Are my hands tied? No option but to resign

[Daai2014]

Background
I have been working on a huge programme for quite a few months its been weeks/months of hardly seeing daylight.
My personal section is in a very good position and feedback has been brilliant.
I felt the last 2-3 weeks some although mainly 1 of the team has gone above and beyond to exclude be from anything that was relevant to my role. Initial I considered raising this with her as at the time I would have considered her a friend but thought possibly it was down to stress as the programme is quite substantial.
Fast track to Monday, over the weekend this member of staff has run an “audit” of the system and I have been opening a plan I shouldn’t be accessing due to commercial sensitively.( although a lot more is shared in group chats with the team and none of it would be of interest to me!)
Now ALL of my access has been suspended even the items I need to do my job and following a 2nd meeting to discuss it seems I have really had no option but to leave . The files at this company are a free for all and I do generally search for something that may have been historically completed as it’s so busy I don’t have the time to complete from scratch given its more of a 24/7 role the times I am working would also support her case in some way. In the 2nd meeting I was told if I have an issue or as I raised, I feel I have been singled out and there has been a witch hunt of sorts to this I was then told if I want to go down that route they will file a formal data breach as this has already raised this with security. (Even being accused of a data breach can be career limiting) . All of this is when a lot of people are on leave so maybe her hope is, I will leave before anyone that might support me and is back. She’s has also been checking up on my work a little asking me for estimates of completion for documents that I have never been asked to produce.
(the person also has a reputation for this kind of thing was previously sacked from the civil service for there own bulling backfiring)
Any advice what to do? If I leave then I don’t have to put up with not really being able to do my job and having to see that horrible bitch but on the flip side if I just leave this does look like guilt and other than being careless with documents I may have opened but at least I might be able to sleep and eat just feel sick 24/7.

I have been opening a plan I shouldn’t be accessing due to commercial sensitively

Why have you been doing this?.

If you knowingly accessed data you should not then that may be serious misconduct. It also highlights that systems are flawed and security needs updating to limit access rights. How long have you worked there!

Depends what sector you are in I guess, but surely if it’s confidential then it should be in a secure drive or share point, which you don’t have access to, and probably also password protected.

Your call but I would argue it was an accident and the file was in the wrong place in that you were looking for something else and opened in error. Was there a process you should have followed to report yourself - did you even realise your cock up? If so you might be in more trouble for not reporting yourself than for the breach itself?

Some companies are a mess when it comes to data protection. In those companies the only way you can do your job is to access private files.

If you'd been doing this for ages, and presumably everyone knew, you could take a calm lne like, "Yes let's clean up our processes so we're compliant." Without getting defensive.

Is there a trusted person higher up whom you could take aside and say, "I'm happy to get feedback but this feels really personal". If they have your back, then take it from there,.

But if no one is supporting you, then yeah, leave the blames before it gets worse.

Leave the blamers. Sorry new phone.

Is there a genuine reason you were accessing things you shouldn’t have been?

Is it the done thing that everyone does? Ie can you prove others are in there too not just you and they are picking on you for whatever reason (gender, race, disability etc) if they aren’t taking it further with all?
Have you been there over two years?
Are you in a union?
If you resign you won’t get any benefits.

Even if you do what will your reference be like?

Why are they picking on you? What could you have done that they want revenge for?

Lots of questions that need answers!

Thanks all, I did have a reason as in I needed a date for my own plan as the person removed me from a chain with the dates I needed and everyone is off atm. I have emails to the fact I asked people for this date but I'm slowly thinking is there any point as its such a free for all something else could be used as in I may have searched a key term without intent opened something that isn't marked or noted as anyway sensitive for me to have to report opening it but so had everyone else.
I have no idea why they would do this to me if I'm honest.

Based on what you have said here, you did open a file or files that you shouldn't have. That makes you guilty, doesn't it. So it doesn't matter who supports you or doesn't - you did it. There isn't a staff vote on who is most popular - you did it, or you didn't.

Her alleged history is not relevant to whether you did it.

This isn't a defence that I'd try using if I want to keep my job - and it's not one I'd want to try on a potential new employer.

@PotteringAlong The first time I have ever been told they are "sensitive" was during this process they are in the "home" location of a structure.

So wait, no one actually told you that you shouldn't open these files?

