- HR Services
- Employment Law Advice
- More HR Services
1 Existing procedures
If you have an existing policy and procedures in place, you should consult with staff about any changes you are making. It is good practice to do this in any case, but may be legally required if your existing policy and procedures are part of the contract of employment, or if you have a formal trade union recognition agreement in place.
2 Why have a policy?
Many employers have dismissed staff for accessing ‘inappropriate’ websites or spending too long sending personal emails. Many of those staff actually won unfair dismissal claims because the employer did not have a policy on what kind and level of use was acceptable, and what the penalties for misuse might be. So, as in all areas in which you want to set out ‘the way we do things round here’, it is strongly advised that you develop and circulate a clear policy. A written policy will
3 What should be in it?
4 Monitoring and Data Protection
In the UK, it is unlawful to intercept electronic communications unless the interception has been authorised, whether by a warrant, by consent, or by regulations. Regulations that came into force in October 2000 provide circumstances in which a business can lawfully intercept emails (and telephone calls) made on its own systems, such as:
There are other conditions on monitoring found in these Regulations, the Human Rights Act and guidance from the Data Protection Commissioner, including:
It is certainly worth looking at the Information Commissioners Office ‘Employment Practices Code’ and a direct link to this is provided in the Resources section below.
5 Introducing and Using the Policy
If implementing a new or revised policy, notify all employees by memo or circular, identify the date of implementation and give employees an opportunity to review the policy.
Any policy can only be effective if it has been brought to the attention of employees and they follow it. The best approach is not to rely only on a policy but also to educate your employees on the correct use of email and the internet.
Finally, bear in mind that a policy will not be effective unless it is enforced. An employer cannot turn a blind eye to abuse of an existing policy then expect to suddenly enforce it against one or a number of employees. Such an unfair approach could easily backfire on the employer.
6 Policy Review
Set a date to evaluate the effectiveness of the policy, perhaps annually, and nominate a person to take responsibility for this. Changes to the policy may also be required by changes in legislation and new case law.
For more and related information you may find the following websites and resources useful. Click on the underlined words to access the website.
The Information Commissioners Office http://www.ico.gov.uk/ is the independent authority on all aspects of the Data Protection Act, including the monitoring of communications.