Data Breaches

How scared should you be?

The supermarket Morrison’s lost its appeal in a High Court Ruling and has been held as vicariously liable after one of its members of staff leaked the personal information of over 100,000 of its employees.

“Vicarious liability refers to a situation where someone is held responsible for the actions or omissions of another person. In a workplace context, an employer can be liable for the acts or omissions of its employees, provided it can be shown that they took place in the course of their employment.”

ACAS

Essentially, although the organisation had not directly leaked the sensitive employee data, it was held liable as the employee who had done so carried this out in the course of employment.

So what does this mean for employers?

It goes without saying that the protection of Personally Identifiable Information in any organisation is crucial, especially since the astronomical fines for breach of GDPR in May 2018.

DLP recommends that if you feel there has been a data breach within your organisation, no matter how small, your Data Protection Officer should immediately report the potential breach to the ICO.

We are always on hand for additional advice on the process. However, the Morrison’s case really does demonstrate that, when it comes to a Data Breach, prevention really is better than cure!