A data breach at Manchester United Football Club that reportedly exposed the confidential details of its permanent employees has led to a potential lawsuit of up to £100,000.
In an incident that took place in March 2018, over 160 of the Club’s casual employees working across its stadium, catering, and hospitality departments received a file via email containing the personal data of its permanent employees.
This includes sensitive data such as names, addresses, national insurance numbers, wage slips, pension benefits and tax contributions.
The incident was reported to the Information Commissioner’s Office (ICO) back in 2018, but the employees affected by the data leak have since launched a claim with the High Court. Their argument emphasises the potential mishandling of their personal information as well as the negligence they perceive of the club’s approach to safeguarding their data.
According to media coverage, a representative of the football club had emphasised that they take the data privacy of their employees very seriously and that measures have been taken to prevent any breaches like this in the future.
Senior Data Protection and Privacy Solicitor, Becky White, stresses the importance of having robust data protection policies in place:
This incident highlights several important data protection issues. As the HR function within an organisation manages considerable amounts of personal data relating to prospective, current and former staff, it is crucial that employers understand their responsibilities and liabilities under data protection laws and that they manage human resource data responsibly.
The incident also serves as a reminder of the need for organisations to implement proper policies and procedures with regards to email practices, particularly when sending bulk emails, and encouraging their staff to follow good email practices to reduce the likelihood of this kind of avoidable data breach reoccurring.
Businesses and HR teams should ensure they have robust data protection policies in place and that regular security and data protection awareness training is offered to help staff better understand the role they play in protecting any personal information the business collects and processes.
As an employer, taking steps to prevent a data breach is crucial. Our data protection and privacy solicitors can steer you in the right direction and help you to put policies in place to ensure that your employees’ data is safeguarded.
Related articles
How can we help?
To access legal support from just £145 per hour arrange your no-obligation consultation today. We aim to respond to all messages received within 24 hours.
Call 0800 689 1700 or email
enquiries@harperjames.co.uk.
