Reading:
Leicester city council worker fined for stealing sensitive personal data to use for his own business
Share:
Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.
Nilesh Morar worked for Leicester City Council in the Adult Social Care Department where he reportedly stole a wealth of personal sensitive data for personal financial gain.
He reportedly took the information belonging to vulnerable people without the Council’s knowledge or permission.
After he stole the personal data, Morar left his job with the Council to set up his own business, so the motives for stealing the data seem quite apparent.
Leicester City Council discovered that, before leaving, Morar stole information belonging to 394 service users and emailed them to a private email address over 34 emails so he could reportedly contact them for the purposes of his new business.
The emails included details about:
The 43-year-old was charged for breaching his duties under section 55 of the Data Protection Act. He pleaded guilty at Nuneaton Magistrates Court and was given a fine of £160 with an additional £364.08 to pay in court costs and a £20 victim surcharge.
Head of enforcement at the Information Commissioner’s Office (ICO), Steve Eckersley, said:
“…employees need to understand the consequences of taking people’s personal information with them when they leave a job role. It’s illegal and when you’re caught, you will be prosecuted… People’s personal data is protected by law and employees should not be helping themselves to information if they decide to set up a new business or move to a new position.”
More needs to be done in raising awareness of data protection laws. In a world where digital information can be shared at the click of a button, all organisations and individuals need to take care not to breach the privacy rights of others. Sometimes it may not be easy to see the adverse impact of abusing data protection rules, but the harm is very real and the consequences that follow can be severe.
Organisations need to implement strong security systems and protocols to train and warn staff about the consequences of data breaches. A spokesperson at Leicester City Council explained that in this case, Morar did receive training in data protection and “the council had the correct policies and procedures in place, so this was a flagrant abuse of his position.”
As he had already resigned, the Council were unable to take disciplinary action against him but did report him to the ICO.
The ICO is rightfully frustrated at workers who disregard their duties and disrespect data protection rules for personal reasons. In illegally accessing and misusing personal data belonging to another, they’re taking away someone’s right to privacy.
In this case, adult social care users do not expect their private information – provided to the council in confidence and trust – to be stolen by a rogue employee and then used as part of a personal business venture.
EasyJet admits data of nine million hacked
British Airways data breach: How to claim up to £6,000 compensation
Are you owed £5,000 for the Virgin Media data breach?
Virgin Media faces £4.5 BILLION in compensation payouts
BA customers given final deadline to claim compensation for data breach
Shoppers slam Morrisons after loyalty points stolen
Half a million customers can sue BA over huge data breach
Lawyers accuse BA of 'swerving responsibility' for data breach
The biggest data breaches of 2020
Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
