Nilesh Morar, an ex-employee of Leicester City Council, has been prosecuted at Nuneaton Magistrates’ Court for unlawfully obtaining personal data.
Mr Morar took the details of service users of Leicester City Council’s Adult Social Care Department without his employer’s consent, which is against the law. The council became aware that after leaving the Council he had set up his own business.
The defendant pleaded guilty to the offence under section 55 of the Data Protection Act, and was fined £160, ordered to pay £364.08 prosecution costs and a £20 victim surcharge.
During an initial investigation, the council found the defendant had sent 34 emails to a private email account in February 2016, prior to him leaving the organisation.
Head of ICO Enforcement Steve Eckersley said:
“People’s personal data is protected by law and employees should not be helping themselves to information if they decide to set up a new business or move to a new position.”
It was later discovered that the personal information of 349 individuals were sent to his personal email address including sensitive personal data in relation to service users including medical conditions, details of care and financial details and records of debt.
Mr Eckersley added:
“Employees need to understand the consequences of taking people’s personal information with them when they leave a job role. It’s illegal and when you’re caught, you will be prosecuted.”