A member of staff at the West Mercia Police has reportedly resigned after breaching the force’s data protection regulations.
Although the staff member in question had elected to leave her position before her misconduct hearing was held, it appears that she would have had no choice but to go in any event, as the investigation concluded that the offence necessitated dismissal.
The incident is understood to have involved the employee sharing information inappropriately with a member of the public. This was done so without authorisation and without a necessary policing reason for releasing such data.
The reaction of the West Mercia Police
Many people’s awareness of data protection breaches in the news is often restricted to large-scale incidents. These often include the accidental exposure of names and email addresses via a mass email, as we saw with the 56 Dean Street Clinic leak. Or, they commonly involve hacks where the information of thousands of customers is exposed, like we have seen with the British Airways data breach.
However, this incident at the West Mercia Police demonstrates that data protection is not only important when it comes to leak avoidance and sufficient cybersecurity. Data protection also relies on the individual responsibility of each staff member to comply with regulations in the course of their employment.
The reaction of the management team at West Mercia Police seems to be indicative of the integrity with which they approach data protection. Superintendent Rebecca Love was not inclined to dismiss the breach as a minor incident, declaring that the employee’s actions, “amounted to gross misconduct”. She also commented on the impact on the reputation of the police in that the incident could serve to, “discredit the service and impact on the trust and confidence of our communities”.
The ruling of the disciplinary investigation marks an important recognition of the rigour needed in the application of data protection rules. It also represents a positive example of an organisation refusing to let such violations go unnoticed.
Data protection in the police force
According to police regulations, the incident necessitated that the employee was placed on the College of Policing Barred List, meaning that she will never be allowed to work for the police force again.
The College of Policing regards data protection as “a core requirement for effective policing”, and it must be adhered to by every member of the police force. One of the key principles that the West Mercia Police employee failed to follow was the ‘purpose limitation’ principle, as she failed to process and share data “for a defined law enforcement process”.
Claiming compensation for data breaches
At the Your Lawyers – the Data Leak Lawyers – we have been pioneering data breach compensation claims for many years, initiating our first privacy actions way back in 2014.
While singular cases such as the West Mercia Police breach may seem insignificant in comparison, we believe that every single person has the right to claim compensation if they have been adversely affected by a data breach. Each individual struggle has its own importance, so if you have been the victim of a data leak, small-scale or large-scale, do not hesitate to contact us for free, no-obligation advice regarding your claim.
IMPORTANT: advice on this page is intended to be up-to-date for the 'first published date'.
Request a call back from our team
Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
All fields marked with an * are required.
First published by Matthew on February 05, 2021
Posted in the following categories: Claims Cybersecurity Data GDPR Government Latest Police Security Technology and tagged with compensation | cybersecurity | data breach | data controllers | gdpr | personal data | police breach | police data breach