I have received someone's disciplinary letter by email by mistake............

[Nailgirl]

So I've just opened my personal email account.
It is clearly Nail Girl @ gmail or whatever.

The email says "Dear Nail, as discussed details of the disciplinary for next week etc -see attachments" from Joan (insert another name).

Panicking -I hope the attachments as of course my first name is Nail.

Except this is a whole different person, name, address, medical details, and documents, OMG.

The email is signed off to her "best wishes for your wellbeing".

Not my company etc. -OMG.

I've emailed them back and said "Nail Girl is not Nail BonJovi -as should have been obvious from the email address. I suggest you contact Nail Bon Jovi pretty sharply and tell them that her confidential disciplinary stuff was sent to the wrong email. Obviously I opened the attachement due to the informal tone of the email that addressed me by my first name.

I will be printing off these documents tonight and posting them first thing in the morning to her address.

I asssume that this would be the right thing to do.

Why would a government body send info on a disciplinary to a personal email address, rather than the individuals work address?

By posting this to her it could get into the hands of someone at her home address who she wouldn’t want to know. That would be worse, be careful

send info on a disciplinary to a personal email address, rather than the individuals work address?

It is likely that the person is out on sick leave.

Is it not usual to be able to access work emails remotely?

Is it not usual to be able to access work emails remotely?
No it isn’t unusual. It depends on the role and type of business environment.

I have a fairly common name and got in very early with a popular email address.

Think [email protected]

There are a hell of a lot of people out there also called Sarah Jackson who use yahoo and are very very bad at remember to put “1234” after the Jackson on their email address. I have had everything from bank account details to medical info to a 5 page instruction on how to look after someone’s dog for the weekend. And I’ve been signed up for a hell of a lot of mailboxes.

One of the most interesting things about it is that a reasonable number of the Sarahs don’t actually have the surname Jackson. Presumably Jackson is their maiden / married name and they normally use the other name.

So, in my view, there is a good chance that there is no GDPR mess up at all. Just a Nailgirl who is rubbish at filling in her email address.

Medical records too, eh?

I would drop the person a line staying you had been sent their confidential documents by error. Then email sender and inform them they have made an error and you have deleted the document after I forming intended recipient of the breach. Then let them deal with it.

A local MP once wrote to someone about their Motability or something and addressed it to me by mistake. I think I had written to him about an unrelated issue. I should've reported that as it wasn't good. She was in the same road so I just called round with the letter.

I would suggest reporting it to whoever is senior to the person who fucked up.

@Thismustbelove

This is a big data breach

It’s really not. I’m a lawyer, dealing with privacy and would be in touch with the ICO and other SA’s weekly. This would not even register a response if the company decided to report and on the basis of the OP it’s non reportable anyway.

Weird power play response. Non event. Normal balanced response = respond to say sent to you in error, delete.

Typical MN thread - the posters whose legal training is based on a few episodes of Ally McBeal are all "OMG, this is a major breach, report to everyone, print stuff off, get evidence, contact the intended recipient, the Queen, the employer, the sender's boss"

And the people who are actual lawyers say "Meh, nothing to see here, human error rather than deliberate or systemic failure of process, delete and move on."

I can't fathom why so many people think this is a big data breach. It's really not.

I also can't understand why so many people think it's appropriate or the right thing to do for the OP to print and mail the info. Do you think you live in a crap film or something? 😂

Blimey.

Email them back, delete the original, move on.

Yes, GDPR etc. But as you know you don’t want yo do nefarious things with this poor person’s info, there’s nothing really to worry about, is there?

I’d be way more worried about you printing copies off and posting them to me. Then I’d start to think something weird was going on.

@Nailgirl I think you are doing the right thing. My partner recently started getting what he thought were odd spam emails from cineworld. Turned out that he was being sent highly personal redundancy information about a person with the same name but with a slightly different spelling.
One he realised what it was he contacted the sender straight away to tell them of their error. No reply and he got more of this guy's personal info sent to him. In the end he emailed the guy directly and advised him of the GDPR breach.

@ItsAllGoingToBeFine

Is it not usual to be able to access work emails remotely?

Of course. How else would anyone be able to work in lockdown.

"I think GDPR only applies to businesses/organisations handling data. I doubt OP would be in breech of it as she is not running a business or organisation."

I think that's true - sorry if someone has already answered either way BUT all sorts of voluntary associations also have to abide by it, which is really quite difficult for small clubs and the like to deal with.

Amazes me people still open random unsolicited emails and attachments in 2020

Well I mean it doesn't amaze me really, I'm exaggerating

So you know some information about someone you don't know, will never be likely to meet and can use it for nothing.

So why not just email the company back and tell them, they delete the email?

What purpose would it serve sending it on to the intended recipient?

You can do nothing with the information.

confused.com

Maybe, just maybe the intended recipient gave the wrong email address, otherwise how would they randomly send it to you?

I think you need to get a hobby, you are way over invested in this.

That's a very good point @WhatATimeToBeAlive, what a coincidence it would be otherwise!

I think you need to get a hobby, you are way over invested in this.
This in a nutshell, really. The idea of printing out this stuff and sending it through the mail is beyond weird.

Amazes me people still open random unsolicited emails and attachments in 2020

I rarely open emails! My family and friends text or WhatsApp, most emails are confirmation of an order I've placed, advertising or spam so I just scan the headers and that's it.

It only if I'm expecting something specific to be emailed to me that I will open that email but otherwise no.

When I first read this I thought no why would you send them? Having thought about it though, this is a serious breach. It's not your problem but if it was me I would want to know exactly what information had been sent and to whom. Not your business but if you can help someone why would you choose not to?

@Trixie18

When I first read this I thought no why would you send them? Having thought about it though, this is a serious breach. It's not your problem but if it was me I would want to know exactly what information had been sent and to whom. Not your business but if you can help someone why would you choose not to?

Because the odds on it being a scam are very high 😂 Just like those Nigerian princes who are so desperate to share their millions with gullible strangers.