Getting More Privacy Pros Into HR
Last Sunday, in The Globe and Mail’s “Nine to Five” column, an employee working for a U.S.-based public company expressed concerns about having to submit to a mandatory criminal background check. The employee had been at the company for 15 years, and until recently, only new employees would have to consent to a background check. But now,
"All employees must undergo a background check annually. It’s framed as a request, but since I said I don’t want to participate, several levels of management have spoken to me about getting it done. Initially the company said failure to comply might result in employees not being involved in certain government contract work.
"I do not have a criminal record, but I have serious objections to this. I don’t want this confidential personal information held by a third party, and I find it to be an intrusion on my privacy. They say I’m the only person (of several hundred employees) who won’t comply. Surely there are limits to what an employer can request?"
First of all, paranoia aside, saying this is the only employee out of hundreds not to consent to a criminal background check sounds like a classic case of peer pressure. Which brings me to my main point: Wouldn’t having a privacy department or the presence of a privacy professional help in communicating out such a drastic policy change to employees in a way that doesn’t alienate them?
As one of the HR experts in the column rightly points out, “Any policy or practice a company chooses to put in place, serves to help shape its culture.” And it’s understandable that companies often need to conduct such background checks based on the type of work involved. But what effect would a CPO or privacy department have in shaping the culture in this organization? Perhaps there wouldn’t be as many employees steeped with a sense of discomfort (assuming this person isn't the only one).
Secondly, the column has two human resource experts chime in to give their analysis and answers to the employee’s query. What would an HR employee with proper training in privacy say?
Finally, the second HR expert reasonably points out,
"Many employers initiate these types of background checks as a safeguard for their customers and requirements set out by those they do business with. While I understand your concern about your information and privacy, these policies are typically initiated for the greater protection of the firm’s integrity, not to make you feel uncomfortable."
But clearly, the damage, in this case, has been done. Alienated employees can damage a company’s integrity as much as anything else. I think the presence of privacy pros could have played a key role in appropriately disseminating the firm’s policies while preventing this employee’s discomfort.
Note from the Editor:
The breakout session Top Five Workplace Privacy Issues will be part of the IAPP Canada Privacy Symposium, May 22-24, in Toronto.
About the Author
As editor of the Privacy Perspectives, Jedidiah Bracy moderates the many views, angles and, well, perspectives that inform information privacy and all its adjacent professions.
In addition to editing the Privacy Perspectives, Bracy facilitates the vetting, writing, editing and curation for the Daily Dashboard, the IAPP Canada Dashboard Digest, the IAPP Europe Data Protection Digest and the IAPP ANZ Dashboard Digest. He writes feature articles for The Privacy Advisor on information privacy law, data protection and the privacy profession.
When not mulling over the current state of information privacy in the digital age, Bracy enjoys watching international soccer, listening to his music library and tasting a finely wrought craft beer. You can follow him @jedbracy