There has been a prosecution for a worrying Nuneaton and Bedworth Council data breach that’s an example of how employees can exploit the data they can access.
In this incident, former head of building control at the council, Kevin Bunsell, shared personal information about job applications with his partner. His partner had applied for the same job that the candidates whose data was shared had applied for, and she won the position.
Although we can only speculate as to the motives, we can assume that the reasons for sharing the data were to assist his partner in securing the position which she was eventually awarded.
How the Nuneaton and Bedworth Council data breach happened
This Nuneaton and Bedworth Council data breach incident took place in the summer of 2017. Mr Bunsell’s partner had applied for an administrative role at the council.
Due to the personal relationship involved, Bunsell wasn’t involved in the selection process. However, he reportedly accessed the council’s recruitment system and emailed the information about the rival candidates to his own work address and to his partner’s Hotmail account.
The information he shared was for nine rival candidates who had been shortlisted, and the data included their:
- Telephone numbers;
- Reference contact information.
What’s being done about this Nuneaton and Bedworth Council data breach incident?
Action has been taking following the discovery of this Nuneaton and Bedworth Council data breach incident. Bunsell pleaded guilty to the unlawful sharing of data. In fines and costs, he has been ordered to pay over £1,400.00.
He also resigned from his position, and although his partner won the job, her employment was terminated.
Worryingly, this isn’t an isolated kind of incident. We represent a lot of people who are claiming council data breach compensation because of how often breaches take place. They’re one of the most common types of breaches we help people with.
Ultimately, a lot of employees have access to a wealth of information. Council employees in particular have access to a lot of information. Although Bunsell was trained in terms of his responsibilities for data protection, he was still able to share information he didn’t need access to. Systems can also stop data being shared so easily as well.
Just as they had to following a spate of prosecutions for NHS staff snooping on medical records they have access to, the ICO (Information Commissioner’s office) has warned of the consequences when it comes to breaching the law in this way.
Director of Investigations, Steve Eckersley, said:
“People who supply their personal information to an organisation in good faith, such as when applying for a job, have a legal right to expect it will be treated lawfully and ethically.
Not respecting people’s legal right to privacy can have serious consequences, as this case demonstrates. Not only might you face a prosecution and fine, along with the attendant publicity, but you may also lose your job and severely damage your future career prospects.”
IMPORTANT: advice on this page is intended to be up-to-date for the 'first published date'.
Request a call back from our team
Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
All fields marked with an * are required.
First published by Matthew on March 19, 2019
Posted in the following categories: Council Data Employee Data Breach ICO Latest and tagged with council | council data breaches | data breach | data controllers | employee breaches