Row over data security and bullying settled out of court

Grievance began with allegations of confidential files being accessed. Melanie Newman reports

July 30, 2009

A professor who claimed that computer files containing sensitive information were accessed without her authority has signed a compromise agreement with her university shortly before a High Court hearing was due to take place.

Donia Scott, a professor of computational linguistics at The Open University, studies confidential medical patient records, access to which must be strictly controlled.

In 2007 she made a formal complaint to the university secretary that her research data files, which were stored on the university's servers and included more than 20,000 medical records, had been accessed and amended without her consent.

Times Higher Education understands that the complaint followed an earlier incident in which she alleged that her email account had been accessed by an administrator.

The OU has said that, having investigated the claims, it was "confident that the data was not accessed by any unauthorised person".

However, Professor Scott claimed that she had been victimised for having made a complaint.

In February 2008, Professor Scott filed a grievance with the vice-chancellor, Brenda Gourley, against managers whom she accused of failing to deal properly with the issue.

The vice-chancellor appointed two external investigators to examine separately the bullying claims and the computer security issue.

In September, Professor Gourley ruled that all Professor Scott's complaints were invalid, but gave her the option of an appeal to a grievance committee, which she accepted.

The vice-chancellor later explained that the appeal would review only her own decision and would not hear the complainant's entire case.

In response, Professor Scott said that she needed a full hearing because some of her allegations had been excluded from earlier inquiries.

Professor Scott applied for a court order requiring a full hearing, which the university then agreed to hold. She subsequently filed an application for a court order to have the composition of the original grievance committee changed.

The two parties are understood to have agreed to settle the case earlier this month, shortly before the High Court was due to consider this latest application.

On 12 July, the university's human resources director sent an email to staff in the mathematics, computing and technology department saying that Professor Scott had left the university by "mutual agreement".

An Open University spokeswoman said that the university could not comment on the internal grievance case.

But she added: "Medical data required for certain research projects here were held on a separate, secure server. A small team of researchers had authorised access to the data. After extensive investigation, the university is confident that the data were not accessed by any unauthorised person."

She added that the research projects that used the data were now complete, and that the server in question had been decommissioned.

Register to continue

Why register?

  • Registration is free and only takes a moment
  • Once registered, you can read 3 articles a month
  • Sign up for our newsletter
Please Login or Register to read this article.