A Summer-y Summary: Employment Law and HR Update

Data Privacy Matters

Breaking news: maximum sanctions for Facebook

ICO intends to fine Facebook £500k for recent data breaches involving Cambridge Analytica (which used data collected through Facebook). It found that Facebook failed to safeguard people’s information and be transparent about how people’s data was harvested by others. This is the maximum fine under the old data protection law (which was still in force at the time of the breach).

ICO action taken for data breaches: fines of £325k & £120k plus other exposure for Dixons Carphone

The CPS has been fined £325k after losing DVDs containing sensitive victim interviews. They were sent to another CPS office using tracked delivery. They were not encrypted and tamper-proof packaging was not used. The package was left at reception. Additionally, the loss was not noticed for some time.

University of Greenwich has also been fined £120k following a security breach. It involved their systems being hacked, resulting in almost 20k people’s personal and sensitive information being accessed; that included staff sickness records and details of students’ learning difficulties being leaked into the public domain.

Multiple attackers managed to gain access to a microsite, which was not in use but had not been shut down or secured.

It’s worth noting:

Following a hacking attempt in 2017, Dixons Carphone has admitted a data breach involving circa 5.9m payment cards and 1.2m personal data records. The Company only recently discovered the breach (i.e. on or around June 2018). This follows a £400k fine levied on Carphone Warehouse in 2015 for a similar situation.

ICO is investigating the incident to decide whether any relevant data breach should be dealt with under the Data Protection Act 1998 and/or current legislation. The latter has greater sanctions. It is a likely outcome since ICO is concerned that the hack was only recently discovered and timely action was not taken.

So, what can you do to keep data safe, from an employment perspective?

• Consider the risks and consequences of material being lost or stolen before taking any action. Use the safest appropriate method for transfer. Discuss such factors and identify what is best for your business with the management team and your nominated data privacy lead.
• Encrypt sensitive material before transfer. Retain a copy and store it securely. This will involve liaising with your IT department and other teams.
• Maintain a detailed audit trail of any data to be transferred, moved or shared (particularly to a third party or off site). The recipient should confirm receipt. Managers should keep records.
• Ensure hackers cannot access your systems. Don’t forget old websites or databases. These should be secured or shut down by your IT lead.
• Staff training is vital. Meaningful policies and procedures ensure staff know what is expected and reduces risk. The above is pointless if not followed by staff.

Disability Discrimination – yes, it’s still proving to be costly

Knowledge of disability (but not symptoms) sufficient

A teacher Mr Grosset (“G”) has been awarded some £646k. G has cystic fibrosis. Following an increase in workload, G suffered from increased stress. As a consequence, he showed a class of 15/16-year olds an 18-rated film, and was dismissed for that. The Court of Appeal ruled that G had been discriminated against because of something arising in consequence of his disability. G was dismissed because he shared the film, but that arose due to his disability.

Menopause can be a disability

An employee has been awarded more than £19k. Ms Davies (“D”) suffered significant peri-menopausal medical problems. She was prescribed medicine for an infection. This was added to her water jug, which she drank from. However, by mistake two court attendees drank water from her jug. D could not remember at the time whether her medication had been added. She was dismissed for gross misconduct by the Scottish Court and Tribunal Service. The Employment Tribunal surmised that D had been unfairly dismissed and discriminated against on grounds of disability.

Metropolitan Officer receives >£869k for discrimination

C.I. Denby (“D”) led a team which had a poor diversity profile: concerns had been raised about under-representation of women. An investigation was instigated by a female superior. D was removed from command, placed on restricted duties and ultimately lost the chance of progressing his career. The Employment Appeal Tribunal upheld findings of sexual discrimination. He had been treated harshly in comparison with a woman in a similar position.

Additional Knowhow

The status saga continues

I will keep it brief. There have been two decisions of which employers need to be mindful. One is the Addison Lee Ltd v Gascoigne decision by the Employment Appeal Tribunal and the second is the Supreme Court ruling in Pimlico Plumbers Ltd and Mullins v Smith. In both cases the contractors were found to be workers, which unfortunately gave rise to additional and costly employment rights in the workplace. Whilst the cases are fact sensitive it’s strongly recommended advice be sought regarding any contractors you may use so as to avoid the same fate. By the way, it has recently been decided that 50 Deliveroo drivers will share a six figure payout. They were denied the legal minimum wage and not paid holiday pay as Deliveroo incorrectly labelled them self-employed contractors.

Acas publishes …

New religion and belief guidance to prevent discrimination, as well as a World Cup guide; it’s not too late! Go England!

Presenteeism record high

The number of organisations observing presenteeism according to a CIPD/Simplyhealth survey has increased from 26% in 2010 to 86% in 2018. This is staggering. Presenteeism should be managed as part of a healthy workplace. It’s also usually associated with common mental health conditions. A failure to do so ultimately leaves your organisation at risk of claims, poor performance and disengagement, which all affects the bottom-line.

If you need practical solutions on how to deal with such issues we are here to assist.