The Necessity of Confidential Information
As with any document that contains potentially sensitive employee data, the contents of employee surveys must be kept strictly confidential. This is not only a good business practice, but a legal necessity as well. While most merit based employee policies require some kind of personal data collection for statistical analysis and fair consideration, a survey on the day to day activities and experiences of employees contains far more personnel information than ever anticipated by current anti-discrimination legislation. As such, the idea of confidentiality becomes central to ensuring the privacy of employees, their safety in the workplace and proper investigation of all complaints made by them. While most employees are required to accept the terms and conditions of a survey, more at risk, is the survey manager who must maintain access to the survey strictly in accordance with pre-defined terms and conditions. Pre-defined conditions must include, among other things, confidentiality pledges stating that survey respondents will maintain confidentiality with regard to the information they gain as a result of their access to the survey data. Breach of confidentiality with regard to employee survey data can result in personal liability and exposure to heavy fines. Such breaches also tend to stir a hotbed of public scandal , which can result in significant business losses as well. Given that employee information is protected under not only employment policies, but by legislation such as the Data Protection Act or The General Data Protection Regulation (GDPR), it is essential that all survey managers strictly observe the Art. 28 GDPR regulations pertaining to personal data breaches, as well as to a right to compensations for affected employees. In addition to these two points, the GDPR also affords individuals the opportunity to pursue claims via the Right of Binding Corporate Rules, implying that all privacy policies implemented on a corporate level would be actionable in a court of law. Therefore, it is in your best interests to pay careful attention to these terms and create full awareness of the pre-defined condition that survey data be kept fully confidential. Given the amount of information contained in a typical employee survey, information including but not limited to race, sexual orientation, physical and mental health, salary scales, etc., it becomes evident that the legal ramifications associated with breaches of confidentiality are significant, impacting not only the individual(s) affected, but also the organization, on a whole.
Dealing with Sensitive Data
Example: Social Security numbers and bank account details are sensitive information. Under the Personal Information Protection and Electronic Documents Act (PIPEDA), organizations must take reasonable steps to protect personal information in their possession and ensure that any third parties to whom they disclose personal information subscribe to similar standards (s. 4.7). The definition of "personal information" is very broad and includes just about anything that an individual can look at, touch, read or receive in any form from another person.
PIPEDA requires organizations to "adopt policies and practices" to give effect to its provisions. In addition, s. 4.7.4 requires organizations to take "appropriate" security measures based upon the sensitivity of the information to be protected. In order for organizations to meet their requirement to develop policies and practices, there needs to be a clear understanding of the "sensitivity" of the information being collected in a survey. In Online Business Services Ltd. v. HMQ, the Federal Court of Appeal found that client lists and customer information are considered to be private affairs that must be kept confidential. Economic information such as sales figures, pricing, expenses, profits and customer lists is found to be sensitive information by the Court and therefore must be protected to a high standard. Also personal information such as banking details, home addresses and Social Security numbers is sensitive information which must be protected from disclosure and cyberattack. Since significant penalties and administrative fines may be imposed for disclosure of this type of information, an employer may prefer not to disclose the information. Organizations should have policies and procedures in place to dispose of any sensitive information in accordance with PIPEDA including destruction and erasure of all sensitive information in a manner that prevents improper disclosure of personal information.
Employers are also required to provide individuals with notice about their privacy practices, including the collection, use and disclosure of personal information. Privacy notices with respect to surveys should include additional objects to include information about what the surveys entails, the types of information which are being collected, the collection format and the purposes of the collection. The notice should be as specific as possible while remaining general in nature. It should also identify the legal authority under which the survey is being conducted. Consent consents to the collection of information through a survey does not require written consent. An employer may obtain an employee’s consent to collect and use their personal information through the course of employment policies where consent is implied to be given in the normal course of carrying out employment responsibilities. Hence, it is important that the collection of information through an employee survey does not obligate an employer to provide more information to a recipient than can be justified on the basis that it is required for the survey or to carry out the object of the survey.
An employer is not required to inform employees about personal information privacy practices if the survey is authorized by law or court order. In instances where an employee objects to the disclosure of personal information, the organization must limit the disclosure of the information to only that which is reasonably necessary to achieve the purposes of the survey.
Anonymity and Legal Risks
The cornerstone of any well-designed employee survey is the employees’ confidence that the results are truly anonymous. Surveys are often a necessary tool to gauge how employees feel about their employer and workplace. They can also be a highly useful, if not critical, tool for the employer to solicit information from its employees about any number of topics. The anonymity of employee responses to the survey instrument is essential to getting useful information from the survey. If the employer does not maintain that anonymity, the employees may not respond or may provide the employer with less than candid responses. For some survey instruments, say regarding sexual harassment training, anonymity of the survey instrument may be especially crucial.
However, anonymity can have legal risks. It should be understood that the anonymity of the employee cannot always be guaranteed—certain circumstances may require that the anonymity must be pierced. There are whistleblower and anti-retaliation laws that place an employer in a situation where it may be necessary to violate the anonymity of an employee. There are also laws that require an employer to provide information regarding a complaint to the accused perpetrator if disciplinary action is necessary. Care should be taken to analyze the legal risks and duties before determining whether to maintain an employee’s anonymity.
