I have done something really bad at work. Meeting tomorrow to discuss it. So so ashamed and worried.

[daytimemom]

I am so ashamed. I have done something unforgivable at work. My stomach is churning. Just checked my work emails from home and saw one from my manager saying under no circumstances must I access a work database (will call it RED) and we will be having a meeting about it tomorrow.

RED is a new database I have just been given access to. It is an appointment booking database for work colleagues. Last week I was playing around on RED trying to work out how to use it as I needed to make an appointment for a colleague. I noticed I was down as a manager for a couple of colleagues on RED (I don’t manage anyone) so clicked on these colleagues names to see who they were. It brought up confidential info on them like address and date of birth. Accessing these colleagues details was my first mistake.

My second was clicking on my own name, I wanted to see what it said ie why I was down as a manager & in all honesty I was curious.

So by accessing my own record I have breached all our organisations information governance policies. I know it was wrong and I don’t know why I didn’t think about this at the time. So so stupid.

I now feel sick to my stomach. I am on probation so they could just sack me. How will I get another job with this on my record I know I have done something unforgivable but I don’t know how I will be able to cope with this

I really over reacted, that’s for sure. It was the stern email from my manager that did it, copying in other senior managers. If she had only written something along the lines about her and I not being allowed access etc etc

I need the calm down & not over react

So glad we were right but very sorry you had such an awful time over it. Worry is a terrible thing. Have a lovely chilled evening tonight

Glad it is as as we all thought. Thanks for the update.

TBH though, your manager could have worded her email a little better to make it absolutely clear she wasn’t blaming you for anything.

“Please don’t access RED again, there is a fault with the system, I’ll update you at a meeting tomorrow” or something.

Cross posted with your last message op.

I told manager I’d read her email yesterday evening (didn’t divulge just quite how hysterical I’ve been and she said she hoped I hadn’t been worrying as she planned to talk to me first thing today before I saw the email. The email was sent she said to confirm to RED manager that i’m Not allowed to access RED.

Wondering if I should still keep RED emails giving me my username and password just in case there is any future fallout ( not to access RED as that definitely would be grounds for dismissal)!

Always keep your emails for things like this -they're your paper trail, should you need it. You should be able to archive them. I hardly ever deletd emails, I just archived the lot, so I could always refer back if necessary.

Glad it's ok. 🙂

Good. A huge weight off your shoulders

But the RED manager appears to be at fault here. Surely there should be various levels of access, which should have been set up by the RED manager in the first place?

Any decent IT dept would have disabled your user name and password as soon as it's told you shouldn't have access

Any decent IT dept would have disabled your user name and password as soon as it's told you shouldn't have access

Any decent IT dept wouldn't be sending passwords by normal email in the first place.

People should only be able to access information that they're supposed to see. If I were given a login and password to a new system, I'd have a browse round it too! Not your fault you weren't trained or informed.

Always keep your emails for things like this -they're your paper trail, should you need it.

Make sure you save them off the system - as text files somewhere (as well as a "saved emails folder" in your inbox) on a backed up drive.

Good advice above but also print all correspondence via email and keep it safe nothing beats a hard copy

Glad everything went ok

Good advice above but also print all correspondence via email

Only if the organisations internal procedures allow for that ...

Also best to presume that no company-owned data is allowed off the premises. Either physically (on a USB key) or electronically (by emailing it to a personal account).

Any importantly emails I forward to my own email address

Any importantly emails I forward to my own email address

I hope your companies data protection policies allow that. It would have been a sacking offence at my last 3 employers. I had to sit in on an HR employee who was forwarding work emails (complete with employee details) to their home address.

That may be breach of contract.

Any importantly emails I forward to my own email address

That would have been gross misconduct at all the companies I’ve worked for

Yay! See we said they can't blame your for their mistake! Sounds like they may have panicked more than you

Big glass of something and a good nights sleep for you later!

Glad it’s sorted OP, hope you can feel more relaxed tonight!

I think whoever gave you incorrect access in the first place should accept some responsibility. Secondly, if the restrictions were not explained or no training given you have probably only done what many others would do. If your work ard worried about DP breach they can maybe get you to sign an agreement stating you will keep it confidential.

I suggest you get your manager to get proper controls in place and process usung the system documented.

Just worth noting the posts that have explained that there are circumstances where the outcome could have been wry very different.

I am so relieved for you. You will sleep well tonight.

Thanks for the update, OP. So glad it all turned out well. We knew you weren't to blame!

Sounds to me like whoever input the details was wrong, the programme was insufficiently secure, you proved anyone could get into sensitive data, and they are using you as a scapegoat.