Legal advice...

Thecaferacer · 1 May 2019 at 18:16

The person who sent the email to you is the one who has breached data protection and confidentially rules. Unless you work in a department that specifically deals with sensitive information, i.e HR, payroll etc, you have no obligation to not repeat what you have seen. Think of it as walking past a room with an open door and hearing a conversation which you then repeat.

The company may choose to take action against you with internal policies, such as bringing the company into disrepute, but legally you havent done anything wrong and certainly didn't have the "men's rea" to use the information for personal gain or loss to others.

The fact the email was not security marked and was allowed to be sent to the wrong people highlights wider issues in the company with incompetence which could lead to litigation

AHarvey · 1 May 2019 at 18:21

So a previous employee has made a SAR request and you've talked about it?

No, it's not confidential that someone has asked for their data, the data itself would be though.

Also, your company should have a security policy in place that requires them to label all materials, emails included, as various levels of confidentiality. My work has 4 levels and everything is labelled.

In fact, you may want to ask whether they have a Subject Access Request process in place. The way you've described it seems kind of haphazard, good time to put some suggestions forwards for processes and security

erazor51 · 1 May 2019 at 18:28

All I said was an ex employee is giving us a hard time and is requesting access to their personal data.

At no point did I discuss the contents of the email.

erazor51 · 1 May 2019 at 18:32

Roar87 said:
How do you mistakenly talk about it? It's obvious you keep your mouth shut about things of that nature. I'd just look for another job and resign.

When you work closely with someone everyday and they ask you hey how’s work been. I happen to slip by saying oh remember that ex employee, their giving us a hard time and requesting access to their personal data. It was a human error on my end sharing that.

Semple · 1 May 2019 at 18:34

erazor51 said:
All I said was an ex employee is giving us a hard time and is requesting access to their personal data.

At no point did I discuss the contents of the email.

It's not really our place to advise (IANAL etc), but that statement there is hardly a breach of anything confidential. Assuming of course that you're being honest and there's nothing more that's been said.

The company would need to prove that you've revealed confidential information.

erazor51 · 1 May 2019 at 18:51

Thanks guys for all the responses. Guess I will find out more after my hearing.

[FnG]magnolia · 1 May 2019 at 22:20

I'd suggest watching popular documentary "A Few Good Men" before your hearing. If the panel get a little lippy with you, launch into the "Did you order the code red?" speech. This works in the documentary and Tom Cruise is victorious. Good luck.