The principal defense to the costs of an errant employee survey is to have created a survey instrument that is not flawed, is well administered so as to get good response rates and good information, and to have carefully considered what should and should not be asked so as to comply with various laws and regulations.
In some circumstances (such as where human resources personnel get involved in the administration or distribution of the survey), there is an increased risk that the anonymity of employees who respond to the survey can be compromised or are in fact compromised. Anonymity may be compromised in any number of ways, including by the questions asked, the way the survey is administered such as permitting open-ended written responses, by the means by which the survey is distributed as when the survey results are not fungible (such as in e-mail distribution where only the recipient of the e-mail can respond), by the way in which the survey results are reported (e.g., reporting to the board of directors the grievance statistics after removing all but the top half of the results), in a survey intended for a large (such as whole company) or small population (such as in a survey of a department of senior management), by providing mechanisms to the employees to volunteer their identities, or by informing persons outside of the intended recipients of the results and data.
The best means for avoiding these and other potential risks to anonymity is to use good survey instrument design and administration. There are other steps that can be taken to help ensure anonymity. For example, using an independent third-party vendor to handle all surveys and distribution of the results can go a long way toward protecting anonymity. That third-party vendor would be able to aggregate the data from different surveys while maintaining the employees’ anonymity.
Disclosure to Tertiary Parties
Permanent staff survey data is likely to be confidential information. It is also personal data under the Data Protection Act. This means that as a general principle you cannot pass this data to third parties without the consent of the employee. Consent means employees must have freely given their consent before you disclose the information to any third party. In practice we recommend that even if the survey is totally anonymous, you should ask for consent to disclose the information to third parties. This has particular advantages if you want to disclose the survey results in some way outside your company – perhaps to a trade magazine or surveying body.
If you are going to disclose the details to third parties, ask for consent to disclose the information to third parties on the consent form. We recommend that you obtain the consent in a positive and conscious way so that you are clear that the employee has consented.
If employees consent to their information being disclosed to third parties, document this on the consent form. Include details of:
All consent to disclosure to third parties should be specific to the survey. If consent is not given or subsequently withdrawn, the information should not be passed to third parties.
If you are disclosing information to employees’ managers within the organisation, staff will have much less objection to this, especially if it forms part of their day to day work . It is common practice to publish some form of summary of the results which managers can share with their teams. This may also be used to enable cross department benchmarking for development purposes.
Information concerning third parties, for example where there have been allegations of fraud or bullying, should not normally be shared with anyone else without the consent of the third (or any) party or a separate consideration of concerns regarding confidentiality.
Always remember that information is likely to be personal data even if an individual is not specifically named or identifiable. Information such as medical information or information concerning criminal offences is also sensitive. The more information about an individual involved, the harder it will be to rely on any exceptions to the need for a third party to consent to the disclosure.
Business reasons for disclosure of information about individuals to third parties include:
Make sure that any requests do not fall under the National Protective Security Authority/GCHQ’s Code of Practice on Terrorism and Security.
The most important point to remember is to keep employees informed in a way that is fair to them in relation to all of their expectations in the working environment.
Employment Law Issues
Employment law will usually overlap somewhere in your considerations. You should not ignore the surveys results if there is the potential for an employment issue to arise. For example, if you conduct an employee survey, and the feedback you receive reveals concerns about compensation, work load or harassment an employer can only ignore this situation at its own peril. This does not mean you have to act on the comments from the survey. However, it is important that an employer understands the potential legal ramifications of certain issues that are raised in a survey so that the employer can properly analyze its options.
There are a number of recent cases in Canada exploring how an employer’s failure to properly address an employee concern, could, in some cases, result in a constructive termination, particularly where the employee has made complaints of harassment or feels bullied by his or her supervisor. What is obvious is that an employer can no longer ignore valid concerns, or downplay serious issues, without risking a constructive dismissal claim.
Employment lawyers have seen a significant increase in constructive dismissal claims in the past five years. Surveying employees and satisfying yourself that you are properly identifying and addressing problem areas for your workforce may go a long way in preventing a constructive dismissal claim from being brought against your company.
Good Practices for Legal Compliance
State and federal laws provide various protections to employees. For example, employers are required to accommodate disabled employees under the Americans with Disabilities Act. Simply by asking an employee on a survey to request an accommodation will not generally be a violation of the ADA, but publicizing the results of the survey in any way that could identify specific employees who requested accommodations, can create liability. Since an individual with a disability could be stigmatized by other employees, even if the survey is anonymous, it is best to avoid creating a survey that would potentially identify employees with disabilities.
Employers sometimes conduct surveys to avoid hiring those who are pregant or are on maternity leave, which could result in liability under the Pregnancy Discrimination Act. Surveys that ask employees about their plans to go on a maternity leave , or ask them to disclose if they have been pregnant or have suffered a miscarriage in a survey result in liability. Even having such questions on a survey may very well violate the law if they are intended to be used to distinguish employees on a prohibited basis.
Employers also cannot utilize surveys to discriminate on the basis of age, race, ethnicity, or other protected categories. It also can create problems if an employer asks its employees if they belong to certain protected categories.
Surveys that identify which employees belong to a union can also create unintended problems. Some state laws prohibit disclosure regarding who belongs to a union or the make up of a labor organization.
Given the scope of the federal and state laws and the potential liability associated with improperly constructed surveys, it pays to have surveys reviewed by counsel before they are distributed to employees.