|OVERVIEW OF THE DATA PROTECTION ACT
The Data Protection Act (DPA) was introduced to give people access to information held about them and to have the right to have it corrected (or deleted altogether) where necessary. The Act therefore regulates when and how information relating to individuals may be processed. At its core is the concept of “personal data” which applies to a very wide range of personal information.
What is personal data?
Personal data is any data (including photographs) from which living individuals can be identified. It applies to information held on computer as well as data in manual files, if they form part of a “relevant filing system”. This means records relating to individuals (such as personnel records) which are structured in such a way as to allow ready access to specific information about them.
The Data Protection Act is concerned with four types of data in all – automatically processed information; data forming part of a relevant filing system; data forming part of an accessible record (such as a health record); and data recorded by a public authority.
What is processing?
Processing is defined as obtaining, recording, holding or carrying out any operation on the data.
Before processing an employee’s personal data, employers have to first obtain their consent. They then have to show that the processing is necessary to comply with a legal obligation (whether contractual or non-contractual); to protect the employee’s interests or some other legitimate interest.
What are the principles governing processing?
When processing data, employers must comply with the following principles:
- the data must be processed fairly and lawfully
- it should only be obtained for specified, lawful purposes
- employers should have a reason for keeping it
- it should be accurate and up to date
- it must not be kept longer than necessary
- it should be processed in accordance with the DPA
- it should be kept secure at all times
- it must not be transferred to a country outside the European Economic Area unless the information is adequately protected
Who are data controllers, data subjects and data processors?
The Act refers to a person or body such as an employer who holds personal data and decides why and how any personal data are to be processed as the “data controller”. The data subject is the individual who is the subject of personal data.
The data processor is anyone (other than an employee of the data controller) who processes the data on behalf of the data controller. Data processors are not directly subject to the Act but most (if not all) data processors are data controllers in their own right for the processing they do for their own administrative purposes, such as employee administration or sales.
What is sensitive personal data?
The Act defines personal data as sensitive when it refers to someone’s racial or ethnic origins; political opinions; religious or other beliefs; trade union membership; health; or sexual orientation.
When can employers process sensitive data?
Employers can only process sensitive data in the following defined circumstances:
- if the data subject gives their consent (which can be implied)
- if required by law
- in connection with legal proceedings
- for the administration of justice
- for the purpose of equal opportunities or ethnic monitoring
- for medical purposes
- to protect an employee’s vital interests but the data controller cannot get their consent for certain, specified reasons
- if the individual has already deliberately made the information public.
What is “subject access”?
If an employee asks in writing for a copy of information held about them, this is known as a “subject access request” and employers must provide the employee with the information they want. Within 40 days of receiving the request, the employer has to tell them in writing that they have complied, or if not, why not. They may charge a fee of up to £10.
Under section 56 of the DPA, it is now a criminal offence for employers to “require” job applicants or existing employees to make a subject access request to obtain information about any convictions or cautions they may have and then provide it to the employer. Instead if the employer wants to access someone’s criminal record they must use the criminal records disclosure regime.
CLEAR AND UNAMBIGUOUS
Employers can reserve the right to amend the terms and conditions of employees’ contracts, but according to the decision of the Employment Appeal Tribunal (EAT) in Norman and Douglas v National Audit Office (NAO), the right has to be established in a way that is clear and unambiguous.
Prior to starting their employment at the NAO, the claimants received an offer letter which stated, in clause two, that their terms and conditions were “subject to amendment”. The HR manual, which contained details of those terms, was incorporated into their contracts. The manual also contained a section entitled “Settlement of disputes” which stated that the NAO would make every effort to reach agreement before implementing any changes whilst negotiations were taking place unless management considered the changes to be essential to the operation of the NAO.
Following a review of their terms and conditions in 2012, the NAO entered negotiations with the PCS union. However, it then decided to impose a number of new terms, including a reduction in paid sick leave and privilege leave to which the union and individual employees had not agreed. Ms Norman and another colleague submitted a test tribunal claim asking for statements of main terms and conditions.
Holding that the issue was whether or not the NAO was entitled to vary the terms and conditions by virtue of clause 2 of the appointment letters, the tribunal found that the NAO was unilaterally entitled to do so.
Although this right was subject to the implied term of mutual trust and confidence, this had not been breached as the NAO had engaged in numerous meetings with the union as part of negotiations to agree the changes. It was only once it was clear that an agreement was not possible that the NAO notified employees that the changes would be imposed.
