Identifying staff actions as criminal is beset with difficulties.
Access to confidential data may be legitimised in employees' job descriptions. The act of copying sensitive data may not necessarily leave a 'footprint' on the system, and such copies can then be exported from your organisation by e-mail or by removable media without leaving a trace. The effects of outright malicious data destruction are obvious, but the computer entry process of so doing may have seemed routine. Refer also to Legal Safeguards against Computer Misuse.