Privacy in the Workplace: 5 Tips for Employees

Emma Crupi Category-01


Facebook
Twitter
LinkedIn
Share
Colourful background overlayed with hands typing at a computer and lock and key symbols across the image

Best practice employers understand the importance of keeping their employees’ personal information confidential. They have clear procedures in place that outline what information the company can gather and maintain, and when it can be shared with others.

What is Employee Privacy in the Workplace?

Consider privacy to be your ability to keep personal information to yourself and to regulate what occurs if you share it with others.

Personal data is any information that can be used to identify a person. The following list includes some examples:

  • Names
  • Addresses 
  • Phone Numbers
  • Email Addresses
  • Driver’s License, Pictures
  • Bank Account Information
  • Tax File Numbers
  • Superfund Information
  • Academic Records

Personal information, such as a person’s health, sexual orientation, religious beliefs, criminal past, and professional or trade union memberships, may be considered sensitive information. The Commonwealth’s privacy laws set a higher bar for accessing and handling personal information.

Workplace privacy refers to any confidential information encountered while conducting business and within the workplace. There are three major types:

  •  Consumer Personal Information
  • Managers’ Collection of Personnel Information
  • Proprietary Information

What are Employer Privacy Obligations?

All companies are required by the Fair Work Act 2009 to protect the privacy of employee and client personal information in their records.  

Personal information collected at your place of business must be kept secure. A data breach could have major ramifications for both your company and the individuals affected. 

The Privacy Act of 1988 outlines the Australian Privacy Principles, providing established guidelines for gathering, storing, using, and disclosing personal data and information. 

The principles apply to all private health service providers, a limited number of small businesses, and businesses with $3 million or greater annual revenue.

If your company falls into one of these categories, you must have a privacy policy.

Tips for employees

Establish clear policies

Create clear policies outlining the types of information that your business may collect, retain, and share with others. This is the most critical step in protecting sensitive data.

hussetHR can assist your business in creating a privacy policy.

Establish clear expectations around electronic communications, social media, and the use of monitoring tools

The internet, email, social media, and employer-supplied devices (such as smartphones and tablets) have an impact on many elements of our working lives, including privacy.

Establish clear expectations for your employees regarding electronic communications and social media use so that they are aware of their responsibilities in terms of protecting private information. Employers who follow best practices have clear workplace regulations in place to help employees understand these expectations.

Some key points to communicate to your employees are:

  • Electronic communications and social media are not private.
  • The business can delete data and information employees have entered into its systems at any time.
  • What is and isn’t acceptable use of email, social media, and the internet at work.
  • Not to disclose personal information about customers or colleagues (including images of them) via social media, email, or other mediums.
  • The business monitors compliance with its privacy, social media, and acceptable usage policies.
  • What information is recorded and kept by the business (such as the content and patterns of employees’ emails and browsing activities, or location information), and who has access to these records.
  • What areas, if any, are under surveillance (including CCTV and drones), and who has access to the information.

Outline your commitment to protecting information

Detail to all new and current workers how their information is gathered, stored and shared in order to demonstrate the company’s commitment to preserving personal information and to assist in creating employee confidence and trust in the organisation.

Train your staff

After establishing the foundations, it is critical to inform and train your staff and managers about privacy issues and the seriousness of a data breach.

Human error continues to be a major source of data breaches. Often, data breaches occur as a result of an email containing personal information being sent to the incorrect recipient. Alternatively, an employee may misplace a gadget containing personal data. While training personnel on how to avoid accidentally emailing the wrong recipient is beneficial, training should also address what to do in the event of a mistake, including the internal escalation procedure. Similarly, employees should be instructed on how to handle company-issued devices, including the reporting mechanism in the event an employee loses the device, or if the device is stolen.

Prepare and implement data breach response plans 

Handling a breach is a complicated issue; different procedures should be followed depending on the type of breach and the type of information compromised. A data breach response plan should detail the company’s procedures for responding to and containing a data breach. Having a clear data breach response strategy in place that outlines how employees should respond in the event of a data breach will aid your business during the critical first hours following the breach.

For further advice and to ensure your business is protected, contact us at hussetHR. 

Where does Human Resources Come into This?

We offer HR Outsourcing Services

Employers who follow best practices recognise the necessity of maintaining privacy in the workplace. They have established clear processes that outline what information the organisation can collect and store, as well as when that information can be shared with others.

At hussetHR, we empower managers and employers to make decisions and assist them in reaching their company’s objectives. We apply Fair Work compliance methods, so you don’t have to guess when it comes to privacy legislation and policy. We can help you develop clear systems and policies outlining the types of information that your business may collect, retain, and share with others, as well as prepare and implement data breach response plans.

When determining the optimal solution for your company, it is advisable to get experienced HR advice. hussetHR is always available via phone or email and ready to advise you on the best course of action.

Call us today at 1300 487 738

Follow us on social media for more HR tips.