Re: Black and white or various shades of grey?
That is a really dangerous definition since it can be overly broad. Now imagine you view some website via deep link from google but it was unintentionally posted and you were not authorized to access that data. According to your definition, you should be charged. Your definition would be similar to charging someone with burglary because they read the wrong file in a cabinet they had keys to.
A better way to think of it would be if she had to guess a password or borrow someone else' access to get that info. She didn't do that, she simply used the login she used as a part of her job to browse data the system saw no problem in giving her.
If she should not have accessed the data the system was fine with giving her then that is an administrative problem between her and her employer, or a breach of some other regulation since she never misused the computer.