The EAT disagreed with the tribunal, holding that the meaning of clause 2 came nowhere near the standard needed to “reserve the right to amend unilaterally”. Instead the clause simply pointed to the fact that the terms could be amended and that employees would be notified of any amendments. There was nothing to indicate whether the employer had the right to vary the contracts without the consent of the individual employee or the trade union as a result of negotiation.
It also held that the chapter dealing with the settlement of disputes in the manual was not incorporated into the contracts of the employees as it was not a particular of a condition of service. Even if it was incorporated, however, the NAO had made clear that it took the decision to impose the variations because of its frustration with the union, not because it was essential to the operation of the NAO and there was no contractual right to vary in those circumstances.
When establishing that an employer has been negligent, employees have to show that the injury was reasonably foreseeable. In Easton v B&Q plc, the High Court ruled that an employee’s depression caused mainly by occupational stress was not reasonably foreseeable as he had no history of psychiatric or psychological problems.
Mr Easton, a senior store manager for B&Q, was seconded to the company’s head office in 2007 to lead a team implementing a structural change in its range of products. In July 2008 he was appointed as the manager of the Romford store to oversee a substantial refurbishment. Both projects were completed successfully. By early 2010 he was earning about £105,000 but was also working very long hours.
After being passed over for promotion for a second time, Mr Easton went off sick in May 2010 and was diagnosed with depression. He returned to work in September 2010 on a phased basis but on 7 October (after only four days in the role) he was offered a vacancy for a temporary manager in another store. He went to his GP the following day complaining of feeling pressured to take up the temporary post and was signed off sick again. Apart from another unsuccessful attempt to return to work in January 2012, Mr Easton did not work for B&Q again.
Mr Easton claimed that his illness was caused by occupational stress resulting from the negligence of B&Q and/or a failure to carry out a risk assessment. He also claimed that the company’s failure to manage his return to work in September 2010 caused him to relapse. B&Q accepted that he was suffering from a psychiatric illness caused mainly by occupational stress but that it was not foreseeable.
The High Court judge held that Mr Easton’s first breakdown was not foreseeable as he had no history of psychiatric or psychological problems. Not only was there nothing about him to suggest to the company that he might suffer psychiatric illness, there was nothing about store managers in general which might give rise to foresight of such a risk.The company also acted reasonably after his first breakdown by offering him a phased return to work. Likewise, it was not a breach of the company’s duty to Mr Easton when it made him the offer of the post of temporary manager on 7 October. Just because B&Q knew he was vulnerable did not mean they were automatically liable for any psychiatric illness that he might subsequently suffer.
Even if B&Q had carried out a risk assessment, it would not have made any difference. There was no history in B&Q of store managers suffering from psychiatric illness and until early 2010 Mr Easton himself would have denied that he was under stress. The staff handbook made clear that staff must talk to their manager about feeling stressed, which he did not do. Nor did he manifest any of the signs of stress set out in another company document until he was actually suffering from a psychiatric illness. By that stage, it was too late for his employers to take action to remedy the situation.
[Back to contents]
A report by Price Waterhouse Coopers has found that the largest proportion of European strategic leaders are women over 55.
The survey, entitled “The hidden talent: Ten ways to identify and retain transformational leaders”, shows that fewer than one in 10 leaders have the capabilities, attributes and mind sets to lead transformational change and solve challenging problems.
The report found that currently only eight per cent of professionals have strategic leadership capabilities. These are people who generate organisational and personal transformation. They are often shaped by different experiences to their peers and see the world differently to conventional leaders. As a result, they have developed a particular type of “action logic” or leadership style that enables them to lead organisations through the most complex transformations. When a similar study was carried out ten years ago, just seven per cent of the sample were found to be strategists.
The work of strategists, according to the report, is underpinned by inquiry-based experimentation. They see both the vision and detail, employ positive language and exercise power courageously. They also understand the complexity of the environment in which they’re working and are able to employ passionate detachment. Though strategists reside in every grouping identified by the report, the largest proportion of strategic leaders were found to be women over 55.
Other groupings include individualists, constituting 33 per cent of the professionals surveyed as part of the report. These are people who interweave personal and company logic, bridge gaps between strategy and performance and are often effective in consulting roles. Achievers (55 per cent of the sample) juggle management duties and market demands. They are both action and goal orientated. Experts (7 per cent), on the other hand, rule by logic and expertise. They seek rational efficiency and are good as individual contributors.
The research for the report was conducted through a survey of 6000 European professionals’ leadership capabilities by psychometric specialists Harthill Consulting.