Employers have attacked the final draft of the data protection code on
monitoring which requires companies to inform the police if they want to
monitor staff covertly.
Police involvement in any covert workplace monitoring is one of a number of concerns
over the code’s complexity, length and content.
Organisations are meeting with the Information Commission today in a final
bid to influence the guidance.
Diane Sinclair, lead advisor on public policy at the CIPD, who will be
attending today’s meeting, claimed the draft does not strike the correct
balance between protecting staff data and the employers’ right to monitor.
"Employers should be able to do some covert monitoring and involve the
police once a criminal act has been identified," she said.
In its present form, the code will mean employers have to inform staff every
time they monitor them. If firms need to carry out covert monitoring they will
have to complete a form explaining why this is necessary.
Under the code employers will not be able to monitor covertly to combat
harassment complaints because it is not a criminal offence, according to
The CBI also believes significant changes need to be made to the draft code
if it is to be useable and relevant for employers.
Susannah Haan, legal adviser at the CBI said: "It [the Information
Commission] sees monitoring as a negative action and looks at the positive
aspects, such as protecting employees, customers and the business. It is
overkill to expect employers to put together a case every time they want to
covertly monitor staff."
Francis Wright, HR director at SHL agreed. She said: "It should not be
compulsory to get the police involved for all cases."
What HR needs to know about he draft code:
– Employers will have to complete a
form to justify covert monitoring of staff, outlining why they suspect criminal
– Police need to be informed and involved in all covert
– Staff will have to sign up to an access code and agree to a
firm’s online policies before logging on
– Employers must inform staff every time they are being
Key questions answered
Why is today’s meeting critical?
It is the last chance for employer bodies, including the CIPD,
to influence the shape of the controversial monitoring code
What is the code?
The code is employer guidance on how to comply with the 1998
Data Protection Act, which came into force in October last year
When will it be released?
The code on monitoring is due to be published in a few weeks.
The code’s first chapter on recruitment was released last month and the section
dealing with employment records will be out in the next two weeks. Once all
codes are published, a hard copy version will be available
Will staff have to be notified every time they are monitored?
The code states that staff should be notified ‘periodically’.
The Information Commission said this means ‘on a regular basis’ and can be
delivered via a variety of forms: payslips, e-mails or staff newsletters were
cited as possible examples
Can organisations be prosecuted if they breach the code and
Data Protection Act?
The commission will investigate a company for non-compliance if
a staff member complains. If the company is in breach of the Act, the
commission will ask the firm to review its policies. If no action is taken the
commission has the power to issue an enforcement act. If the company fails to
respond it will be taken to a criminal court
How big a problem is this for HR?
More than half of 300 HR professionals polled by IRS report
that data protection is the employment law issue that has challenged them most
over the past year