This is not about a public records requestits about how information is released to the public before that information becomes public. And thats still very unrealistic / way off-base, if OP truly gets why this was a slam-dunk decision, in that particular circumstance. Yep, I think its worth LW remembering that while she knew shed never leak anything again, her boss and co-workers dont. I have a whole bunch of very personal medical information swimming around my memory and I while some of it Ive wished I could share with my spouse, I never have. A lot of times, the actual employee might not be important, but they might know something like when a key senior person works, or gossip about so-and-so, that is then used to either help with hacking, help with fraud, do additional social engineering where they know just enough about a topic to lead the conversation, or in some cases to put pressure on a higher-level person to try to get them to give further information or make certain decisions. Assuming this is in the US, and were talking about FOIA laws, typically a records request will come through a particular channel (not likely to be some random employee in communications.). Also, Ive seen plenty of firings that were absolutely not presented as position elimination. Even if the exact reason wasnt shared employer isnt going to say Oh, Jane took home a spreadsheet full of MNPI they will absolutely share that the ex-employee was fired for cause, not laid off. Its not a big career risk for her friend the way it is for her, but depending on what the information was, it could have put the friend in an awkward position. A first offense is still a breach in trust. I know Id be pissed at you. Everything the OP described sounds like a non-public record. Is this the appropriate place to bring up Anthony Scaramucci not even uttering the phrase off-the-record during his bizarre call to Ryan Lizza and then being upset when his words were published? Don't worry, you're still qualified to be Secretary of State. Thats also real life. And this will definitely have an effect on how you come across to people interviewing you in future. In sending that information to your own mailbox, you transmitted the data to a number of machines, any number of which could be intercepting the data for reading, and many do albeit for legit purposes of scanning for advertising relevant stuff or scanning viruses. (Im a journalist, there are only a few specific cardinal sins in our industry, so lets euphemistically call this a case of inadequate attribution.) There are offenses, especially regarding releasing items, that would be serious enough to warrant immediate dismissal. You can bet Id be gone with no second chance despite my almost-20-years and ton of good work. There are people who would refuse to acknowledge their error and go about their lives being bitter and blaming others. No, no, no, no, no. Thats pretty ratty behavior. Your coworker was not at all in the wrong here, OP. On Monday, I was called into a fact-finding meeting with HR. I work as a contractor on a program that just announced 10 new cities will be joining. I know it isnt the actual incident since the details dont match (no twitter or cake pictures mentioned in OPs case), but I was assuming it was something like the NASA gravitational waves thing. On other occasions, you might accidentally receive a confidential email with information meant for one person (or a few people) you know. Not necessarily for the leaking but for the way youre talking about it. It might not seem to be that big a deal to you, but depending on what the information you shared was its really easy to use seemingly trivial information for profit. I dont find it understandable that the OP expected a second chance for this, as someone who routinely deals with unclassified-but-FOUO, Confidential, and Secret information, except insofar as I can have sympathy for someone who perhaps didnt understand the gravity of their actions until consequences came down. When I worked for the bank in the security investigation department, we had systems in place that monitored Famous Peoples accounts and would flag them if they were opened/touched. When we accidentally receive a confidential email from people outside our own organisations, things are a little trickier. Yep. People tend to share with trusted confidants/partners/etc. Thank you it was getting boring to read everyones outrage. You're fired for violation but convince the Dept of Labor that no one without an IT degree could ever understand your policy. e.g. As a government employee they are obligated to report a breach of information regardless of whether they like the employee they are reporting or hate their guts. How to Handle the Dreaded 'Reply All Moment' - New York Times Unfortunately these days a lot of the regulators are crooked and will never do anything about problems without a lot of public pressure (and sometimes not even then). Or does it only matter that I broke a rule?, For #1, Youre certainly allowed to bring up anything you want in an interview, the question you should really be asking is, Will it help or hurt my candidacy to bring this up?. For me, that was it. And there are reasons the rule is dont leak, rather than dont leak (except to people youre *really sure* wont tell any one else (except people who they are