Morrisons Data Breach – The Implications

Nicola Mullineux

Nicola Mullineux

blog-publish-date

31 Oct 2018

blog-read-duration

The recent case against Morrisons due to a data breach by one of its employees has far-reaching implications.

Where did this all start?

This all began in 2014, when an internal auditor at Morrisons posted the private data of more than 100,000 employees online. He was subsequently jailed for eight years. Following the result, over 5,000 affected employees brought a case against Morrisons itself, seeking compensation for the breach and the resulting impact it had on their lives.

The retailer argued that it was not liable for criminal misuse of the employees’ data.

After a long, gruelling period, the Court of Appeal upheld the judgement, and found Morrisons vicariously liable for the leak. Since the decision has been made, the retailer has said it will be taking the case to the Supreme Court.

What are the implications?

The leak of employee data was a direct attack against the company by a disgruntled employee, and from the company’s perspective, they may have thought they did all that was required of them to protect employees’ data. As the auditor was required to work with sensitive data, there was seemingly little they could do to restrict his access to it. However, this ruling states that the responsibility for keeping data secure falls to the organisation itself, meaning the employer is liable even if measures are in place to protect employee data.

Naturally, this has troubling implications for employers across the country who will now be wondering where they stand, and if this will bring an onslaught of claims relating to personal data against them.

The ruling will be challenged by Morrisons, meaning it may shift in the other direction, however as it stands, it is worth reviewing your privacy policies, your data protection policies and more to ensure you are doing all you can to avoid potential issues. The best defence is ensuring a breach doesn’t happen in the first place.

Start implementing this defence during the onboarding process with a new employee. Conduct background checks, and limit access to sensitive data from an early stage. If you haven’t already, have a clear company policy, and offer compliance training to everyone. When an employee leaves the company, make sure all accesses are revoked, data is removed, etc. Finally, ensure remote access to all work devices so data can be secured at a moment’s notice.

Expert Support

If you need expert advice on GDPR implications for employee data, or are concerned about your data protection policies, speak to a Croner expert on 0808 145 3385

About the Author

Nicola Mullineux

Nicola Mullineux, as Group Content Manager, leads a team of employment law content writers who produce guidance and commentary on employment law, case law and key HR developments. She has written articles for national publications for over 10 years and regularly helps to shape employment of the future by taking part in Government consultations on employment law change.

linkedin

Nicola Mullineux

Free to Download Employer Resources

  • Pay Awards & Forecast (September 2018)

    FREE DOWNLOAD

    Pay Awards & Forecast (September 2018...

    Read Croner Reward's expert settlement and forecast report for September 2018

    Read more
  • Sample Health & Safety Policy Statement

    FREE DOWNLOAD

    Sample Health & Safety Policy Stateme...

    Here we’ve included a free sample Health & Safety Policy Statement that UK business owners can refer to.

    Read more
  • Pay Awards & Forecast (June 2018)

    FREE DOWNLOAD

    Pay Awards & Forecast (June 2018)

    Read Croner Reward's expert Settlements and Forecasts report for June 2018

    Read more
  • Holiday entitlement - everything you need to know

    BLOG

    Holiday entitlement - everything you ...

    The annual employee holiday entitlement in the UK is 5.6 weeks. This figure is t...

    Read more
  • What is the best way for your employees to clock in and out of work?

    BLOG

    What is the best way for your employe...

    Clocking in and out of work may be a necessity for your workplace, but it can al...

    Read more
  • How Much Does Employee Turnover Cost Your Business?

    BLOG

    How Much Does Employee Turnover Cost ...

    A recent Glassdoor survey revealed that almost 35% of hiring professionals expec...

    Read more
  • bemrose-school-derby

    CASE STUDY

    Bemrose School Derby

    “Having Croner-i saves us a lot of time and money, as we do not have to use cred

    Read more
  • wmtr

    CASE STUDY

    WMTR

    “I’d definitely recommend the Croner OnSite services and I have done already, I

    Read more
  • certikin

    CASE STUDY

    Certikin

    “Our Distribution Manager had a particularly technical query relating to respira

    Read more

Ready to focus on what you do best?

Get your free consultation and speak to an expert today.