Former social services support worker shared confidential information

Former social services support worker shared confidential information

Published by Maria Greenwood at 8:12am 10th December 2019.

A former social services support officer at Dorset County Council's been sentenced after unlawfully accessing social care records of individuals known to her.

Michelle Shipsey was prosecuted for viewing records between 25 May and 26 July 2018 without a business need to do so. 

The offences came to light after a service user informed their social worker that Shipsey had revealed information about them to one or more parents at their children’s school.

An internal investigation was launched and Shipsey was placed on management leave, although no further action was taken against her as she resigned from the Council on 12 August 2019.

Poole Magistrates
Poole Magistrates Court

'Sentence' 

Shipsey, of Manor Gardens, Verwood, Dorset, appeared before Poole Magistrates’ Court on 2 December 2019 and admitted one offence of unlawfully obtaining personal data, in breach of s170 of the Data Protection Act 2018. She was sentenced to a six month conditional discharge, ordered to pay costs of £700 and a victim surcharge of £20.

Hazel Padmore, Head of Investigations at the Information Commissioner’s Office which brought the prosecution, said:

"Individuals accessing social services support are often already in a vulnerable position and have the absolute right to expect their dealings are treated with the utmost respect and in accordance with data protection laws. 

"Although new to the role, Shipsey had undertaken both data protection and cyber security training and therefore was acutely aware of the responsibilities she had towards maintaining client confidentiality."

County Hall 1

Jonathan Mair, Corporate Director (Legal & Democratic Services Monitoring Officer) said: 

"When we became aware of this issue we investigated internally and found that there had been a data breach.

"Michelle Shipsey resigned before we could take any disciplinary action of our own but we reported the data breach to the Information Commissioner's Office.

"This led to the Information Commissioner's own investigation, the prosecution and conviction of our former employee. 

"We have robust arrangements in place to safeguard personal information and all our staff receive training on protecting the information we hold.

"It is extremely rare for someone to misuse their legitimate access to our systems for illegitimate reasons.

"If this does happen then we will take our own action and inform the Information Commissioner.