really sure they wont tell anyone else (except people theyre absolutely positive wont tell anyone else))). Challenge them directly and be sure that when they say it's okay to start at 9.30am, make sure they actually mean it, or don't do it. This is awkward to frame as apparently it would have passed unnoticed if you hadnt taken aim at your own foot and then pulled the triggerit would be better if you were fired after fessing up to your superiors, rather than involving anyone else. I even tell friends this who work in classified situations and I dont even report the news anymore.). If it does, you can explain calmly that in a moment of weakness, you broke a serious rule regarding sending information to someone outside the company, but youve learned a hard lesson you never intend to repeat. Period. None of this makes you a bad person, untrustworthy, or unemployable. Im so sorry and I will never do anything like that again.. I am really jaw-on-the-floor stunned at people taking aim at the coworker. Its not about breaking a rule, its about potentially causing some serious issues by leaking information. But it could be that GSA's dad had a code/password to verify it was actually him and the caller forgot to verify that first. While it clearly appears LW would not have done any of this, the regulations and policies are written to protect the employer and coworker from any potential negative actions. But she also would not tell me if she spent a day at work planning for a war!). When theres something I really want to share with my wife, I mask it, pretty much what we do here talking about how the client invested in llama shearings, or called up asking about rumours of purple llamas, or asked us to sell all their teapots that kind of thing. I do have to wonder if the hospital failed to educate its employees on how freaking serious that kind of breach was, although Id still put the failure on the feet of the violators. Accept responsibility for what you did. If you were fired for an embarrassing reason that would torpedo your chances in an interview, say that your position was eliminated. I think if the OP had framed the situation as, how can I get another job after being fired for being a whistleblower after I shared important but unfortunately confidential information with a journalist because the public has a right to know, these comments would be very different. While irritating, email from mass marketing lists dont require a response and you probably wouldnt get an answer anyway. I am now going to assume that its exactly that. I constantly have journalist friends asking for confidential tips, and there is no way I would ever give up any information. Given how much we have learned about foreign intelligence operations in American social media in the last few years, this is yet another reason why information security of all levels is taken so seriously. I think thats misunderstanding the severity of why what OP did was not ok. Theres any number of non-confidential matters that are embargoed prior to their public announcement. Doesnt matter if it was a friend. It can depend on what mechanisms are in place to protect the content of the email, who is sending the email, who it is being sent to, the content of the email, and whether the subject of the HIPAA information has provided their written authorization for unsecured PHI to be . In my experience, it was highly effective. Send the attachment in a follow-up email and, in the future, attach the document before you even begin writing your email. So, you just caused a data breach, by CCing the wrong person in an Best of luck in your next job! Im not feeding a narrative, Im expressing my opinion. 27 April 2021. It may be unfair to assume a journalist is cutthroat and would kill for a lead, but its also nave to assume they wouldnt let anything slip to the exact wrong person. Also to prevent someone who might be a bit dangerous, from hurting you. But leadership has to know that if they share confidential material with us that it will stay confidential. All rights reserved. If youd like to learn more about human layer security and email data loss prevention (DLP), you can explore our content hub for more information. Fired. But doing so would likely out the department LW worked for, and probably LW herself. The embargoes I deal with are not earth-shaking (or even quivering), but the people involved are dead serious about not publicizing the information before a specific time. LW, we are all human. While the 911 caller believes criminal charges are appropriate, that is a matter for the district attorney to decide. What if I accidentally sent a work email to my personal email? Will I As this was almost the entirety of your job they really couldnt keep you around. While most organisations take measures to prevent and protect against external cyber-attacks, many don't protect themselves against accidental leaks by their internal staff. The letter makes it look like you only told one person out of turn, but actually you told two people. That said, I am curious if theres other context that explains why they fired you for a first offense without warning you first. Mostly, Im saying this to you so that you understand that you should never have trusted that co-worker to keep that kind of information to herself, no matter how much of a mentor shed been to you I do think that she should have told you that this was serious enough that she couldnt not report it. The violation was only victimless by accident and confidentiality rules dont hinge on whether or not the leak is known to have caused damage. Dec. 17, 2009 -- You probably don't think twice about sending personal messages through your work e-mail. Whether it's done to work from home, to print . Its your actions that are right, wrong, or in that confusing gray area, and what you feel doesnt have to dictate what you do. There isnt really such thing as a rat in the workplace. 