Impact Assessment (drug and alcohol testing)

Use this impact assessment (drug and alcohol testing) before beginning any staff alcohol or drug testing, to make sure you comply with data protection law. By completing this template impact assessment (drug and alcohol testing) you record that you have complied with the UK GDPR by carrying out a data protection impact assessment (DPIA). You are legally required to carry out these kind of assessments before monitoring staff through drug and/or alcohol testing.
£20 + VAT

Data protection impact assessment policy

A data protection impact assessment policy is an internal document setting out how and when your business will assess the data protection risks of its activities. It’s important to have proper policies and procedures in place when you’re handling personal data and carrying out a data protection impact assessment is sometimes mandatory under Article 35 UK GDPR. A data protection impact assessment might also be referred to as a privacy impact assessment, a DPIA or a GDPR risk assessment. This template DPIA policy will help you to comply with your data protection obligations by setting out when and how your staff should consider carrying out data impact assessments. It also includes a template DPIA form, which has been produced by the Information Commissioner’s Office (ICO). This provides an example of how you can assess, record and seek to reduce the privacy risks associated with your projects. Where applicable, it also includes a template DPIA form for use by online services which are directed at, or are likely to be used by, children, which has been produced by the ICO. This will help relevant online services to comply with their obligations under the ICO's Age Appropriate Design Code. You can also purchase this policy as part of the Data protection policy toolkit .
£25 + VAT
See all solutions
Data protection issues when monitoring staff
Monitoring staff's online activity, emails, post or voicemails
Q1:Am I allowed to monitor staff online activity, emails, post or voicemails?

Yes, in certain circumstances. However, there are a number of steps and considerations you will need to go through first in order to ensure that you are doing so lawfully and in compliance with your obligations, which are designed to protect the privacy of your . Failure to comply with your obligations can result not just in reduced productivity due to dissatisfaction, but in significant penalties being levied against your business by the (see Q&A 41 for further information about this). You must also bear in mind your equally important wider obligations and duties as an before implementing any such monitoring.

The steps and considerations you must go through are as follows:

  1. Make sure you have a valid reason for monitoring your

    You must identify a clear reason for carrying out the monitoring. You do not have an automatic right to monitor your members' correspondence and online activity simply because you are their and you must consider what you are trying to achieve. See Q&A 2 for further information.

  2. Consider alternatives

    You are not allowed to monitor your members' correspondence and online activity if there is a less intrusive way that you can reasonably achieve your purpose. You therefore need to consider what alternatives there are. See Q&A 3 for further information.

  3. Consider carrying out a

    In many cases, you will need to carry out a () before you start to monitor your . This is also a good way to demonstrate that you have complied with your legal obligations. See Q&A 4 for further information.

  4. Keep the extent of your monitoring to a minimum

    The extent of the monitoring you are permitted to carry out will vary in each case but in most cases, blanket monitoring all of your members' emails and web browsing will not be appropriate. You must conduct the minimum amount of surveillance in order to achieve your purpose. See Q&A 5 for further information.

  5. Avoid accessing private and

    When monitoring the correspondence or web browsing of , you must not usually access or store , except in limited situations. See Q&A 6 for further information.

  6. Make your aware that they are being monitored

    In nearly all cases, you must tell your about your monitoring activities before you carry them out. See Q&A 7 for further information.

  7. Make sure you store any data you collect securely

    You must store the monitoring information you collect securely, and make sure that you keep only the minimum that is necessary. See Q&A 39 for further information.

There are some particular considerations to take into account if you are monitoring your member's personal device or home network (see Q&A 8) or personal social media (see Q&A 9).

Q2:Do I need to have a specific reason for monitoring my staff members' online activity, email, post or voicemails?

Yes, you must identify a clear reason for carrying out the monitoring. You do not have an automatic right to monitor your members' correspondence and online activity simply because you are their .

Indiscriminately tracking and reviewing email and internet use by all for a general purpose, such as managing productivity, is unlikely to be sufficiently specific or legitimate. Such monitoring is more likely to be acceptable if it is carried out in a targeted manner; for example, in response to a specific measurable drop in productivity among certain members.

Think carefully about the specific goal you are trying to achieve and keep this in mind at every stage of the process. The more intrusive the monitoring you plan to undertake, the stronger your justification must be. Note that the reason you identify must fall within one of the six lawful bases for . In nearly all cases, the legal basis for monitoring your members' correspondence or web browsing will be the protection of the of your business, if there is no other way you can do this. See Q&A 3 for further information about your obligation to consider alternatives and When to use personal data for more information about lawful bases for data.

