Search
  • Welcome to the LegalBeagles Consumer and Legal Forum.
    Please Register to get the most out of the forum. Registration is free and only needs a username and email address.
    REGISTER
    Please do not post your full name, reference numbers or any identifiable details on the forum.
  • If you need direct help with your employment issue you can contact us at admin@legalbeaglesgroup.com for further assistance. This will give you access to “off-forum” support on a one-to- one basis from an experienced employment law expert for which we would welcome that you make a donation to help towards their time spent assisting on your matter. You can do this by clicking on the donate button in the box below.

GDPR breech accusation

Collapse
Loading...
X
Collapse
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous Next
  • #1

    GDPR breech accusation

    Morning all. Last week I handed my notice in at my current employer. I’m an engineer and work from home and have remote access, via laptop to the company server.

    My manager has just called me up and I’m being accused of accessing and downloading personal data & some financial documents off the system, and am being told that it’s a GDPR breech and that I might need to get a solicitor!!

    I’ve looked at a lot of stuff on our company server, mainly documents relating to my job etc as I dont have access to a great deal but some of the stuff I did stumble across was indeed personal, there was a copy of an employees P45 from his previous job, which I did view, I wouldn’t say it was unintentional, but out of curiosity more than anything else.

    My boss is saying that I shouldn’t be able to see stuff like that and has implied that I’ve somehow hacked them to deliberately look at this type of stuff andI’ve breeched GDPR. He used the phrase ‘it depends how clever you are’ when I told him I shouldn’t have access to any personal files.

    The stuff I did see was stored in general files on the system and I didn’t intentionally go looking for it, I just stumbled across it.

    I’m terrified that they’re going to try and take me to court, out of spite more than anything really, as a few years ago some guys in finance left the company after having downloaded a load of customer info and using it against the company.

    Surely if the documents were accessible without me needing any special permissions and only found during general browsing, I’ve not breeched any laws?


    Can anyone shed any light on this for me?
    Tags: None
  • #2
    ULA Can you please take a look and advise, many thanks.
    • 1 thank

    Comment

    • #3
      The company does have a responsibility to ensure that sensitive information, particularly of a company or personnel nature is kept secure on the network and not accesssible to staff members who remotely login to the system, who should have have acccess to such information.

      That said what does your IT policy state in regard to remote access to the servers, the requirement for confidentiality of company information and to report where you see breaches of policy or legislation? The fact that you "stumbled across" such information may have required you to report this immediately which I presume you did not at the time.

      To take you to court they would need to prove losses as a result of your accessing such information be it financial or possibly reputational. What they may ask you to do is sign a document that sets out and declares that any information you are believed to have downloaded is now deleted from all your personal devices and storage methods, eg. USB, Cloud etc and that any such information will not be disclosed to any third parties now or in the future.
      If you would like a one-to-one expert consultation with me on your employment issue than I can be contacted by emailing admin@legalbeaglesgroup.com

      I do not provide advice by PM although I may on occasion ask you to send me documents this way but any related advice will be provided back on your thread.

      I do my best to provide good practical advice, however I do so without liability.
      If you have any doubts then do please seek professional legal advice.

      You can’t always stop the waves but you can learn to surf.

      You are braver than you believe, smarter than you think and stronger than you seem.


      If we have helped you we'd appreciate it if you can leave a review on our Trust Pilot page
      • 1 thank

      Comment

      • #4
        That’s really interesting stuff, thanks very much. The company I work at don’t seem to believe in proper policies like that. I’ll have a look, but I’m fairly certain we don’t have anything like that in place.I’ve seen almost all of the policies, but alive never seen one that relates to IT systems and their uses.

        Comment

        • #5
          So, this has taken another step forwards today, I didn’t think it would. I’ve been called for a meeting in the office tomorrow morning as apparently I have ‘questions to answer’! I’ve not been told what I’m actually accused of, I asked my manager if it was a disciplinary meeting, he stuttered and then said no. I think if I hadn’t of asked him, he would have classed it as one. Apparently it’s an informal meeting in which I’ll be interrogated, isomebody will be sat with us taking notes, but it’s apparently an unofficial meeting. Is that normal? I know because it’s not a disciplinary I’m not really entitled to have my union rep with me etc. but how much questioning can they go into in this ‘informal’ meeting?

          Comment

          • #6
            Originally posted by Chris1986 View Post
            So, this has taken another step forwards today, I didn’t think it would. I’ve been called for a meeting in the office tomorrow morning as apparently I have ‘questions to answer’! I’ve not been told what I’m actually accused of, I asked my manager if it was a disciplinary meeting, he stuttered and then said no. I think if I hadn’t of asked him, he would have classed it as one. Apparently it’s an informal meeting in which I’ll be interrogated, isomebody will be sat with us taking notes, but it’s apparently an unofficial meeting. Is that normal? I know because it’s not a disciplinary I’m not really entitled to have my union rep with me etc. but how much questioning can they go into in this ‘informal’ meeting?
            Make sure you read through the notes, agree that they are 'accurate', only sign them if they are 'accurate'. Ask for a copy.

            Comment

            • #7
              Update on this, just had my first meeting. So their concern seems to be that over the last 6 months or so, I’ve looked at over 300 documents on the network drive, and the key work they’re using is ‘copied’.

              But when you view a document that’s not on your device it does effectively copy it to your device so it can be viewed, but they’re trying to go down the route that I have made deliberate copies of documents that are nothing to do with me, and they’re saying there a clause in my contract that says information accessible to employees is done so on a ‘need to know’ basis, and that because I’ve ‘copied’ documents that I don’t need to know.. they’re going to examine my laptop to see if I’ve plugged any USB devices into it and exported them,which I never have done.

              Comment

              • #8
                I would go on the offensive and tell them that if any documents are not to be available to all users then they should allocate the appropriate permissions for the folder containing the files. When you set up a file share, ie make files or folders available to other user and computers, you are able to specify which users, or group of users, is allowed access to the files. To allow the default access of "Everybody" is a security failure by them and should be corrected so that [people logging in cannot browse all files on the system.

                Try it on your own computer. Go to a folder and right click on it. On the list left click on properties. In properties click on the share tab. Click on the share button and it allows you to define who you share the folder with. You will then have more knowledge to argue with them

                It is their GDPR breach by giving others access to personal information.

                Comment

                Previous Next

                View our Terms and Conditions

                LegalBeagles Group uses cookies to enhance your browsing experience and to create a secure and effective website. By using this website, you are consenting to such use.To find out more and learn how to manage cookies please read our Cookie and Privacy Policy.

                If you would like to opt in, or out, of receiving news and marketing from LegalBeagles Group Ltd you can amend your settings at any time here.


                If you would like to cancel your registration please Contact Us. We will delete your user details on request, however, any previously posted user content will remain on the site with your username removed and 'Guest' inserted.

                Announcement

                Collapse

                Welcome to LegalBeagles


                Donate with PayPal button

                LegalBeagles is a free forum, founded in May 2007, providing legal guidance and support to consumers and SME's across a range of legal areas.

                Create a Thread
                See more
                See less

                Court Claim ?

                Guides and Letters
                Loading...



                Search and Compare fixed fee legal services and find a solicitor near you.

                Find a Law Firm


                Working...
                X