Derbyshire police officer evades dismissal over data protection breach

A constable at Derbyshire Police has recently faced a misconduct hearing over allegations of unlawfully accessing records of a police incident and then sharing a photo of the file with colleagues.

Although the officer’s actions contravened policing standards and data protection law, he has escaped dismissal and will be allowed to continue serving at Derbyshire Police.

Regardless of the verdict of the hearing, a breach such as this should never have occurred at all. Testaments to the officer’s reportedly “excellent” work as an officer do not erase his culpability for what has been regarded as an incredibly reckless action. As an organisation with access to extensive personal data, the police service has a vital duty to be rigorous in data protection and we should all feel safe that our information with them is secure. Our trust in the police should never be abused.

The verdict of the Derbyshire police hearing

At the misconduct hearing, an independent panel reportedly told how the officer accessed incident files involving a 14-year-old suspect. It was said that he had looked at the documents outside of his working hours for a total of 1 hour and 10 minutes, according to the Derbyshire Telegraph.

Then, having already broken police regulations by browsing the documents long after his shift had ended, the officer reportedly shared a photo of the file in a colleague WhatsApp group. The officer said he had intended to “vent frustration” about a particular colleague involved in the incident which the file documented, who he asserted was renowned for “messing up” jobs.

Although the photo did not disclose private information, it was nevertheless labelled as a breach of police conduct rules and confidentiality. The culpability of the officer was not enough for him to be dismissed, however, as praise of his work and excellence as an officer were said to have been taken into account in the ruling.

Why incidents like this matter

Although the officer has accepted full responsibility for his actions, breaking down into tears at his misconduct hearing, it is disappointing to see that such a serious data protection breach at Derbyshire Police occurred in the first place. While the panel may have given a verdict appropriate to the constable’s character, his actions resemble a type of data breach that occurs too easily and too often at many organisations.

It is worrying to think that other police staff may get away with similar errors in the future. In cases where private data is exposed, there can be an extremely adverse impact on the victims. For instance, if a message containing private information were to reach someone outside the police, there is no guarantee that the external recipient would not use that information maliciously. The fact that it had potentially been shared to personal devices that may not be secured is a further cause for concern.

Data breach compensation claims

The data privacy incident that occurred at Derbyshire Police is an example of employee recklessness that can cause data breaches all too often. If you have been the victim of a data breach and wish to claim compensation, contact us to receive free, no-obligation advice on your potential claim.

Data protection procedures should always be rigorously adhered to. If you have suffered distress or loss when this responsibility has been neglected, you may be entitled to compensation. When organisations fail in their data protection responsibilities, we are here to support victims to win the compensation they deserve.

Data leaks from outsourcing

ICO take enforcement action against Experian