In order for many Employees to undertake their employment duties and responsibilities the Employer must be prepared to allow the Employee to be exposed to significant amounts of private and confidential information related to the company, its business processes and clients.
This information is generally provided with a high degree of confidence and trust with the expectation that the Employee will only use the information for the purpose for which it has been provided, and that they will not retain or use the information in competition against the Employer after the period of employment has ended.
With many Employees largely having unfettered access to the Employer’s electronic systems and databases managing the unauthorised use and distribution of confidential and sensitive information is becoming and increasing challenge.
Recently a Christchurch based company (Q Limited)* was required to seek an order from the Employment Relations Authority (ERA) as a result of an Employee (F) threatening to disclose information to third parties. F’s employment agreement contained a confidentiality clause however, at some stage during his employment F decided to begin disclosing confidential information related to the company via a social media account. Following this initial breach F was subjected to a disciplinary process (breach of confidentiality) and during this process stated his intention to release more information stating by email that “I have no guilt as to my actions, as per my employment contract … it is reasonable in this instance to disregard confidentiality”.
The ERA was satisfied that they had jurisdiction to order an injunction to prevent F from disclosing any such confidential and sensitive information based on the evidence of Q Limited that the release of such information could result in significant damage to the company and its existing contracts.
The injunction allowed time for the parties to attend mediation in order to resolve the employment relationship dispute that had evolved as a result of F’s stated intentions.
While it would be rare for an Employer to have to go to these lengths to try to protect their confidential information, this case demonstrates that the ERA recognises both the legitimacy of confidentiality provisions within an IEA and the damage to a business that can be caused through the unauthorised disclosure of such information.
While we cannot avoid the requirement to make such information available to Employees in order for them to undertake their role duties and requirements, key steps to take to enhance the ability to protect such information from unauthorised disclosure are: having a robust confidentiality clause within the IEA template for all staff; a broad-reaching Confidentiality Policy; an additional Confidentiality Declaration to be signed by key Employees who have greater access to such information; and a periodic review and monitoring procedure to ensure that all staff recognise that the Employer treats such expectations very seriously and a direct reference to Breaches of Confidentiality with the Disciplinary procedures (Code of Conduct) to enable firm action to be taken where a breach is identified.
If you require any assistance with developing the required robust employment documentation to enable your business to protect its most confidential and sensitive information, please feel free to give us a call.
*The actual company name was required to remain undisclosed by the Employment Relations Authority.
The Employer File is written by Russell Drake, of Russell Drake Consulting Ltd., Specialist Employment Relations Consultants who act exclusively for Employers – see www.russelldrakeconsulting.co.nz or phone (07) 838 0018.