Resources: Blogs

Flushed away

Blogs
|

Teacher compensated for disclosure of health information on note found in staff toilet

Most employers and employees do the right thing with employee personal information by keeping it securely stored and protected from disclosure or loss. However, occasional slips by employees with control over personal information can be costly both in a financial sense and in an emotional sense.

From the moment an individual applies for a job, an employer has collected personal information about that person. As the employment relationship continues more and more personal information about the individual is collected – and for legitimate reasons.

Some information may relate to the practical side of the employment relationship like contact details and bank account information for paying wages. But as we all know, one’s work life and personal life occasionally intersect and other types of personal information end up in a personnel file. This can include health information legitimately required by an employer to accommodate illness or injury, to ensure an employee is fit to do their job or to substantiate claims for sick leave.

Most employers and employees do the right thing with employee personal information by keeping it securely stored and protected from disclosure or loss. However, occasional slips by employees with control over personal information can be costly both in a financial sense and in an emotional sense.

Exposure of employee personal information can lead to distrust between an employee and their employer, not to mention the potential humiliation an employee may suffer if the information disclosed is particularly sensitive.

This was the case in a recent decision of the Victorian Civil and Administrative Tribunal where an employee’s hurt and humiliation from having her health information exposed resulted in an award of compensation.

 

Case study – Harrison v Department of Education and Training (Human Rights) (Corrected) [2017] VCAT 1128

The Victorian Department of Education and Training was ordered to pay a teacher $11,000 for failing to take reasonable steps to keep her health information from loss, misuse, unauthorised access or disclosure when a colleague found a note containing the health information in a staff toilet.

The note was penned by the then acting principal during a phone call with one of the Department’s legal advisors. The purpose of the call was to discuss a separate claim lodged by the teacher in the Victorian Equal Opportunity and Human Rights Commission and future workforce planning issues. The note contained short descriptions or single word prompts about what was discussed, including the teacher’s work history, her request for a compassionate transfer and her complex medical history.

The note did not identify the teacher directly but contained sufficient information such that she could be identified as the subject of at least part of the note.

The colleague who found the note in the staff toilet took it to the staff room and had a discussion about it with another employee. They determined the note was about the teacher and placed it in her pigeon hole.

The teacher was distressed to discover the note and did not return to work after finding the note.

The key issue that brought the Department undone was not its possession of the teacher’s health information, but the control, or lack thereof, over that information. The Department, through its employees, failed to protect personal information from loss and disclosure. In particular, the acting principal could not account for how the note came to be in the staff toilet.

The loss and disclosure of the health information breached Health Privacy Principle 4 under the Health Records Act 2001 (Vic) and caused the teacher to suffer damage in the form of distress, an inability to return to work and deterioration in her mental health.

 

Lessons for employers

Employers should encourage employees, especially managers and those with payroll or HR responsibilities, to be mindful of how they collect, work with and store employee personal information.

Whether the disclosure was intentional or not, the result for the employee is the same and, as demonstrated in our case study, employees can suffer compensable damage from the improper disclosure of their sensitive information.

Accidental disclosure is at higher risk in open plan work spaces. As discussed in our earlier blog Prison break! – How confidential information can escape from open-plan offices employers should consider whether the work done by particular sections of their workforce is suitable to open plan office design.

For example, a note left on a HR manager’s desk while they are at lunch in an open plan office is capable of being reviewed by any employee or visitor who walks past.

In the end, it comes down to common sense – employees should understand the significance of protecting personal information and do everything they can to protect such information from disclosure, including disclosure to their colleagues who do not absolutely need to know.

Of course, exemptions to particular privacy laws exist with regards to employee records but as matter of best practice, employers should aim keep personal information, especially sensitive information like health information, under control and protected from disclosure.

 

Information provided in this blog is not legal advice and should not be relied upon as such. Workplace Law does not accept liability for any loss or damage arising from reliance on the content of this blog, or from links on this website to any external website. Where applicable, liability is limited by a scheme approved under Professional Standards Legislation.

 

Similar articles

What is the difference between confidential information and “know-how”?

No way, know how

During the course of the employment relationship, employees will inevitably gain knowledge or be exposed to information about the employer’s business that is considered confidential to its operations and which the employer does not want to be put out into the public domain.

Read more...

FWC upholds dismissal of an employee who repeatedly and deliberately accessed customer’s confidential information without authorisation

Celebrity search

During the course of their employment, employees may have access to confidential information which belongs to their employer. This information may be in the form of personal information provided by customers and is therefore sensitive in nature.

Read more...

The importance of consultation in the redundancy process

Talk to Me

The Fair Work Act 2009 (Cth) (FW Act) provides that a person will not be unfairly dismissed where the person was dismissed as a result of genuine redundancy.

Read more...

FWO secures penalties against bar operator and external accounting firm

Closing time

The Fair Work Act 2009 (Cth) requires employers to keep certain employee records for a period of 7 years. These records are necessary to ensure that employees have been paid their minimum entitlements should an underpayment claim be made.

Read more...

Employer found liable for workers compensation despite worker’s unreasonable perceptions

Fact or fiction

A recent decision of the New South Wales Personal Injury Commission serves as a reminder of the differing standards of proof when determining liability for claims of bullying and/or harassment under workers compensation laws and the Fair Work Act 2009 (Cth).

Read more...

Commission finds employee’s flexible working request to work entirely from home was not reasonable

The worst has now passed

One of the many changes to the Fair Work Act 2009 (Cth) introduced this year include the Fair Work Commission’s new powers to deal with disputes relating to requests for flexible working arrangements.

Read more...

Let's talk

please contact our directors to discuss how ouR expertise can help your business.

We're here to help

Contact Us
Let Workplace Law become your partner in Workplace Relations.

Sign up to receive the latest industry updates with commentary from the Workplace Law team direct to your inbox.