Active discussions

Meet the Other Phone. A phone that grows with your child.

Meet the Other Phone.
A phone that grows with your child.

Buy now

Please or to access all these features

Talk
Work

Chat with other users about all things related to working life on our Work forum.

Original poster

GDPR - Email Addresses

12 replies

HCMM · 17/06/2024 18:11

Sent an email - which was meant for the two clients - forgot to Blind CC them resulting in them being able to see each others email addresses. We are all working on the project together/have met and the email was for both of them, I know I should have done them separately and I have reported to data protection colleague whose sent it to the correct channels - I feel so stupid and unprofessional, I have never been shown how to blind CC as I usually just sent separate emails but didn't even think as we are all on the same project :(

OP posts:
Jammylou · 17/06/2024 19:38

Wouldn't worry too much as you did the right thing and reported it. It's a low risk breach.

Original poster
HCMM · 18/06/2024 17:35

Jammylou · 17/06/2024 19:38

Wouldn't worry too much as you did the right thing and reported it. It's a low risk breach.

Thank you - the department emailed back asking for more info, no complaints/comments from clients today so hopefully should be sorted for tomorrow and probably will have to do some more training, lesson learnt!

OP posts:
moggerhanger · 18/06/2024 17:43

Ask your IT team (or whoever is the right person) if there's an alternative to BCC. It's a very bad way of securing client confidentiality because it relies on humans to implement it. Ideally your workplace will have some means of communicating with clients that doesn't involve humans having to remember to use BCC.

Original poster
HCMM · 18/06/2024 17:46

moggerhanger · 18/06/2024 17:43

Ask your IT team (or whoever is the right person) if there's an alternative to BCC. It's a very bad way of securing client confidentiality because it relies on humans to implement it. Ideally your workplace will have some means of communicating with clients that doesn't involve humans having to remember to use BCC.

Will ask tomorrow :) Thanks

OP posts:
moggerhanger · 18/06/2024 17:50

I've been there and done it myself BTW ;-) I remember that horrible feeling when I realised!

Aaron95 · 18/06/2024 17:50

If everyone is working in the same project it would seem highly likely that you have all agreed to share some personal data. It would be very difficult to collaborate otherwise.

behindthemall · 18/06/2024 17:54

I once sent a clients personal details, name, address, national insurance number and details of a confidential transaction to a totally different, unrelated client.

I reported to the GDPR team and absolutely no negative consequences, other than I felt like an idiot for a few days.

Original poster
HCMM · 18/06/2024 21:14

behindthemall · 18/06/2024 17:54

I once sent a clients personal details, name, address, national insurance number and details of a confidential transaction to a totally different, unrelated client.

I reported to the GDPR team and absolutely no negative consequences, other than I felt like an idiot for a few days.

Thanks so much for the reassurance :) It's very much apperciated

OP posts:
Original poster
HCMM · 18/06/2024 21:16

moggerhanger · 18/06/2024 17:50

I've been there and done it myself BTW ;-) I remember that horrible feeling when I realised!

Thank you for the reply! Yes, honestly such a horrible feeling! Thanks again :)

OP posts:
Original poster
HCMM · 18/06/2024 21:18

Aaron95 · 18/06/2024 17:50

If everyone is working in the same project it would seem highly likely that you have all agreed to share some personal data. It would be very difficult to collaborate otherwise.

They are external clients, I think that is where the issue was really but lesson learnt and hopefully sorted tomorrow :)

OP posts:
NatMoz · 18/06/2024 21:23

Even the ICO aren't bothered about this unless the content of the email is highly sensitive (eg patients who are HIV positive and therefore require privacy)

Original poster
HCMM · 18/06/2024 22:17

NatMoz · 18/06/2024 21:23

Even the ICO aren't bothered about this unless the content of the email is highly sensitive (eg patients who are HIV positive and therefore require privacy)

No no, nothing like that. The content was aimed at both clients, I didn’t blind CC their emails, that’s the issue but the content wasn’t sensitive, it ‘nice to meet you’ sort of email

OP posts:
New posts on this thread. Refresh page
Swipe left for the next trending thread