[BreachExchange] Tesco worker compensated after supermarket lost 15 years of her medical records
Terrell Byrd
terrell.byrd at riskbasedsecurity.com
Thu Oct 28 10:39:27 EDT 2021
https://www.bristolpost.co.uk/news/bristol-news/tesco-worker-compensated-after-supermarket-6112003
A woman from Bristol has been awarded £3,000 in compensation after
discovering Tesco had lost 15 years of her employment records, including
sensitive medical information.
Jacqueline Ogborne worked for the supermarket chain for 30 years but said
the data breach left her ‘feeling violated’.
The 55-year-old only discovered Tesco had lost her employment records,
which included counselling notes and personal medical information about her
post-natal depression, when she requested it all as part of a employment
tribunal claim.
She said she was left ‘stunned and distressed’ when Tesco said they had
lost 15 years worth of her employment records, and despite an extensive
search, they could not find it.
She then sued Tesco for the data breach, and secured £3,000 in compensation.
“It astounds me that such private information has been lost,” she said.
“I’ve got no idea where it is and who has been able to read some of the
most personal information about me. It is shocking that I wouldn’t even
have known about this if I had not needed to request the information as
part of my employment tribunal claim.”
“Anyone who has experienced postnatal depression will know how vulnerable
you feel.
“This was an incredibly challenging time for me. When I shared this
personal information with my employer, I thought I could trust them to look
after it and keep it secure,” she said.
“I feel violated, and although I’m pleased that Tesco has settled my
compensation claim, the distress does not go away. I still don’t know where
those files are or who has access to them. Tesco has never apologised,” she
added.
Her case was taken up by Ben Brown, a data breach expert at litigation
executive at law firm Hayes Connor.
“Employers need to do more to keep the information they hold about
employees safe and secure,” he said.
“We are seeing more and more cases like this, where employees are
discovering that private information has been misplaced or lost.
"Employers must have effective processes in place, particularly as they may
be asking for ever more personal information from employees, including
Covid-19 vaccination status,” he added.
Tesco has been approached for comment.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20211028/1fb1170e/attachment.html>
More information about the BreachExchange
mailing list