News & Resources

Former social worker fined for illegally sharing highly sensitive information on children

  • Posted on

A former social worker has been prosecuted for illegally sharing the personal information of children. The social work data breach affected 14 youngsters in care; some of who were at risk of child sexual exploitation.

What happened in this case?

Leo Kirk, was suspended from his job as a social worker after it was discovered that he had persuaded a grieving woman to lend him money for a mortgage repayment. The woman had post-traumatic stress disorder, anxiety and depression. As part of his job, he had helped her to claim backdated benefits before he was transferred to another post.

He was then reprimanded by the Health and Care Professions Tribunal Service for a clear breach of professional boundaries. He was accused of a 'lack of integrity'' and ''abusing his position of power''

To make matters worse, without disclosing his suspension, Mr Kirk carried on working for a private care company that helps young people. Mr Kirk then sent private documents that included sensitive information about several youngsters to a rival organisation.

What was the outcome of this social work data breach?

The UK's data watchdog began an investigation into the social worker data breach after Mr Kirk's employer found out about the breach.

According to the Information Commissioner's Office (ICO):

''We received a report about unlawful misuse of personal data by a manager who had without reason passed on documents about up to 14 young people aged 16 to 18 to a competitor. He was employed by Holywell children's services but gave details of 14 children to Hillgate Health group, which was providing placements for children who are in care.

''Mr Kirk was suspended from his job on May 10, after breaching data protection rules and an investigation revealed he had unlawfully disclosed referrals for residential and foster care placements for vulnerable young people aged between 16 and 18.

"The information identified sensitive personal data including accommodation and foster referrals and personal data about children in care.

''This sensitive personal data including details concerning sexual behaviour, sexual grooming and the risk of child sexual exploitation plus any history of abuse. It also contained details their health, police cautions and court referrals.

Mr Kirk admitted two charges of obtaining and recklessly disclosing personal data under the Data Protection Act 1998. In response, he was fined £483 and ordered to pay a further £412 in costs by Stockport Magistrates' Court.

Mr Kirk is no longer involved in social work.

Lessons learned

The Data Protection Act exists to protect the privacy of individuals. And, this case should remind people that they could face criminal prosecution and fines if they access or share personal data without a valid reason.

At Hayes Connor Solicitors, we see many different types of claims and understand how data breaches can affect people in different ways.

Helping to reduce the number of data violations taking place across the UK, we are sharing such real-life examples of data protection breaches to raise awareness of this issue and educate people to prevent similar instances from happening.

For more advice on how to keep your data safe, follow the Hayes Connor #NotJustHackers campaign onTwitterandFacebook.

Alternatively, if you have been the victim of a data breach,find out how we can help you to recover any lossesor contact us to discuss your case in more depth.

Find out how our experts can help you with your claim

Make a claim