Can I be fired for breaching data protection?
Options
Comments
-
The job generally isn't "copy- paste". The purpose of involving a human being is to include "proof read / check / recheck ". I'd lay bets the employer would agree - otherwise a computer programme could do the job. So yes, it certainly can be gross misconduct if he didn't check.confusedabouteverything wrote: »Whilst I understand everyone's points about my friend essentially being an idiot. In his job he processes huge volumes of information per day, and emails are inputted by copying and pasting from a database. Each response is based on unique information and unique circumstance and I think errors do get made.
Surely, this can't ruin someone's career0 -
This is interesting.
My company is not taking this issue very seriously at all .
Last week we had a case where customer contracts and credit score information was sent to the wrong customer. A senior director was then copied in to authorise the case and nothing was mentioned.0 -
A company can decide not to take action, just as they can decide to take action. But no manager, no matter how senior, can "authorise" a data protection breach! How seriously a breach of consisted will depend partly on the approach of the company, what the actual breach is, and whether the affected individual(s) complain. But in the end, the company don't decide that it's "ok" - the ICO does.This is interesting.
My company is not taking this issue very seriously at all .
Last week we had a case where customer contracts and credit score information was sent to the wrong customer. A senior director was then copied in to authorise the case and nothing was mentioned.0 -
But if its not reported how do the ICO know
Sorry the authorise was not for the breach it was to authorise the company failing a credit check.0 -
Gross misconduct is not about neglect or intention of harm, it's about making a serious mistake that could have a serious impact on the company.
Your friend made a serious data sharing error. It's a pity that he only realise the severity of it afterwards. You clearly still need to get to crisp with it. You might not agree with the legislation, but your views are not relevant to the matter.0 -
By law, companies are required to keep a register of data breaches. Certain breaches must, by law, be notified to the ICO by the company within 72 hours, and also to the individual concerned. If they don't then when the ICO catch them, and they will, then it will not end happily for them. The ICO can and do do spot checks on data holders, and they can fine companies heavily for not having sufficient safeguards even if there had never been a breach! Any company that thinks a run in with the ICO isn't to be avoided is crazy - it was bad enough previously, and the new powers make it even less desirable a contact.But if its not reported how do the ICO know
Sorry the authorise was not for the breach it was to authorise the company failing a credit check.0 -
I have told my manager they need to take the issue seriously and not be so
Blasse about it.0 -
AstroTurtle wrote: »You've missed my point.
This would have been a breach under DPA going as far back as 1998.
You don't have to be fully aware of all the rules of GDPR for this to constitute a data breach and potentially gross misconduct.
Depending on the severity of what was lost and who it was lost to the employer will have 72 hours to notify any affected parties and inform the ICO of the breach even if accidental.
If you accidentally lost £1,000 out of a shop till do you reckon you'd have the same leniency? If you accidentally left the handbrake down on a company car? If you accidentally forgot a important legal script on a phone?
Data is valuable and sending a email to a wrong recipient is a data breach. How severe depends on the contents.
If the employee is used to processing high volumes of information such as data input I'm guessing they would of had some form of induction training.
There are more variables at play here than just sending an email to the wrong person.
The contents matter (What data was lost, was it personal data, could it identify someone)
How was it discovered/reported (Was it immediate, did the employee realise, was it after a complaint)
etc
I completely follow. As there are large amounts of date going on here it's likely the employer expects mistakes to be made and they should have systems in place to mitigate.
I used to work for a bank entering standing orders and was targeted to a 1% error rate, this included setting up a standing order on the wrong customer's account, which I did a couple of times. Didn't ruin my career as the employer realised people are not robots and will make mistakes.Make £2018 in 2018 Challenge - Total to date £2,1080 -
scaredofdebt wrote: »I completely follow. As there are large amounts of date going on here it's likely the employer expects mistakes to be made and they should have systems in place to mitigate.
I used to work for a bank entering standing orders and was targeted to a 1% error rate, this included setting up a standing order on the wrong customer's account, which I did a couple of times. Didn't ruin my career as the employer realised people are not robots and will make mistakes.
And back then the bank would probably risk not spending £1m on training people if they will only face a £500,000 fine maximum.
The thought of losing 4% of their global turnover will now be the rocket up the a*** to make them take it more serious.
The goal posts have changed and no-one wants to risk being the employee being caught in the middle.Save £12k in 2019 -0 -
I'm not sure how many millions it would cost to train someone to never make a mistake.
The fact that breaches are supposed to be reported means they understand these types of things go on, I suspect the vast majority of breaches are not reported.
OP, do you have targets and does that include an error rate? How serious was the breach, ie what was the data?Make £2018 in 2018 Challenge - Total to date £2,1080
This discussion has been closed.
Categories
- All Categories
- 343.3K Banking & Borrowing
- 250.1K Reduce Debt & Boost Income
- 449.7K Spending & Discounts
- 235.3K Work, Benefits & Business
- 608.1K Mortgages, Homes & Bills
- 173.1K Life & Family
- 248K Travel & Transport
- 1.5M Hobbies & Leisure
- 15.9K Discuss & Feedback
- 15.1K Coronavirus Support Boards