Did you know that employees can be held personally liable for their failure to safeguard and correctly handle personal data? Companies are not the only ones being fined for data breaches, individuals as workers can and will be prosecuted.
Mike Shaw, who heads up the criminal investigations team at the ICO, said: “People expect that their personal information will be treated with respect and privacy. Unfortunately, there are those who abuse their position of trust and the ICO will take action against them for breaking data protection laws.”
Birmingham Magistrates’ Court has fined two workers in separate cases for breaching data protection laws.
Faye Caughey unlawfully accessed the personal records of 14 individuals between February 2017 and August 2017. She pleaded guilty to breaching s55 and s60 of the Data Protection Act 1998 (DPA1998). She was fined £1,000, with a £50 victim surcharge, and was ordered to pay £590 towards prosecution costs.
Similarly, Jayana Morgan Davis forwarded several work emails containing personal data of customers and other employees to her personal email account in August 2017, weeks before resigning from her role at V12 Sports and Classics Ltd. She admitted to three offences of unlawfully obtaining personal data in breach of s55 and s60 of the DPA1998 and was fined £200, with a £30 victim surcharge, and was ordered to pay £590 towards prosecution costs.
Employees whose jobs give them access to personal data must realise that just because they can access it, that doesn’t mean they should.
