Last week the Munster rugby team received an email in their inbox, which should not have landed there. The squad received a complete player-review document of the whole team, which was a completely confidential review and analysis of each individual player. This included details on the players’ strengths, weaknesses, and recent performances and issues.
What an awkward mistake! What was meant to be confidential information acknowledged behind closed doors is now in the public domain. Chief executive Garret Fitzgerald had the following quote:
“For us as an organisation confidentiality is a very serious thing in this business. We fully comply with all employment law, so we take confidentiality seriously and I suppose the focus is on us moving forward positively. We have taken all the correct legal and professional steps to handle it correctly.”
Data protection is an important issue for HR professionals and managers looking after confidential files and information about company employees. To get up to date on all Data Protection related laws visit www.dataprotection.ie. In the meantime here are a few top reminders of your responsibilities for both potential and existing employees:
1. Information must be obtained and processed fairly,
2. The data must be kept for a specified, lawful purpose,
3. The data should be used and disclosed only for the specified purpose,
4. The data must be kept safe and secure,
5. The data must be up to date, accurate and complete,
6. The data must be relevant, adequate but not excessive,
7. The date must be retained for no longer than is necessary,
8. A copy of the data must be made available to the data subject, on request.
Rights of the Data subjects include:
This incident was reported to the Data Commissioner, who doesn’t intend to take any further action. So lets use this embarrassing and unfortunate incident to brush up on our data protection laws, and to think twice about the recipients the next time we send a confidential email!