A new code explains how employers can keep an eye on their workforce without contravening data protection rules
The Information Commissioner published the third part of the Employment Practices Data Protection Code on 11 June.

The code provides guidance for employers who want to monitor workers without breaking the Data Protection Act 1998.

The code provides that:

  • employers can monitor workers when the advantage to the business outweighs the intrusion into workers' affairs, but monitoring must not be excessive and must be for a limited purpose

  • workers should be told if they are being monitored and the purpose for which information is being collected

  • any monitoring undertaken by an employer should be proportionate and relate to the business needs of the company

  • information discovered should only be used for the purpose for which the monitoring was carried out unless it reveals an activity that no employer could reasonably be expected to ignore. Only senior management may authorise the use of personal information obtained through monitoring for a new or different purpose

  • information discovered should be kept secure, which may mean only letting one or two individuals have access to it

  • employers should be careful when monitoring personal communications

  • employers should adopt methods of monitoring with the least adverse impact on the privacy and autonomy of employees

  • if the information collected reflects badly on an employee, he or she should be presented with the information and given an opportunity to explain or challenge it before it is used against them.

    Employers considering monitoring a worker should always carry out an "impact assessment". This will allow the employer to judge whether a monitoring arrangement is proportionate to the problem it seeks to address, and whether any adverse impact on monitoring individuals will be justified. The employer should consider the amount of intrusion into the private life of the worker and alternatives to monitoring such as new methods of supervision, effective training, clear communication from managers or automated monitoring.

    The code also covers covert monitoring, which should be considered only in exceptional circumstances such as the prevention or detection of crimes or malpractice. Covert monitoring will always require the authorisation of senior managers.

    To ensure compliance with the code, employers should seek the consent of all employees to their activities being monitored from time to time. They also need a clear policy setting out the circumstances in which employees may or may not use the employers' telephones, email system and internet access, as well as the existence of and purpose of monitoring.

    • Source

    Housing Today

    Postscript

    Amanda Harvey is a partner and head of employment at legal firm Devonshires amanda.harvey@devonshires.co.uk