Many thanks to our presenters this month:
Steve Conlay – Partner BPE Solicitors
Rachel Harber – Organised Consulting
rachel@organisedconsulting.co.uk
We covered a variety of subjects including:
- Changes to Fitnotes
- Beliefs and Discrimination
- Stealing Confidential Information
- Simplification of Apprenticeship programme from August 2022
- Using levy for higher levels skills training
- Long COVID is a disability
Further information
Long Covid can be a disability
Beliefs and Discrimination, balancing the rights: Christian doctor was not discriminated against for refusing to address transgender people by their chosen pronoun
Theft of confidential information
Q. What options are available to an employer if an employee/self-employed worker steals confidential information?
A. There is an increasing trend these days for individuals to make off with client lists or confidential information belonging to their employer once their employment is due to terminate.
There are a number of actions employers can take in such circumstances, some of which may be reportable. We have reviewed these points below;
• Owing to the tight timescales for reporting, the fist thing employers should consider is that the data may constitute a personal data breach. The company, as data controller, is responsible under data protection legislation for such a breach and an assessment should be made as to whether it should be reportable to ICO. If it is deemed reportable, employers should make a report as soon as possible, no later than 72 hours after the breach.
• A company may then wish to look at the effect the theft of data may have on their business. If the client information was contained in a database, depending on the facts, it may be that the individual has infringed the company’s database right under the Copyright and Rights in Database Regulations 1997. The company should take legal advice at an early stage to avoid further damage. Companies in such a scenario have a number of tools available through the courts, including an injunction, damages for loss of profits. Legal advice should be sought
• Employees have a duty of confidentiality which extends beyond the termination of their employment. Whilst this is not an implied term for self employed individuals, it is likely that contractual provisions will extend to such information. If the individual is subject to such obligations and takes client or confidential information, the company may have an action for breach of contract. Legal advice should be sought immediately.
• There are also potential criminal elements to the action of taking information. Depending on the circumstances, there may have been any offence committed under the Computer Misuse Act 1990. Again, specific advice should be sought on the same.
• Finally, if the information taken included personal data, there may also be criminal liability for the individual under section 170 of the Data Protection Act 2018. This provides, among other things, that it is an offence for a person knowingly or recklessly to obtain or disclose personal data without the consent of the controller.
As you can see, companies have a number of options when confidential data is taken from them. Whilst every scenario is different, the legislation in place should reassure businesses that there are remedies available when confidential information is taken.