Guernsey Police have breached the data protection law, after officers acted in "good faith" and passed on the personal data of a person they believed needed help to two professional health teams.
The individual made a complaint to the Office of the Data Protection Authority following the incident and an investigation was carried out.
Once they were made aware of the complaint, Guernsey police asked that the shared information be destroyed, and both parties who had been sent the data confirmed that they had done so.
"Guernsey Police take the protection of personal data very seriously," said Head of Law Enforcement, Ruari Hardy. "We are here to serve the community so when members of the public come forward to seek our help, we hold ourselves to the highest standards to ensure they receive the support they need.
"In essence, that is what led to the data protection breach. Officers believed an individual needed help, acted in good faith and did what they considered to be in the best interests of the person."
Pictured: Guernsey Police breached the data protection law.
The ODPA ruled that the police had failed to ensure data was being processed in a "lawful, fair and transparent manner". However it did take into account some mitigating factors:
The complaint and investigation was in relation to only one subject
No other similar complaints have been made about Guernsey Police
The data was shared with two professional teams which the officers believed would be able to help the individual
Guernsey Police sought the destruction of the data
Guernsey Police are now reviewing the existing procedures
The police cooperated with the authority
Pictured: Officers were said to be acting in "good faith".
The ODPA could impose a fine for the offence but, given the mitigating factors, has instead issued a notice to Guernsey Police imposing a formal enforcement order to bring processing operations into compliance, and a reprimand for the lack of compliance.
"Prior to these findings by the ODPA, Guernsey Police took action to reduce the risk of a similar breach occurring," Mr Hardy continued. "Certain documentation was changed and internal procedures were varied to deal with similar circumstances.
"The current procedure requires officers to refer such matters to a supervisor to assess before any personal data is aired with other professional teams.
"I hope this reassures the public about how seriously we take the need to protect people's personal data, notwithstanding the importance of police officers being able to lawfully share information with appropriate professional bodies if they believe there is an immediate threat to the safety of an individual."
Comments
Comments on this story express the views of the commentator only, not Bailiwick Publishing. We are unable to guarantee the accuracy of any of those comments.