I have done something really bad at work. Meeting tomorrow to discuss it. So so ashamed and worried.

[daytimemom]

I am so ashamed. I have done something unforgivable at work. My stomach is churning. Just checked my work emails from home and saw one from my manager saying under no circumstances must I access a work database (will call it RED) and we will be having a meeting about it tomorrow.

RED is a new database I have just been given access to. It is an appointment booking database for work colleagues. Last week I was playing around on RED trying to work out how to use it as I needed to make an appointment for a colleague. I noticed I was down as a manager for a couple of colleagues on RED (I don’t manage anyone) so clicked on these colleagues names to see who they were. It brought up confidential info on them like address and date of birth. Accessing these colleagues details was my first mistake.

My second was clicking on my own name, I wanted to see what it said ie why I was down as a manager & in all honesty I was curious.

So by accessing my own record I have breached all our organisations information governance policies. I know it was wrong and I don’t know why I didn’t think about this at the time. So so stupid.

I now feel sick to my stomach. I am on probation so they could just sack me. How will I get another job with this on my record I know I have done something unforgivable but I don’t know how I will be able to cope with this

FOR GOODNESS SAKE DONT APOLOGISE - this is their fuck up not yours. You didn't know that personal data would pop up when you clicked. Whoever set up the privileges is the one who has majorly fucked up not you. Remember that!

OP, stop bashing yourself. All you did was click a link. You had no reason to expect it would show you info it shouldn't have. You didn't expect to see it and you didn't make any copies of it.

If you think your employer is going to throw you under the bus for this, get proper advice before the meeting if you can. Union rep maybe? And I'd say do not apologise or admit wrongdoing unless pressed to.

Oh my dear, I'm so worried by how you're talking about this. Please take the advice everyone has given on this thread and realise it's their fuck up and not yours.

And even if it was yours, nothing is worth this level of worry and toxic shame.

I made a work mistake a few years ago and had a very similar reaction to you, which led to my being quite seriously ill with anxiety. I'm not saying that to alarm you, only to impress upon you the importance of learning healthy reactions and coping strategies for when things go wrong.

Best of luck to you.

I was about to say exactly the same thing as Brownmouse. The only context is which I know it would not be acceptable to search for yourself is as an NHS employee (@GertrudeCB in this context it's a sackable offence to look yourself up on the patient database).

Erm, it does not sound like you are in trouble? They've probably just realised it says wrongly that you are a manager and asked you not to use the system until its been rectified. Calm down!

You don't seem to be answering this question

Have they actually said the meeting is because you've done something wrong?

Or are you assuming because you clicked on things and you knew the information that came up wasn't meant to be accessible to you - you feel guilty and are making assumptions.

Whatever it is do not go in there all apologetic. Wait and find out what they have to say and then answer questions factually.

As other said - they made the original mistake by having the data available. They may be trying to absolve themselves of blame.

I work with police data and have access to highly restricted confidential information. I am allowed to search for people as part of my job but not at random or just by clicking on things. The difference is we are thoroughly trained and know exactly the boundaries of our access and are therefore accountable. You were none of those things are are therefore not accountable.

I work in private healthcare in a place where I used to be a patient, there's an alert on my file online that shows if me or anyone else views it, it's my info but I'm not allowed to view it and could be dismissed if I did. I always get paranoid I might accidentally click on myself

The email said under no circumstances access RED and that the meeting would explain why. That I am no longer allowed to do this part of the job (which I hadn’t even started doing as just got access to RED). The language was very formal and my senior manager was copied in. I just know it is because of my stupid attempts to figure out RED by accessing personal data.

I broke down & told DH. He’s been very understanding. I know I am probably over reacting but I have so much other stuff going on at home & usually work is my sanctuary & now I’ve messed up there too. Never really made a mistake at work before & I have been here 18 months so I should know better.

I get that you’re worried but you really need to take on board what people are saying. You shouldn’t have access to things that you’re not allowed to see. Especially if that info is so sensitive that the system is monitored.

I am taking on board everything everyone is saying. It is helping me put it in perspective, so thank you.

