We wrote about this in two previous HRLaw blogs: Workplace Confidentiality: More about insisting on privacy! and If you expect privacy and confidentiality at the workplace – take steps to get it!. Both blogs dealt with a British Columbia Decision that was recently appealed from to the Court of Appeal. The Court of Appeal dispensed with the matter in a decision released last month at Steel v. Coast Capital Savings Credit Union 2014 BCCA 127. That decision is 14 pages long and deserves a full-read. Below is our summary of salient points from the decision.
The appellant was a Helpdesk Analyst in the IT department. In this role, she had special access to the respondent’s network including “Personal Folders” that were confidential and could only be read by the employee assigned to a file. Here’s what the Court said about the appellant’s employment and the respondent’s view of privacy and confidentiality at its workplace:
 The appellant was fired from her employment of 21 years for accessing a confidential document contrary to internal privacy protocols. She was part of the Helpdesk team which provided internal technical assistance to other employees of the respondent. The appellant was in a position that required the complete trust of the respondent. Notably, she worked unsupervised in her day-to-day functions and was one of only a handful of people that had complete access to the respondent’s computer system. As a result, she had unfettered access to every document and file on the system, including the private and personal files of the respondent’s employees.
 The respondent took privacy and confidentiality very seriously. All of its employees were assigned personal folders which were kept on the network and were to be used solely by that employee. The folders were intended to be used for confidential information (personal and business) pertaining to the company. Employees were forbidden from accessing anyone else’s emails or files without permission.
At trial, the trial judge found that there was just cause to terminate the employee. On appeal the Court considered:
- whether the leading case of McKinley was correctly followed; and
- a subsidiary issue of whether the trial judge correctly elevated the standard of trust on the basis that the respondent is a financial institution.
What the Court of Appeal said
The trial judge applied the McKinley analysis properly. The Court said:
In my view, the trial judge did not err in principle in applying the McKinley analysis. As the above-cited passage illustrates, she applied a contextual approach and considered whether the nature of the misconduct, which the appellant admitted was the result of a deliberate choice, was reconcilable with a continuing employment relationship. …
Standard of Trust
The Court found it was open to the trial judge to find that a “fundamental obligation” of an employee placed that employee in a position of substantial trust relationship:
What this means for employers?
If privacy and confidentiality is a fundamental obligation in the workplace, ensure you have and maintain policies specifically dealing with access to information at your workplace. This is more critical in industries where trust is of central importance (e.g., banking or healthcare) and particularly necessary where an employee has unsupervised access to an IT system.
In your annual review process, review privacy and confidentiality policies and ensure there is acknowledgement by employees that they are aware of them. Any report of questionable access should be properly investigated and if an employee is found to be in violation of your policies and discipline is warranted, apply your policy evenly and consistently.