Employers beware, as data protection issues grow, other areas of the law are slowly following suit.


If you employ staff I’m sure you know that you can be held liable for the acts or omissions of your staff.  What you may not know is that with the increased regulation relating to data protection, this has far wider reaching implications than you might have realised. 


Last year saw the first ever group action, brought by 5,518 employees, concerning a data protection breach.  A disgruntled Morrisons employee who believed that he had been badly treated by his employees decided to get his revenge by posting payroll data relating to nearly 100,000 Morrisons’ employees online.


The rogue employee then sent copies of this personal information to three newspapers.  Fortunately, they refused to publish it, but informed Morrisons who hadn’t previously been aware of the data breach. 


Whilst Morrisons took immediate action as soon as they knew, they were still taken to court by some of the staff.  The court agreed that Morrisons were liable for the data breach as the rogue employee’s job was to control pay roll data.  This meant that there was a sufficiently close connection between his job and his wrongful conduct. Morrisons took the risk of entrusting him and were held liable for the risk.

Although you cannot control everything that your staff do, you can put safeguards in place both to reduce the risk of a data breach and to show that you’ve taken your responsibilities seriously, which should give you protection against the risk of a claim.


Kleyman Solicitors, GDPR compliant and here to help! GDPR is no laughing matter. GDPR-HA-HA-HA!