Advisory Note for Staff Working Remotely
Data Protection Guidance
Due to the restrictions in place to help combat COVID-19, Maynooth University has published guidelines for staff working remotely. More details can be found on the Maynooth University Coronavirus COVID-19 Guidance site.
Guidance on Data Breaches and Emails
Most data breaches to do with emails are unfortunately as a result of human error, honest mistakes involving the disclosure of personal information.
Here are some common errors notified to the Data Protection Commissioner's Office:
- Email sent to incorrect recipient due to human error.
- Email sent to incorrect recipient due to the message service predicting the recipients email address based on the first characters entered.
- Attaching an incorrect document or hyperlink to an email.
- Forwarding an email chain to an unintended/unauthorised recipient.
- Email sent to multiple recipients using the ‘To’ or ‘Cc’ fields instead of the ‘Bcc’ field.
Recommendations on how to avoid these issues:
- Ensure the appropriate recipient has been selected before sending an email.
- Do not rely on your email client's autofill function to select the right recipient.
- Ensure that you do not 'Reply to All' unless you have double checked who that 'all' is going to be.
- Ensure the appropriate attachments have been selected before sending an email.
- Check that your intended recipients are appropriately placed under CC or BCC fields.
- If an email must be sent to multiple recipients where each person's email address should be kept private, use the BCC field.
If you are concerned that you have sent an email containing personal data of any sort to the wrong recipient(s), you should notify the Data Protection Officer at firstname.lastname@example.org.