Sounds like a horrible place to work. It sounds to me like a minor mistake and they're trying to intimidate you for some reason. They messed up by giving you wrong access. Anyone could've done that. You were just trying to work out how the database worked and didn't know you weren't supposed to do those things. I hope they won't be too hard on you.

how could you book appointments without clicking on people?

They asked you to do something and then didn't sort out the access properly. This is spectacularly more their error than yours OP.

It may well have been 'seriously' worded because they have realised you've got access to things you totally shouldn't have - and that they've made a mistake with the authorisations.

You didn't know who these people were and it said you were their manager. You were trying to ascertain why they'd have put them on as your staff if you weren't their manager. Not unreasonable.

You weren't given any proper training so you didn't know what it should or shouldn't look like.

You are allowed to see your own data. Unless it was an NHS database of patient records, you have a right to see the data that they hold on you. The only reason the NHS is different is that clinical data can be withheld if it could cause harm or distress to you by knowing that information. So it needs to be checked before it is released.

You were not abusing a system.

You do not need to panic like this.

I've made much much worse mistakes at my job! Once I got measurements for a poster wrong and it was so big it covered the whole wall of the building instead of only a small part, and cost 4 times what it should have. Another time I accidentally revealed travel plans for a VIP security protected person on an insecure phone line, thus risking getting his safety. I could go on. Each time I felt like dying but I dealt with it by being completely honest and open and taking the blame. People weren't that hard on me then. Just tell them honestly you were trying to find out how the database worked, and clicked in the names just trying to see what would come up as you were uncertain what you were supposed to do on there.

I don't think it's your fault.

The clangers belong to the IT people who set you up with the wrong permissions and the manager who handed out the username and password without training you.

I'm a manager and if someone I manage did what you did I would be taking the blame.

You must stand up for yourself and tell them that it's totally unacceptable to give no training on a sensitive system, and leave you to work out how to use it.

That you're appalled that they've implemented new IT with inadequate training, and no-one in the whole company should have access to that system until they have all been properly trained.

That there are serious problems with the system itself if you can click on sensitive information without even being aware that that's what you're accessing.

You can't be the only one who has made or will make similar mistakes.

The clangers belong to the IT people who set you up with the wrong permissions and the manager who handed out the username and password without training you.

Exactly. Blame IT.

How would they know you have accessed it @daytimemom and seen personal information? Did you tell someone? Or do they check the database logs and your computer history?

It may be that you have done nothing wrong and that they've realised there is a glitch with the system which is why you have had this database removed from your task list. They may actually be calling the meeting to explain that and reallocate you with some different tasks

You haven't breached data protection in terms of accessing your own data; the issue is whether you could have changed any of your data. You shouldn't have accessed anyone else's info. BUT pps are right that whoever gave you the access has more to worry about than you.

If it's a disciplinary meeting or an interview under caution meeting then you should have been given full notice and allowed to take a representative.

There will be alerts on the system if someone accesses private info.

Meant In the kindest way OP you need to get a grip of yourself.

Ok so you shouldn’t have clicked on certain records but it doesn’t sound like you’ve been given any training or that the guides you were given were compulsory to review before a cesing the full system.

So make some notes NOW. List the events in short bulletin points I.e. here’s your login, familiarise yourself, what you saw when you logged in. Your confusion as to why you were listed as manager etc etc

Then tomorrow go into the meeting and do t say anything UNTIL your manager explains why you’re there.
See how it goes, it maybe just a “you shouldn’t have clicked on XYZ so until we can fix this issue you won’t have access to the system”

If they go full throttle for you, you Calmly go through your bulleted list. You ask why this situation arose, you are unsure as to why an error made elsewhere is now your mistake?
And crucially you have been able to access other people’s data through no fault of your own and are now concerned about who has had access to your data when they shouldn’t?

Own your own mistake but don’t own the whole problem

There will be alerts on the system if someone accesses private info.

Very unlikely there will be any alerts on the system for management / line managers accessing private information.

Please listen to what everyone is saying and do not blame yourself or apologise

This is their fuckup and you have done nothing wrong. Clicking on someone's name when you've been put down as their manager without knowing who they are is a perfectly reasonable thing to do. You weren't expecting that sort of info to come up.

This is not your fuck up.

Do you work for the NHS op?