A Welsh council that ordered covert surveillance on a sick employee must review its approach, says the data protection watchdog.
The Information Commissioner’s Office (ICO) found Caerphilly County Borough Council breached the Data Protection Act when it ordered the surveillance of an employee suspected of fraudulently claiming to be sick. The surveillance was only authorised on anecdotal evidence and began only four weeks into the employee’s sickness absence. No other measures were taken to discuss the employee’s absence before the decision to use the covert surveillance and the report, which was produced by a third-party company, was never used.
As the ICO set out, while an employer can use covert surveillance on staff if a crime is suspected, and sickness could count as a crime, the employer must be satisfied that there are grounds for suspecting criminal activity or equivalent malpractice, and that notifying those about to be monitored would prejudice its prevention or detection. Abuses of an organisation’s sickness policies can amount to such malpractice, but covert surveillance should only be used in exceptional circumstances as a last resort when
alternatives have been looked at and found not appropriate.
The ICO determined the council did not have the grounds to do the surveillance, especially at such an early stage of the employee’s absence.
Anne Jones, Assistant Commissioner for Wales, said: “It shouldn’t need to be said that spying on employees is incredibly intrusive and must only be done as the last resort. Organisations need to be absolutely clear why they need to carry out covert surveillance and consider all other alternatives first. If it cannot be completely justified, it shouldn’t be done.”
The ICO’s Employment Practices Code covers monitoring of employees at work. It sets out that ‘covert monitoring of workers can rarely be justified. Do not carry it out unless it has been authorised at the highest level in your business’. To view the guide in full visit the ICO website – https://ico.org.uk/media/for-organisations/documents/1128/quick_guide_to_the_employment_practices_code.pdf
For details of the case visit the ICO website – https://ico.org.uk/media/action-weve-taken/undertakings/1042918/caerphilly-cbc-undertaking.pdf