You must make sure you do not justify your monitoring for a reason that relates to any such as sex, race, age, , religion, gender reassignment, marriage or civil partnership status or sexual orientation. For example, if you only decide to monitor the online activity of your under the age of 25, you could face claims for on the basis of age.

Conducting a before implementing monitoring is a good way to make sure your reasons are justified; see Q&A 4 for further information about this.

Q3:Do I have to consider alternatives to monitoring staff online activity, emails, post or voicemail?

Yes. You must not start monitoring your members' correspondence and web browsing if there is a less intrusive way that you can reasonably achieve your purpose .

For example, if you have concerns about inappropriate use of email, you might be able to deal with it by giving additional training and supervision, rather than monitoring emails directly. Similarly, if you have concerns about web browsing, consider an acceptable use policy and blocking access to certain websites, rather than conducting blanket monitoring of internet use. For concerns about reduced productivity, you could try placing emphasis on meeting more frequent, short-term targets so that you can keep a closer eye on their productivity, rather than, say, recording keystrokes or mouse movements during working hours. If your concern is about data outside your office, you could ensure that you provide members' own devices with suitable software or require them to work via a cloud-based application.

Prevention of unacceptable use is far preferable to detecting it and punishing after the fact.

Conducting a before implementing monitoring is a good way to make sure you have properly considered alternatives; see Q&A 4 for further information about this.

Q4:Do I need to carry out a data protection impact assessment before I start monitoring staff online activity, emails, post or voicemail?

Having identified a legal basis and specific purpose for your monitoring (see Q&A 2), you should usually carry out a , particularly if you are using new technology to monitor. You must carry one out if the monitoring you are planning is likely to pose a high risk to the privacy rights of your , or if your monitoring involves tracking your members' online behaviour, so the more widespread and intrusive the monitoring, the more likely you are to be legally obliged to do a . Note that the also recommends that it is best practice to also consider carrying out a if you will be (eg health data) or data belonging to vulnerable individuals.

Do not forget that your is not just a box-ticking exercise; you must take appropriate action depending on the recommendations of the assessment. If you decide not to conduct one, the recommends that you document your reasons so you can justify your decision later if asked.

For an assessment form tailored to conducting a before monitoring emails or web browsing, see Impact Assessment (monitoring staff emails and web browsing).

For an assessment form tailored to conducting a before monitoring working remotely or using their own personal devices for business purposes, see Impact assessment (monitoring staff working remotely or on personal devices) (see Q&A 8 for further information about this type of monitoring).

For an assessment form tailored to conducting a before monitoring social media pages or other personal online accounts, see Impact Assessment (monitoring staff social media pages) (see Q&A 9 for further information about this type of monitoring).

For an assessment form tailored to conducting a before opening post, emails or voicemails, see Impact assessment (opening staff post, emails or voicemails) (see Q&A 10 for further information about this).

For more general guidance about how to carry out a , see Data protection impact assessments.

Q5:How closely can I monitor staff online activity, emails, post or voicemail?

This will depend upon the situation, but must always be kept to a minimum.

Before you start monitoring correspondence and online activity, you must ensure that you have identified a clear reason and objective for doing so; see Q&A 2 for further information about this.

Your right to monitor your member for the reason identified must always be balanced against your member's own right to respect for private and family life. When carrying out the monitoring, you must therefore make sure you minimise the extent of it as far as possible to achieve your objective. For example, if there is a problem with a member spending too much time on the internet for non-work related purposes, the recommends that you consider recording the amount of time spent accessing the internet rather than tracking the full details of every website visited, or configure tracking software to simply flag the frequency and time spent on specified sites (eg Facebook, YouTube, Twitter) rather than including full details of every page visited.

For specific guidance about steps you can take to minimise the extent of the impact on members if you need to access their email accounts or other correspondence, see Q&A 11.

Conducting a before implementing monitoring is a good way to make sure you have properly assessed the extent of the monitoring you should undertake; see Q&A 4 for further information about this.

Q6:Am I allowed to access private or sensitive personal data when monitoring staff online activity, emails, post or voicemail?

When monitoring the correspondence or web browsing of , you must not usually access or store , unless you have a specific legal obligation to do so or the information has been made public by the individual in question. For full guidance on your obligations if you might need to deal with , see When to use personal data.

There are some obvious limitations to the monitoring you can carry out as a result; for example, you should avoid intercepting private webmail or monitoring use of health or medical websites and online banking. Care is particularly important where home networks or personal devices are concerned, as it will be easy for private information to be caught by any monitoring. You might consider only monitoring the use of certain apps or software by remote or on personal devices. See Q&A 8 for further information about monitoring who work remotely.

