Can I be fired for breaching data protection?
Options
Comments
-
AstroTurtle wrote: »If i hired someone, i wouldn't expect to have to give them training in not sending emails to the wrong people. That is basic.
It may be "basic" and common sense but like Health and Safety it is a good idea to provide some simple Information Security training even if it's just a short 30 minute online course to reduce your liability as an employer. That way if any of your staff do something wrong you have a signed record that they were trained not to do it.0 -
The error is likely to be regarded as misconduct regardless of when it was reported to the employees manager. When you type an email address into an email system, either the system recognizes it and auto-completes the address as you type it, or it doesn't. In the first case, employees must check that the system has not auto-completed the address with an incorrect address. if the system doesn't auto-complete the address because it has never seen it before, the employee must check that they have typed it correctly. I don't see how it is possible for an employee to send an email to the wrong person without being negligent.The comments I post are my personal opinion. While I try to check everything is correct before posting, I can and do make mistakes, so always try to check official information sources before relying on my posts.0
-
It's unreasonable for an employer to expect a member of staff to be fully conversant with the legal intricacies of the GDPR without training, you'd need to be a lawyer specialising in data protection for that. You don't know the full details to be able to comment about it being basic or not, the employee may be sending hundreds of emails daily with inadequate systems etc.Make £2018 in 2018 Challenge - Total to date £2,1080
-
Whilst I understand everyone's points about my friend essentially being an idiot. In his job he processes huge volumes of information per day, and emails are inputted by copying and pasting from a database. Each response is based on unique information and unique circumstance and I think errors do get made.
Surely, this can't ruin someone's career0 -
Whilst I understand everyone's points about my friend essentially being an idiot. In his job he processes huge volumes of information per day, and emails adrelsses are inputted by copying and pasting from a database. Each response is based on unique information and unique circumstance and I think errors do get made.
Surely, this can't ruin someone's career0 -
Mistakes like this do ruin people's careers.
The practice you describe sounds poorly planned from the company's point of view, but it is still the employee's mistake.Changing the world, one sarcastic comment at a time.0 -
Sending documents to the wrong person due to a one off mistake is far different from knowingly and deliberately passing over confidential information. A lot of it will depend on if the receiver of the info makes a complaint or the person whose info it was does so. In many cases neither will happen. Everyone makes mistakes.
Best course of action is to come clean. Explain, apologise and reassure what steps will be taken to prevent the same happening again.0 -
scaredofdebt wrote: »It's unreasonable for an employer to expect a member of staff to be fully conversant with the legal intricacies of the GDPR without training, you'd need to be a lawyer specialising in data protection for that. You don't know the full details to be able to comment about it being basic or not, the employee may be sending hundreds of emails daily with inadequate systems etc.
You've missed my point.
This would have been a breach under DPA going as far back as 1998.
You don't have to be fully aware of all the rules of GDPR for this to constitute a data breach and potentially gross misconduct.
Depending on the severity of what was lost and who it was lost to the employer will have 72 hours to notify any affected parties and inform the ICO of the breach even if accidental.
If you accidentally lost £1,000 out of a shop till do you reckon you'd have the same leniency? If you accidentally left the handbrake down on a company car? If you accidentally forgot a important legal script on a phone?
Data is valuable and sending a email to a wrong recipient is a data breach. How severe depends on the contents.
If the employee is used to processing high volumes of information such as data input I'm guessing they would of had some form of induction training.
There are more variables at play here than just sending an email to the wrong person.
The contents matter (What data was lost, was it personal data, could it identify someone)
How was it discovered/reported (Was it immediate, did the employee realise, was it after a complaint)
etcSave £12k in 2019 -0 -
Not to be rude, but your examples of a shop till, and car on a hill aren't comparable.
To loose a 1000 in a normal retail context would require multiple instances of neglect on the same day. Failing to put a car break on a hill is driving without due care and attention and would require a huge disregard for public and personal safety. Thai error, although serious, on most other days would have been of absolutely no consequence to anyone.
Whereaa the other two examples fall outside of simple human error.0 -
I would certainly question the design of a business process which allowed such a (potentially) serious mistake to be done by accident.0
This discussion has been closed.
Categories
- All Categories
- 343.4K Banking & Borrowing
- 250.1K Reduce Debt & Boost Income
- 449.8K Spending & Discounts
- 235.5K Work, Benefits & Business
- 608.4K Mortgages, Homes & Bills
- 173.2K Life & Family
- 248.1K Travel & Transport
- 1.5M Hobbies & Leisure
- 15.9K Discuss & Feedback
- 15.1K Coronavirus Support Boards