A recent decision of the British Columbia Supreme Court highlights the benefit of clear, enforced policies for employers who want their employees to follow strict standards of privacy and confidentiality.
In Steel v. Coast Capital Savings Credit Union, 2013 BCSC 527, Madam Justice Ross held that an employee with over twenty years of service could be terminated for cause for accessing a confidential document for her own purposes and, in doing so, violating the protocols and policies of her employer.
Ms. Steel was employed as a helpdesk analyst in the IT department of the credit union. To facilitate support, helpdesk employees had unsupervised access to all computer files and documents in the organization, including private or confidential records. Given this broad access to information, the employer had strict policies in place relating to the helpdesk employees’ access to computers used by other employees. While the employer could monitor in real time Ms. Steel’s activities in the system, it was not practical to do so. Therefore, trust in the adherence to the access policies was an integral element of the employment relationship. Further, given the nature of the financial services industry, the employer had a heightened expectation of compliance with privacy and confidentiality policies.
Following a department meeting regarding parking space allocations, Ms. Steel’s supervisor indicated that he would contact the appropriate employee to determine the rights of Ms. Steel and others. While her supervisor was following up on this question Ms. Steel, on her own initiative, accessed that employee’s computer, personal confidential folder, and document which included a range of confidential employee information including pay grades and seniority dates. When the employee attempted to gain access to the document, she realized that it was being viewed by Ms. Steel. Ms. Steel was terminated for cause.
The Court took a contextual approach to the question of whether Ms. Steel’s actions gave rise to a breakdown in the employment relationship. Madam Justice Ross noted that employees in the banking industry and employees who are given greater autonomy are held to a higher standard of trust than some other employees. The policies regarding privacy and confidentiality generally and in particular relating to the issue of trust in Ms. Steel’s employment were important factors. The Court concluded that the circumstances gave rise to a rare case where a single infraction of policy served to justify termination of the employment relationship.
Employers cannot expect a single breach of policy will always justify summary dismissal. This case does, however, illustrate the sorts of factors that may lead to such a finding and how employers can successfully implement and enforce their policies.