Two police call handlers working for Derbyshire Constabulary have been charged with misconduct in public office after allegedly accessing sensitive police data and passing it to criminals, in a case that has reignited concerns about insider threats and data security within UK policing.
Jessica Fitzhugh, 22, of Belper, and Ellie-Mae Doherty, 21, of Ripley, are accused of unlawfully accessing police systems during 2023 and 2024 and sharing confidential information with unauthorised third parties. The charges follow an investigation overseen by the Independent Office for Police Conduct (IOPC).
According to the watchdog, both women are alleged to have accessed data without a legitimate policing purpose, disclosed sensitive material to individuals outside the force, and failed to declare associations with people involved in criminality. Fitzhugh faces an additional allegation of taking unauthorised images of data held on police systems.
AD: Capeesh Restaurant
The charges were authorised by the Crown Prosecution Service (CPS) on 23 March following the submission of a file of evidence at the conclusion of the investigation. The pair are due to appear before Leicester Magistrates’ Court on Friday 24 April.
Allegations Of Insider access and disclosure
AD: Oysterian Sea Food Restaurant And Bar
The case centres on alleged misuse of police databases—systems that contain highly sensitive information including personal details, intelligence reports, and operational data. Access to such systems is tightly controlled, with strict rules governing when and how information can be viewed or shared.
Investigators allege that Fitzhugh and Doherty breached these rules repeatedly over a period spanning at least a year. The suggestion that confidential data may have been passed to individuals linked to criminal activity has raised particular concern, given the potential risks to ongoing investigations, victims, and witnesses.
The IOPC confirmed that the investigation was triggered by conduct referrals from Derbyshire Constabulary in December 2023 and March 2024. The force’s Counter Corruption Unit carried out the inquiry under the watchdog’s direction and control.
While details of the alleged disclosures have not yet been made public, cases of this nature typically involve information such as suspect identities, vehicle records, or intelligence logs—material that, if leaked, could enable criminals to evade detection or interfere with police operations.
Growing Focus On police corruption risks
The charges come amid heightened scrutiny of corruption risks within UK police forces, particularly those involving the misuse of data by insiders. While the vast majority of police staff adhere to professional standards, watchdogs have repeatedly warned that even a small number of breaches can have serious consequences.
Misconduct in public office is a common law offence that applies to individuals in positions of trust who wilfully neglect their duties or abuse their position. In policing contexts, it is often used in cases involving corruption, unauthorised disclosures, or improper relationships with criminals.
In recent years, several high-profile cases have highlighted the vulnerability of police systems to insider misuse. These incidents have ranged from officers accessing records for personal reasons to more serious allegations involving the leaking of intelligence to organised crime groups.
Data published by oversight bodies has indicated that hundreds of cases of alleged police corruption or misconduct are referred annually to the IOPC and internal professional standards departments. While only a fraction result in criminal charges, the number of investigations involving data misuse has shown a gradual increase, reflecting both improved detection and the growing importance of digital systems in policing.
The misuse of police data is not a new issue, but it has taken on greater significance as law enforcement becomes increasingly digitised. Modern policing relies heavily on interconnected databases, real-time intelligence sharing, and rapid access to information. While these tools enhance efficiency, they also create new risks.
Previous cases have demonstrated how unauthorised access to police systems can be used for a range of improper purposes, including: checking information about friends, family, or acquaintances, passing intelligence to criminal, selling data for financial gain, or interfering with investigations.
In some instances, individuals have been convicted of serious offences after leaking information that compromised police operations. In others, misconduct has been dealt with through internal disciplinary proceedings rather than criminal courts.
The latest case is likely to intensify concerns about how effectively police forces monitor and control access to sensitive data. Systems typically include audit trails that record who accesses information and when, but detecting misuse can still be challenging—particularly if individuals have legitimate access to the systems they exploit.
The involvement of the IOPC underscores the seriousness with which the allegations are being treated. The watchdog has the power to independently investigate the most serious complaints and conduct matters involving police forces in England and Wales.
In this case, the investigation was conducted by Derbyshire Constabulary’s Counter Corruption Unit but under the direction of the IOPC, ensuring external oversight. This model is often used in complex cases where independence and specialist expertise are required.
The decision by the CPS to authorise charges indicates that prosecutors believe there is sufficient evidence for a realistic prospect of conviction and that prosecution is in the public interest. However, the charges remain allegations at this stage, and both defendants are entitled to a fair trial.
Cases involving alleged leaks to criminals are among the most serious forms of police misconduct, as they strike at the core of public trust. The effectiveness of policing depends not only on operational capability but also on the confidence of the communities it serves.
When sensitive information is mishandled, the consequences can extend beyond individual cases. Victims may lose faith in the system, witnesses may become reluctant to come forward, and investigations may be compromised.
This case continues to raise questions about vetting, supervision, and training within police control rooms. Call handlers and other civilian staff play a critical role in policing, often acting as the first point of contact for the public and handling large volumes of sensitive information. Ensuring that these roles are subject to robust safeguards is essential.
Official reports have consistently shown that data misuse and unauthorised access are among the most common forms of police misconduct investigated in the UK.
According to previous IOPC and Home Office data ,thousands of conduct matters are recorded annually across police forces. A smaller subset—typically in the hundreds—involves potential corruption or abuse of position.
Cases resulting in criminal charges remain relatively rare but are treated as high priority
The increasing reliance on digital systems has contributed to a rise in recorded incidents, as audit mechanisms make it easier to detect unauthorised access. At the same time, the sheer volume of data handled by police staff means that opportunities for misuse have also expanded.
Fitzhugh and Doherty are scheduled to appear at Leicester Magistrates’ Court, where the charges will be formally put to them. The case may then be sent to the Crown Court if deemed sufficiently serious.
Further details of the allegations are likely to emerge during court proceedings, including the nature of the information allegedly accessed and the identities—or characteristics—of the third parties involved.
The charging of two Derbyshire Constabulary call handlers over alleged leaks of confidential data marks a significant development in ongoing efforts to tackle corruption within policing. While the case is still at an early stage, it highlights the risks posed by insider threats and the importance of robust oversight mechanisms.
AD: Heritage And Restaurant Lounge Bar