10 Ways to Rebound From an Embarrassing Email Mistake Youre heading in the right direction, and youve also gotten some really good advice. If I happened to expose that to my BIL who runs the comic book store and has a bunch of media and arts and entertainment contacts? Its also possible that the way you talked to your boss about it cost you a second chance too- if you were anything other than mortified and taking 100% responsibility, they likely thought it wasnt worth trusting you again. when we had a high school shooting, a student I knew (10 y old) and who got into it (gladly uninjured) got a visit from his own uncle who was a journalist that very evening, who came to visit the parents and then proceeded to try to get his nephew to talk about the details. Yeah, one of my former coworkers, who was allegedly fired from our company for bringing a gun to work, found another job a couple months later in our same industry. I wonder LW, would your interactions with the higher ups have been different if your co-worker/mentor had given you the heads up that she was going to have to report this? 100%? As far as I know, he held the highest security clearance a civilian could have. Reacting to being fired for that as if being personally persecuted over some piddly technical rule violation and not being given a second chance? RIGHT NOW it is totally privileged information and it needs to be treated that way. 3. I can remember almost exactly what I said: It was wrong of me to put that information out. The mistake was breaking company policy not that they announced to a coworker they broke company policy. Also in any governmental job or any job governed by many laws and regulations (such as medicine, law, dentistry, etc) they are laws and compliance regulations in place that must be abided by and every employee had to sign such an agreement usually yearly but at least upon hiring. Theres beating themselves up, but then theres also understanding and feeling properly appalled that they did something really unconscionable. Agreed, except for this: a journalist, who by profession is at risk for leaking said confidential information. In fact, if I ever got a query from someone I knew, I was required to hand off the query to a colleague. FOIA and open records requests are really big deals. Im very aware of that reality, so I confine my work email to work stuff only. This is a very astute comment, especially your last paragraph. I would have been fired if I did any one of the things OP did when I worked for the feds (e.g., using Slack, speaking to a journalist without authorization even if they were a long-time friend, disclosing soon-to-be-public information before it was publicly available). I wonder how trustworthy the LW considers themself (sp?)? The best workplace I ever saw in this regard was a law firm that specializes in foreclosure (I am not a lawyer, but I worked there in another capacity). Rule 1.6 Confidentiality of Information - Comment 2) Multiple people is relevant, but its easy to misunderstand 3rd hand stories. I think the fact finding phone call cleared that up, otherwise OP would have said so? Sometimes I need to talk about what Ive heard or am excited about something I did which made a significant improvement to someones life, but I have to talk about that in a way that doesnt risk identifying the person at all. When an employer says something is confidential, take it seriously If a breach is proved, the employee may be liable for hundreds of thousands of dollars in damages Howard Levitt Published Aug 01, 2019 Last updated Oct 28, 2019 4 minute read Join the conversation The OP would be better off to own up to her mistake and her mistaken thinking in saying/writing/texting the information, say what she learned from it, say how she would plan to deal with a similar situation about exciting confidential information if this ever happens again, and conclude by saying that it was 100% her own fault, that she doesnt blame the organization, the manager, or her coworker, that she understands that she put her coworker in a horrible position, and that she will NEVER do anything like that EVER again. It was spur of the moment and, as soon as I realized what Id done I circled back to her to clarify that that information was confidential. Thats not really a response to the OP but more a pushback on some the comments. And Im pointing out that it wasnt a record at all. Perhaps the email was intended for a client in which case the clients data is at risk and the sender has inadvertently committed a data leak. I want to push back hard on this, the coworker is not a rat. (Also the NASA leaker didnt get fired. That, and I never slapped another plucky again.

Is Tony Gonsolin Married, Ramsey Funeral Home Obits, Articles C