My work laptop was re-allocated to me from somebody else in the organisation. It appeared to have been set up for me with the right programmes/Apps, profiles and access rights.
A couple of weeks ago, searching for a 'lost' document I searched C:Users using the search character *.pdf.
As well as my own stuff it produced a hundred or so documents in a Quicken programme used for bills etc and which has no relevance to my role. As well as office gas bills etc in included staff members' expenses claims.
I think this is a GDPR breach.
Am I right?
|
If it includes personal details about others or clients you should not deal with, yes. If it's role, company related, no
|
>> If it includes personal details about others or clients you should not deal with, yes.
>> If it's role, company related, no
I think the first. It's staff members/volunteers (and outfits you'd expect providing services to our offices). My role is to deal with people (clients) with a particular health related problem and what Welfare etc Benefits they might get.
No authority etc to sign off payments to staff or other payees; no reason to see this stuff.
|
I guess this is the reason our IT dept. will not allow access to any of the physical drives on the laptop - it's all virtual or server based drives and doc folders. Try accessing the physical drive and you get a "not authorised" type error.
I guess you ought to mention it to your IT dept. to cover your derriere as it were.
|
>> I guess you ought to mention it to your IT dept. to cover your derriere
>> as it were.
I've done that. I leave the employer tomorrow and didn't want to leave it until my exit interview.
|
Employer says it's not a breach as no personal data involved.
Not sure I agree but given I'm not personally affected and I've moved to a different office it's not a fight that's worth having.
|