Old manager shared my last appraisal externally and internally (apparently in error?) 19 August 2022 at 1:45PM in Employment, jobseeking & training 7 replies 703 views

abi52uk

Hi

Any advice on how I can handle this please?

I am 3 weeks in to my new job and recieved a call from my former manager who said that she needed to confess something to me. Apparently she had gone to send a document to someone external to their organisation (copying in my previous team members) and accidently (?!) also attached my last appraisal from this job! The mistake was pointed out to her by one of my previous colleagues and she then attempted to recall the email but we are unsure who opened the attachment as this was a couple of days later.

So potentially, 3 former colleagues and an external recipiant have had access to my last appraisal which should have been confidential.

This is made even more embarassing by the fact that a) in this apparaisal it was documented that I was struggling with menopausal symptoms and issues within my team and b) that I have known the external recipitant in both a semi personal and professional capacity for 8 years!

I am not sure what my next steps should be, I am really embarassed,

Many thanks

DullGreyGuy

What outcome do you want? Those that received it and read it before the recall cannot unread it.

Assuming you want compensation for the embarrassment then you should raise a complaint with the Data Protection Officer of your previous employers and probably worth highlighting in that complaint that the information included highly sensitive information (medical details) and not just personal information. 

biscan25

What the manager should have done, was send a further email requesting that the recipients delete the email, and confirm that they have done so. Then report the incident to the ICO if the incident meets the threshold for this, and be prepared for consequences if there are any consequential damages to the data subject.
It's quite possible the attachments weren't read, or they stopped reading when they saw it wasn't intended for their eyes, so I wouldn't worry unduly.

Marcon

abi52uk said:

Hi

Any advice on how I can handle this please?

I am 3 weeks in to my new job and recieved a call from my former manager who said that she needed to confess something to me. Apparently she had gone to send a document to someone external to their organisation (copying in my previous team members) and accidently (?!) also attached my last appraisal from this job! The mistake was pointed out to her by one of my previous colleagues and she then attempted to recall the email but we are unsure who opened the attachment as this was a couple of days later.

So potentially, 3 former colleagues and an external recipiant have had access to my last appraisal which should have been confidential.

This is made even more embarassing by the fact that a) in this apparaisal it was documented that I was struggling with menopausal symptoms and issues within my team and b) that I have known the external recipitant in both a semi personal and professional capacity for 8 years!

I am not sure what my next steps should be, I am really embarassed,

Many thanks

I can understand your embarrassment, but it doesn't sound as if there is really anything to be embarrassed about. You know the external recipient, who will hopefully just have hit the delete button after the first few sentences - but even if they didn't, what real impact does it have on anything, including your relationship with them? As for menopausal symptoms...20 years ago that would have been a taboo topic, nowadays it's on every radio and TV programme and in every newspaper, plus any amount of media coverage/promotion of the topic. 

Unpleasant, but making a major issue out of it is only going to distress you. Your former manager had the decency to ring and tell you, rather than staying quiet (which might actually have been better!) or hiding behind an e-mail.

Undervalued

biscan25 said:

What the manager should have done, was send a further email requesting that the recipients delete the email, and confirm that they have done so. Then report the incident to the ICO if the incident meets the threshold for this, and be prepared for consequences if there are any consequential damages to the data subject.
It's quite possible the attachments weren't read, or they stopped reading when they saw it wasn't intended for their eyes, so I wouldn't worry unduly.

Oh come on! In the real world....

Sadly, as soon as attention is drawn to something like this people who wouldn't have given it a second thought pay attention!

I do agree though that whilst it is commendable that the manager put their hand up it might have been better if they hadn't.

Ivrytwr3

Why does your appraisal  "document that I was struggling with menopausal symptoms"?!

In my organisation we cannot mention any health issues, these are dealt with separately. 

This is a Data Protection Breach - 1st steps are recalling the email, informing receipients to delete > reporting to ICO/informing the Data Subject.

Your old boss isn't 'confessing' - she is legally obliged to do so.

https://ico.org.uk/global/contact-us/live-chat/

https://ico.org.uk/make-a-complaint

Your employer, as a data controller, has a responsibility to adhere to data protection law. If they fail to do so, it could result in a breach of data protection at work. In some cases, you may be able to seek compensation.However, you must prove that you sustained mental harm or that your finances were affected in some way due to the breach.

Get some specialist advice to see your options.

prowla

Your previous employer broke the law.

The question is where do you want to take it?

I'd expect any legal action and resultant compensation would yield little outcome.

macman

If embarrassment is the only loss you have suffered, then isn't pursuing an action for compensation going to cause you more embarrassment than letting the matter lapse?
There is no way for them to remedy the error, so compo would be the only thing you could achieve.
What resolution are you actually seeking?