Many of us will be familiar with the realisation that a member of staff that had recently left our employment seemed to be making approaches to our clients?
What the departing staff person may not realise is that your client has given you permission to use their personal data, not your departed employee.
Consider the outcome of a case brought by the Information Commissioners Office recently. The ICO said:
A former recruitment consultant has been fined for unlawfully taking personal data from his employer when he left his job to set up his own rival business.
DS left the recruitment company he was working for, VR, in October 2017 and a short time later set up his own similar company called VS.
Once VR became aware of the new company, it began to have concerns about the integrity of the database it used to recruit vets and nurses, which contained the personal data of more than 16,000 people.
VR contacted DS to ask if he had downloaded any of the information from the database and DS admitted he had taken some personal data, claiming it was for his own record of achievement.
The matter was reported to the Information Commissioner’s Office (ICO) and during an investigation it was discovered that DS had stolen the details of 272 individuals from VP’s database for commercial gain.
DS pleaded guilty to unlawfully obtaining personal data under section 55 of the Data Protection Act 1998 when he appeared at Exeter Magistrates’ Court on Thursday, 21 May.
He was fined £355 and was ordered to pay costs of £700 as well as a victim surcharge of £35.
Perhaps this is a subject we should raise with departing employees?