pharmacies to appoint a DPO.

Key points to be clear on:

These emails are promotional communications from a third party, not from Community Pharmacy England.
There is no endorsement or instruction from CPE.
Since GDPR was introduced in 2018, CPE guidance has consistently been that they had been advised that pharmacies must have appropriate DPO arrangements in place, but how this is met is a matter for the pharmacy owner.
Pharmacy owners are free to choose from the range of available options if they decide to purchase DPO services or training at all (many may not need to purchase these given some of the free training available).

Relevant CPE guidance to point people to, where needed:

DSP Toolkit 2026 reminder (including advice to be cautious of possible spam):
https://cpe.org.uk/our-news/data-security-and-protection-toolkit-2026-are-you-working-through-it/
Data security roles (including DPO):
https://cpe.org.uk/digital-and-technology/data-security/data-security-roles/
Training information:
https://cpe.org.uk/dstraining

Return to News

Search this website

Data Security Promotional Emails Claiming a “CPE Requirement”

Search for Documents

Quick Links

Continuing Professional Development:

Privacy Notice: