I recently read an interesting case made by the Office of the Privacy Commissioner of Canada (decision 2014 – 014) stating that under subsection 5(3) of the Personal Information Protection and Electronic Documents Act (PIPEDA) that the employer’s purposes for disclosing the employee’s personal information regarding his medical leave were not appropriate in the circumstances and were not necessary for the organization to meet its employee schedule management needs in the context of its work environment.
In a nutshell, an employee alleged that his employer disclosed to other employees at his work unit detailed personal information about his leave of absence from the workplace. He believed that only employees required through their duties to be made aware of such information should have had access to the information.
The employer’s workplace leaves were managed through an electronic employee scheduling program that allowed all employees to view certain approved leave information, including the reason for an absence for all other employees in their unit. This was done in order to make leave information available to other employees of the same work unit to facilitate the exchange of shifts between employees. The employer believed this was necessary in order to comply with the governing collective agreement (the employer had to collect and maintain records about employees’ schedules and leaves).
The Office of the Privacy Commissioner of Canada found that the information disclosed constituted personal information. The leave information at issue was personal information under the PIPEDA since it was information about an identifiable employee that related to why that employee was absent from the workplace. The employee scheduling program listed and identified each employee within the employee’s functional unit, and clearly associated the employee with the type of leave they used for an absence from the workplace.
What’s more, some of the leave categories could provide additional details about why a particular employee was absent, including absence due to medical care, a death in the family, birth of a child and parental leave.
Moreover, the organization’s purposes for disclosing employee leave information to other employees in the same work unit was not for purposes that a reasonable person would consider appropriate in the circumstances, pursuant to subsection 5(3) of PIPEDA. In fact, it confirmed that there were other less privacy-intrusive means to indicate employee availability without resorting to disclosing potentially sensitive personal information. By having this information easily accessible to other employees in the same work unit, individuals on leave would be denied the option of maintaining privacy as to why they were absent from the workplace.
Further, the Office of the Privacy Commissioner of Canada concluded that, under subsection 5(3) of PIPEDA, the employer’s purposes for disclosing the employee’s personal information were not appropriate in the circumstances since disclosing leave type was not necessary for the organization to meet its employee schedule management needs in the context of its work environment.
As a result of the finding, Office of the Privacy Commissioner made several recommendations to the employer, and the employer agreed to remove employee leave information viewable by co-workers from its employee shift scheduling program, and from other related tools and systems. There was an undertaking to make this change complete within 18 months.
There are two main lessons coming out of this case. First, employers should know that an organization should not disclose information about why one of its employees is absent from the workplace to other employees, unless those other employees have an operational need to know such information.
Second, even though the disclosure of certain employee personal information to other employees can bring certain benefits, such benefits must be proportional to the loss of privacy experienced by the disclosure of such information. Employers must appreciate that the information can be sensitive, and they should not be disclosing it. Employers are recommended to be cautious when handling this type of information. Safeguards should be put in place that only those who need to know should have access to this type of information. When in doubt, do not disclose it, and at the least, obtain consent before disclosing it.