Protecting Your Database
It’s important to know who is accessing your customer information
In a recent Tribunal case, a NHS worker has won £10,000 because her employers ‘allowed’ another member of staff to view her highly sensitive medical record.
In this case, the other member of staff claims they looked at their colleagues record as they wanted to send flowers (which never arrived) but it really doesn’t matter what the reason was, the access was unauthorised and against the law.
It is the employer who has to pay this amount. And interestingly, this wasn’t through a civil or criminal court, the case was made at an Employment Tribunal.
This highlights just how important it is to have the correct procedures in place to control access to information about staff, clients or customers, and reminds us that all staff should be trained in dealing with anyone’s personal data appropriately and confidentially.
Avoid GDPR Breach Fines
I provide support, consultancy and training to organisations ensuring they are compliant with relevant laws and understand how to achieve this.
- Data Protection and GDPR
- Freedom of Information
- Environmental Information Regulations
- Information Sharing
If you need any guidance on policies and procedures, any support or bespoke training, please get in touch and we can have a chat.