A Full Bench of the Fair Work Commission has granted permission for an employee to appeal an unfair dismissal based on “public interest” as the case raised “important, novel and emerging issues” concerning personal data, security and fingerprint scans.
Yes, fingerprints – familiar from forensic procedurals and one of a range of biometric measures used to monitor employee movements. In this particular case, the employer advised employees that they were introducing this technology for signing in and out of work. One employee refused as he was concerned that his biometric data would be accessed, sold or used against him. Despite responses from his manager regarding security, he still refused and was consequently terminated 12 weeks later.
This case and subsequent appeal are significant as they will allow the Full Bench to review what personal data employers can request from their employees in a time of increased fear around data collection, breaches and privacy.
As individuals become better educated on the threats against cybersecurity and the damage that can occur from identity theft, it raises the question: at what point can an employee refuse to share personal data with an employer without the risk of dismissal?
As we have seen with the government’s My Health Records and the significant number of ‘opt-outs’, people don’t trust organisations to keep their personal data safe. How many organisations can give assurances that personal data will be secure at all times?
No organisation can give a 100% guarantee that they won’t be hacked, but they should put every reasonable protection in place to make that data secure. Employment contracts, induction training and policies should clearly state reasons for data collection.
With younger, tech-savvy generations in the workforce, many companies are looking at adopting a Bring Your Own Device (BYOD) policy, including personal phones and laptops. These policies present another area for review. Smartphones today are more than a techno- logical tool. They can hold all of an employee’s private data, medical and financial records – even their fingerprints! If an organisation asks employees to use personal devices to access corporate data, policies and processes should be in place so they are clear on the employer’s rights to access the device and its data.
Building trust and proceeding reasonably are critical when an employer is exercising its rights to collect information. If you have a workplace culture built on communication and trust that properly informs employees when, why and how you collect their personal data, you should experience minimal resistance.
Whatever personal data you collect, keep these rules in mind:
If you collect data or monitor your employees, you should communicate clear workplace policies to avoid repercussions should an unfair dismissal claim arise. Have a policy for email and internet use, social media drug and alcohol testing, and personal data collection.
Whether fingerprint scans or health records, handling employees’ personal data can be a grey area. Review your methods of collection, the purpose of the data and the security measures adopted. Bring in relevant departments that have a role in protecting the privacy of employees. If in doubt, get professional advice on whether your current processes are best practice and would stand up in court if challenged.
If this article has raised any issues for your business, get in touch on 1300 565 846 or info@ablawyers.com.au.
Stay Informed
Subscribe to our mailing list to get the latest news, webinar invites, & more.
All fields are required
