How private is your e-mail?
PUBLISHED: 10:09 27 January 2006 | UPDATED: 09:30 06 May 2010
THERE are always problems-a-plenty for everyone at work, and no more so than if you are their employer. Trying to check up that the staff you are paying to do a job are actually working – and not skiving – is now an awful lot more difficult than it ever
THERE are always problems-a-plenty for everyone at work, and no more so than if you are their employer.
Trying to check up that the staff you are paying to do a job are actually working - and not skiving - is now an awful lot more difficult than it ever used to be.
And while you might be sorely tempted to ensure that every single one of your employees is working as hard as is humanly possible by monitoring their phone calls or even their e-mail use, a new code of practice gives all workers the right to privacy at work now.
The code in question is part three of the Employment Practices Data Protection Code which, in conjunction with the Data Protection Act 1998, imposes obligations on all employers about how they deal with the data that they hold on their employees.
The aim is to make absolutely certain that new technology is not abused by people's employers, and includes some important new guidance on what you can, and cannot do, to check up on what your employees are actually doing while they are at work.
And if you get caught out the price can be pretty high - you can be prosecuted - and you could also find yourself in a situation where you may be liable to pay them compensation.
So, exactly what can you do to make sure that you comply with the law?
The main risk to you as the employer is that it is extremely easy to 'unwittingly' fall foul of the code, and your route to compliance will be to undertake 'an impact assessment'.
This means that before you even consider any kind of monitoring at all, you have to ask yourself why it appears to be necessary, assess the potential impact on every single one of the employees' concerned, and then ensure that if you do eventually decide that you must monitor, that you are not doing any more than is deemed necessary and that you are doing it for sound businesses reasons.
So, just for example, if, like many other companies, you have software which alerts a manager when a server accesses 'improper' websites, you must make it very clear that this monitoring is not in fact for checking up on who is surfing when they should be working, but instead is solely for the purpose of protecting the staff in your workplace against offensive or discriminatory images and you should tell them this.
All monitoring has, of course, to be justified, and the benefits and impact of monitoring must be balanced, so as not to infringe on the private lives of your workforce.
Using the phone or internet for personal use during the company's working hours might be something the company you work for frowns upon, but you must remember that any type of personal communication should not normally be monitored.
If you want to clamp down on this and comply with the regulations, then you must provide your employees with a facility to make and send unmonitored private telephone calls and e-mails, and also the ability or provision to distinguish between what are personal and what are professional communications.
Any monitoring that you do carry out must not be intrusive at all, so if you do need to keep an eye on what your staff are getting up to you should use spot checks and audits rather than attempt to use continuous monitoring.
Every good business really ought to have clear policies on e-mail, internet use and telephone use.
If companies don't have such policies in place, then now would be an excellent time to sort them all out.
These company policies should define what is allowable use, what is definitely not allowed, and also really ought to state what monitoring is carried out, and what sanctions may arise from any breach of these company policies.
If you want more information on the code, go to www.dataprotection.gov.uk