Search results for ''...


Sorry, there were no results

Get In Touch

By submitting an enquiry through 'get in touch' your data will only be used to contact you regarding your enquiry. If you would like to receive newsletters from Thomson Snell & Passmore please use the separate form below.

Newsletter Sign Up

General Private Client UpdatesGeneral Commercial UpdatesConstruction UpdatesCourt of Protection UpdatesAgriculture & Rural Affairs UpdatesCommercial Property UpdatesEmployment UpdatesDispute Resolution UpdatesCorporate & Commercial UpdatesCharities & Not for Profit UpdatesFood & Drink UpdatesEducation UpdatesTransport & Logistics UpdatesFamily Business & Owner Managed Businesses Updates

I agree to be ‘opted in’ to receive Thomson Snell & Passmore newsletters, event invitations and other publications that are related to the subject matter of this event or my industry sector. I understand that this means they will send me these communications by email

I agree

If you want to update what types of information you want to receive from us, or if you wish to stop receiving these communications, you can do so ay any time using the following link: or emailing us at .

We respect your privacy, information you submit to us will be treated in accordance with our & .

Get In Touch

By submitting an enquiry through 'get in touch' your data will only be used to contact you regarding your enquiry. If you would like to receive newsletters from Thomson Snell & Passmore please use the separate form below.

Newsletter Sign Up

General Private Client UpdatesGeneral Commercial UpdatesConstruction UpdatesCourt of Protection UpdatesAgriculture & Rural Affairs UpdatesCommercial Property UpdatesEmployment UpdatesDispute Resolution UpdatesCorporate & Commercial UpdatesCharities & Not for Profit UpdatesFood & Drink UpdatesEducation UpdatesTransport & Logistics UpdatesFamily Business & Owner Managed Businesses Updates

I agree to be ‘opted in’ to receive Thomson Snell & Passmore newsletters, event invitations and other publications that are related to the subject matter of this event or my industry sector. I understand that this means they will send me these communications by email

I agree

If you want to update what types of information you want to receive from us, or if you wish to stop receiving these communications, you can do so ay any time using the following link: or emailing us at .

We respect your privacy, information you submit to us will be treated in accordance with our & .

  • Overview

    With the deadline for compliance with the General Data Protection Regulation fast approaching on 25 May 2018, data protection is on many employers’ minds, but perhaps none more so than Morrisons.

    The supermarket has just been on the receiving end of a claim by 5,518 of its employees for unauthorised disclosure of their sensitive personal data by one of its employees. 

    The employee in question, a senior IT auditor by the name of Mr Skelton, aggrieved at the outcome of a disciplinary hearing, uploaded personal details of nearly 100,000 employees to a public file sharing site shortly before the supermarket’s annual reports were announced. He was subsequently convicted and sentenced to eight years in prison.

    A group of the employees brought a class-action data protection claim against Morrisons, alleging that Morrisons had breached the Data Protection Act and that it was liable for Mr Skelton’s disclosure. The judge found that Morrisons’ breach of the Data Protection Act did not lead to the disclosure, but that it was nonetheless liable for Mr Skelton’s actions.

    The judgment puts employers in a difficult positon: in this case, Morrisons had done (almost) everything they should have done to prevent a data breach. In this instance, a senior employee who had access to personal information for legitimate reasons had simply ‘gone rogue’. Nevertheless, Morrisons was liable. 

    No decision has been made yet as to how much compensation each employee should get, but with almost 100,000 potential claims, even a relatively small sum each will mean a big cost to the company overall. The PR damage to company is also significant. 

    The key advice for employers is that while they may not be able to completely avoid data protection breaches, it is absolutely possible to limit their frequency and size. Steps such as data protection policies, effective systems and good cybersecurity go a long way to mitigating the risk. Fostering the right attitude towards the importance of data security within the organisation is also important. 

    Many insurers now offer specialist data protection and cybersecurity insurance which can protect businesses if things do go wrong. In this instance, one might question the wisdom of allowing an employee with a recent finding of misconduct to have unsupervised access to (and the opportunity to copy) the personal data of almost 100,000 employees’. Most businesses do not allow individual employees (even senior ones) to transfer funds above a certain level without a second person being involved. Bulk data is inherently valuable and should have similar oversight.

    To view the full case please visit: Various Claimants vs Wm Morrisons Supermarket PLC

  • Related Services

    Employment

    We act for businesses of all shapes and sizes and in many different sectors. Our advice covers all aspects of the employment relationship, helping to settle disputes, defending employment tribunal claims and providing immigration compliance audits.

    Intellectual Property

    We work across a wide range of sectors and for all sizes of business, in particular, owner managed businesses. Our experience means we can help you to identify all the Intellectual Property that might exist in your business. We regularly advise on the protection, exploitation and enforcement many types of Intellectual Property.

    Employment policies

    We have a wealth of experience in drafting employment policies and procedures.

    General Data Protection Regulation (GDPR)

Get In Touch

By submitting an enquiry through 'get in touch' your data will only be used to contact you regarding your enquiry. If you would like to receive newsletters from Thomson Snell & Passmore please use the separate form below.

Newsletter Sign Up

General Private Client UpdatesGeneral Commercial UpdatesConstruction UpdatesCourt of Protection UpdatesAgriculture & Rural Affairs UpdatesCommercial Property UpdatesEmployment UpdatesDispute Resolution UpdatesCorporate & Commercial UpdatesCharities & Not for Profit UpdatesFood & Drink UpdatesEducation UpdatesTransport & Logistics UpdatesFamily Business & Owner Managed Businesses Updates

I agree to be ‘opted in’ to receive Thomson Snell & Passmore newsletters, event invitations and other publications that are related to the subject matter of this event or my industry sector. I understand that this means they will send me these communications by email

I agree

If you want to update what types of information you want to receive from us, or if you wish to stop receiving these communications, you can do so ay any time using the following link: or emailing us at .

We respect your privacy, information you submit to us will be treated in accordance with our & .

^
Jargon Buster