Breach of confidentiality(37 Posts)
Can't believe I've received an email from a teacher accidentally attaching a risk assessment form for a recent overseas trip naming pupils and detailing their behavioural issues etc. My own son was named with another three as having possible emotional difficulties (he has Aspergers but no issues of behaviour only disbelief at others' behaviour!). Have obviously reported it to the highest level, but cannot believe this has happened.
Just need to offload really. Waiting for them to get back to me. Unbelievable.
Shocked at some of these comments. The OP has not made it personal at all. I can't believe the casual attitude both to the law and safeguarding shown here. If a body has a legal and professional duty to do something and it fails to do that it is not up to the people affected to suggest solutions. The school needs proper professional advice on data protection. It is not some one man band being run out of a shed. Good luck in sorting it out OP.
I used to work in the pharmaceutical industry, with incredibly business sensitive information. The best we could manage in terms of a data protection policy was to have a footer in every email that said information contained within was confidential and the property of the company and if it was received in error please delete.
Not sure what else can be done, because these things will inevitably happen.
But surely you opened the attachment, realised that it wasn't something for you and stopped reading?
I've received things in error, and you stop reading as soon as you realise it's not for your eyes, and alert the person who sent it to you.
Reading it all them then complaining that now you know XYZ is surely hypocritical.
The fact is, this WAS a breach of data protection, accidental or not. The information commissioner's office fines people for data breaches, including
£95,000 to Leeds City Council in Nov 2012 for sending information about a child in care to the wrong person.
£60,000 to Plymouth Council in Nov 2012 for the same reasons as above
£90,000 to Devon Council in Dec 2012 because a social worker sent the wrong report to the adoption panel
£70,000 to the London Borough of Lewisham in Dec 2012 because a social worker left her bag with confidential documents on a train.
Regardless whether it was a mistake or not, the school would be in huge trouble for not having better security measures in place. In this day and age, secure or password protected emailing is so simple, I hardly know of any bodies who deal with sensitive information relating to children who are still permitted to email.
I would definitely highlight this error to the Head or Chair of Governors, they need to be sure this won't happen again, to protect themselves as much as anything.
OP, this part of one of your posts did seem to be attacking teachers; "No I don't want anyone to lose their job or cause them to be off with stress (although that wouldn't be unusual), "
I hate to break I to you incredibleelephant, but schools do not use password protected email and there is no 'validation' in place to physically stop this from happening. My original question to the OP of, 'what measures would you want to see in place?' is a serious one and I think highlights just how technology has not caught up with personal data, (anyone worried about Google glasses?) I don't think posters are saying that this is ok to happen, just that, in the grand scheme of things, worst things can happen (and the OP is partly complicit in opening the attachment and reading it in the first place) based on the context of the situation given.
OP-you defended this by saying 'everyone would do it', but couldn't the same argument be used to say, 'everyone makes mistakes'? Or is it one rule for some.....?
Sorry, meant to say 'irrelevantelephant'!
I agree with TeenandTween and DeWE - I can't believe your indignation at this mistake / human error, whilst clearly demonstrating that you read the whole document. Surely as soon as you realised it wasn't to do with your dc, you should have closed it straight away ?
Strikes me the teacher has made a mistake (about which I'm sure they will be mortified) but you have consciously chosen to read the confidential information that you could have left as confidential.
I know you say they are lovely, but I hope this teacher has learned their lesson and never, ever gets involved with offering your children extra-curricular opportunities such as a foreign trip again(!).
You need to raise it with school,in the interests of other pupils. It is a serious matter. Fact that it was a mistake doesn't alter that. Yanbu.
My children's school uses password-protected emails for confidential information, but that would not have helped here. The emails arrived at their correct destination, but they had the wrong information attached. It is perfectly possible to set up a system for checking attachments by a second party.
If a company chooses not to protect its business information other than by a footer (no confidentiality clauses in contracts, no secure servers, no staff training?????), that is up to it, if it stays within the law.
I don't think those criticising the OP for reading on have read the first post: her own son was named in the attachment. She absolutely should have read on, to find what what personal information about him has been wrongly disseminated.
"I in fact tried in the first instance to contact the teacher concerned, had no luck, and because I was concerned at a possible error in the system rather than human error (as this email had other anomalies) I let a deputy know in case this was duplicated and sent out to others (as my son's name is included I really don't want this circulated)."
So, the OP has reported the offending teacher to the deputy (head). OP was unable to contact the teacher concerned.
I'd guess the lovely teacher will be involved in disciplinary proceedings by now.
Chances are that she won't get involved in any kind of extra-curricular activity in future.
I could have told you the names of the five or six children in dd's year who were likely to be a cause for concern with respect to behaviour on an overseas trip at secondary school. I didn't need to be sent confidential information about it; the children's behaviour meant everyone knew who they were anyway.
Recently my GP sent me a letter and attached to it were referral letters for four other patients - I took them back to the GP and handed them back to the receptionist. Can't even remember the names and I certainly didn't read the letters in detail. It was an error.
Join the discussion
Please login first.