You deal with a lot of personal employee information during internal investigations. One of the largest risks of handling employee information is making sure it remains private. Investigators need to know what activities are acceptable and which ones cross the line to ensure that every investigation is fair and legal.
There are a lot of reasons why investigators need to maintain privacy over employee information during internal investigations, but perhaps one of the most important reasons is to avoid lawsuits.
If you cross the line in an investigation, you risk having the employee file a lawsuit against you and/or your company. In the book The Essential Guide to Workplace Investigations, Lisa Guerin discusses what can happen if you invade employee privacy during an investigation:
“Don’t become so zealous in your search for the truth that you invade employees’ privacy rights. This can be a tough call, after all, conducting an investigation involves a certain amount of poking around, usually into things that someone doesn’t want you to know about. However, if you cross the line from legitimate workplace concerns into private employee property or behaviour, you could be inviting a lawsuit for invasion of privacy.
If an employee files a lawsuit for invasion of privacy, a judge will look at why both sides acted as they did: why the employee expected privacy and why the employer searched, monitored or otherwise got into an area the employee felt was private.”
Here are three easy ways to avoid invading employee privacy during internal investigations.
1. Keep information on a need to know basis. As an investigator, make this your number one policy when collecting and sharing investigation-related information. If certain information isn’t needed for the investigation, don’t look for it.
When investigation information needs to be sent to another investigator, manager or third party, only give them access to the information they need to fulfill their tasks in the investigation. This rule can be applied to employee information in general – only collect the information you absolutely need; anything else isn’t necessary.
2. Create workplace policies. When employees are aware of what types of things will be searched in an investigation, they aren’t likely to fire back with privacy invasion allegations because they were warned and expected those areas to be searched anyways.
As an employer, you are able to monitor an employee’s work email and their Internet use on work computers. Should you choose to monitor these activities, make a clear statement about it in a written policy. In doing so, you are informing your employees that the company will probably be checking in and this particular information can be searched if an investigation is warranted. Another thing you’ll want to include in the policies is a list of what employee information you collect, why you collect it and what’s done with it.
3. Stick to the facts. Don’t stray from the actual allegation – that is, unless another form of misconduct or an additional incident gets brought to light during an investigation. When you’re collecting evidence, conducting investigation interviews and any other form of investigation-related communication, seek out information that helps you answer the question, What actually happened?
Sign up for our free weekly e-newsletter for more GRC articles, job postings, GRC events, white papers & more…..click here