Skip to main content Skip to accessibility
This website is not compatible with your web browser. You should install a newer browser. If you live in Jersey and need help upgrading call the States of Jersey web team on 440099.
Government of Jerseygov.je

Information and public services for the Island of Jersey

L'înformâtion et les sèrvices publyis pouor I'Île dé Jèrri

  • Choose the service you want to log in to:

  • gov.je

    Update your notification preferences

  • one.gov.je

    Access government services

  • CAESAR

    Clear goods through customs or claim relief

  • Talentlink

    View or update your States of Jersey job application

Staff data breaches (FOI)

Staff data breaches (FOI)

Produced by the Freedom of Information office
Authored by States of Jersey and published on 21 December 2018.

Request

A

I would like information on the number of States of Jersey employees dealt with for breaches of the Data Protection Law, for example investigated as a result of complaints, reports or internal audits.

B

The resultant outcomes, punishments / sanctions within the last three years, for example disciplined, words of advice, no further action, prosecuted, dismissed or required to resign.

Response

The tables below have been compiled from information provided by the various departments in relation to recorded data breaches involving SOJ staff members.


Total breaches by year

​20162017​2018​Total​
​1220​33​65​


Total breaches by outcome

​Referred to the OIC​17
​Disciplinary ​14
​Words of advice / warning / training​34


Of the 65 incidents in total, fewer than five members of staff faced criminal proceedings, 14 members of staff faced internal disciplinary proceedings, and 34 members of staff were officially warned or were offered additional advice or provided with further training. Of the 65 breaches, 17 were reported to the Office of the Information Commissioner (OIC).

Each States department has traditionally managed its own data breaches, but in line with the One Government approach, work continues towards a more centralised system to ensure that incidents are managed consistently and that the opportunity for any lessons to be learnt are maximised across the organisation. The States of Jersey have recently appointed a Data Protection Officer to provide strategic oversight of data protection compliance across the organisation. This officer is advised of breaches reported by States of Jersey departments.

To avoid the potential for identification of individuals, disclosure control has been applied to numbers fewer than five under Article 25 (Personal information) of the Freedom of Information (Jersey) Law 2011 (the Law).

Article applied

Article 25 Personal information

(1) Information is absolutely exempt information if it constitutes personal data of which the applicant is the data subject as defined in the Data Protection (Jersey) Law 2018.

(2) Information is absolutely exempt information if –

(a) it constitutes personal data of which the applicant is not the data subject as defined in the Data Protection (Jersey) Law 2018; and

(b) its supply to a member of the public would contravene any of the data protection principles, as defined in that Law.

Our sites
Back to top
rating button