Okay, it does sound like this person has an axe to grind. A normal response from management would be, "Looks like you accessed this, why? Let's fix this going forward."

This person does sound creepy but all you can do now is calmly hold your ground. If you're in another meeting just keep the focus on, "Right, what's the best way forward here?"

Does this "member of staff" actually manage you?

@Waytooearly Since day 1 nothing ever been "off-limits" if this was flagged in a company-wide "audit" but no, it been flagged by someone picking thought over a weekend, which doesn't seem like formal process.
Maybe I need to put my hands up to not knowing the sensitivity and apologize, which I did initially do. The person in question isn't my manger

This all sounds a muddle, and I don't think you are giving all the information.

It sounds from the muddle presented as if you have been digging in files that were none of your business, have been found out and just want to get out.

No bullying or improper process seems to be happening, just suspected impropriety being held to account.

And I wouldn't be surprised if this happens again or has happened before, so perhaps it's time to learn...

What this person isn't even your manager?

They're not senior to you?

Ignore them ffs. Give them a cheerful, condescending, "Great that you've put so much thought into all this X." And then be too busy to meet with them.

So these meetings, are they formal disciplinary meetings?

I'm guessing no, how can they be if it's not a manager?

You need to take a breath.

It's hard to work out because you're in the vortex of suspicion and fear but...

Your team (are you the manager?) went a bit cold on you even though you'd all been working well and very hard together.
A colleague (manager) over the weekend checked up on you / your work / other stuff and found you'd accessed confidential information

Have you been reprimanded for this? By who? Formal or informal?

Don't just leave. If you are doing what has become normal in the workplace to get the work done and you did not know the files were sensitive you have done nothing wrong apart from piss off some other random worker. Hold your ground.

Yes agree.

If it's just a colleague hectoring you about it, just pleasantly wave them away with, "That's helpful, thanks Jane. No we don't need to meet again. You want to report it as a data brach? That's up to you of corse, but you'd want to speak with (Manager). Okay Jane I'm going to crack on now!"

So all the folders and documents are on a server which you have access to?
You sometimes run a search and look at documents that you might use as a template?
None of the folders say 'confidential' or similar?
Is it so obvious that you should have guessed?

Sounds awful. I'd bullet point it and speak to your union ?

So if I've got this right:

You are working on a project and asked for dates you needed

These weren't forthcoming so you searched on the system to see if you could find them (search term something like, "date for phase 1 of special project")

You came across a file that had the dates you needed and was not password protected or marked in anyway as confidential or sensitive. You opened it to get the information you wanted.

Later, someone realised you had seen the information, which is in fact commercially sensitive (not GDPR beach from your description?)

You're now in trouble?

That doesn't seem right to me. It should be a case of implementing a better system so that file doesn't come up on searches or isn't available to people who shouldn't read it. Possible further training for you in recognising sensitive information as well.

If you've had training on how to recognise this kind of information and it was immediately very obvious you shouldn't have access then you could be in trouble for not reporting it but not for opening it iyswim. However if similar information had been shared with you in group chats then culpability tests with everyone in that group not just you.

Don't resign! Lay out the facts clearly focusing on the company's lack of process for protecting this information. Ask how they are going to manage it going forward. Maybe get in touch with ACAS to check employees rights on this.

It blows my mind that you can even open sensitive documents that you aren't allowed to access - why aren't they password protected?

It sounds like your employer is setting you up to take the fall for their poor data management.

Are you a member of a union? If so, speak to your rep. Alternatively I would try the CAB. I think you need proper advice on this.

Well, don't mae it ACAS thing.

No one who actual manages you has actually brought this up.

Don't go looking for trouble.

All that's happened is that a weird co-worker has brought up something she thinks you did wrong. Okay, thanks for sharing.

So did you know it was sensitive before opening and using it or not?

If they are not titre manager and it's not going through the formal process why would you leave ?

I'd stay and see where the 'investigation' goes. it sounds like a shambles. so what if you opened a file that was sensitive - if it wasn't labelled as such?

I agree with others that this doesn't make sense. If I search a shared drive, nothing that comes back is anything that I shouldn't see. It sounds like the fault is in the system of how the files are stored rather than with you.

Is it the organisation's data controller that is trying to make you a fall guy for those own non compliant system?