You should consider allowing your to actively prevent their data being seen by you, if they wish to protect their own private and . This might be achieved by, for example, allowing to create personal folders for documents and in email applications, and personal spaces in cloud applications such as calendars so that can book in private appointments. If you are carrying out periodic scans as part of your monitoring of remote or personal devices, you should ensure that individuals are able to select the files that are and are not accessed and scanned for , so that on home networks and personal devices is not inadvertently accessed. Alternatively, you could require to create a new user profile on their own network or device for business purposes, to ensure that all work-related data is stored separately from .

Q7:Do I have to tell my staff that I am monitoring their online activity, emails, post or voicemail or can I monitor them covertly?

In nearly all cases, you must ensure your are aware of any monitoring before you carry it out. Monitoring will be considered covert if the members being monitored are unlikely to know the collection of data is taking place. The advises that it can only be legally justified in exceptional circumstances. As a general rule, covert monitoring should only be used for the prevention or detection of criminal activity (or other malpractice that poses an equivalent risk).

Carrying out covert monitoring without clear justification will not only represent a of your legal obligations, which can carry significant financial penalties (see Q&A 41), but could also lead to you facing legal claims for invading the privacy of your . As regards members who are , you must not act in a way to seriously damage or destroy the relationship of trust and confidence between you, unless you have good reason to do so. Covert monitoring activities could undercut this duty. The duty forms part of your employment contracts, so if you fail to uphold it, you will be in and your may be able to sue you for it, or resign and claim .

You should alert your to the possibility of being monitored by preparing a clear policy about your monitoring. For template policies you can use, see IT, communications and social media policy and Staff privacy notice. These can also all be produced as part of our template using Staff handbook and policies.

You may also consider using software to flag any correspondence or browsing which is being monitored so that have the option at the time not to send the email or remain on the web page. Similarly, if you are monitoring emails for large attachments or to unknown recipients (eg to protect your proprietary data), a warning dialogue box can be triggered to make it clear to a user before sending the email that it will be flagged by your monitoring system. If you require individuals to log into a portal, website or app in order to work remotely, you could include a page which clearly sets out the extent of any monitoring that will take place as part of the login process.

Q8:Am I allowed to monitor staff emails and online activity if they are using a personal device or home network to work?

Yes, but you will need to go through various steps and considerations in order to ensure that you are doing so lawfully and in compliance with your obligations, which are designed to protect the privacy of your .

It is becoming more common to offer the option to work remotely or using their own personal devices. The perceived risk of misusing working time may be considered higher if such an individual is out of sight. However, monitoring an individual's own personal devices or home networks carries clear and obvious privacy risks, so you must be particularly careful to comply with your legal obligations when doing so. Failure to comply with your obligations can result not just in reduced productivity due to dissatisfaction, but in significant penalties being levied against your business by the (see Q&A 41 for further information about this).

For guidance on the steps and considerations you need to carry out in order to comply with your obligations, see Q&A 1 and following.

Conducting a before implementing monitoring will help ensure that you have complied with your obligations; see Q&A 4 for further information about this and for an assessment form tailored to conducting a before monitoring working remotely or using their own personal devices for business purposes, see Impact assessment (monitoring staff working remotely or on personal devices).

Q9:Am I allowed to monitor staff members' social media pages or other personal online accounts?

You will only be able to justify monitoring your members' social media in very limited and specific circumstances, because they are usually highly personal.

General monitoring of you members' personal social media accounts should not be carried out; indiscriminately checking your members' social media pages for a general purpose such as checking for mentions of your business is very unlikely to be legitimate. You will need a clear reason for doing so; for instance you may have received a specific report or allegation of defamatory content about your business, or bullying between members through social media. However, even if there is a clear reason, you must not start monitoring your members' social media presence if there is a less intrusive way that you can reasonably achieve your purpose . For example, having a social media policy, or a bullying and policy, and providing suitable training for should generally alleviate the need to actually monitor social media pages. If there is no alternative, you should minimise the effects on your members' privacy by only looking at posts or content made during a specific time period, searching for content containing specific words, or even simply accessing a single post (eg if a complaint has been received regarding a particular post).

Clearly, if must use social media for work, or have business accounts that they can use for official business, you will be able to legitimately check these, as they will not be as personal as private accounts.

Before you carry out any monitoring of your members' online activity, you will need to go through various steps and considerations in order to ensure that you are doing so lawfully and in compliance with your obligations, which are designed to protect the privacy of your . Failure to do so can result not just in reduced productivity due to dissatisfaction, but in significant penalties being levied against your business by the (see Q&A 41).

For guidance on the steps and considerations you need to carry out in order to comply with your obligations, see Q&A 1 and following.

Conducting a before implementing monitoring will help ensure that you have complied with your obligations; see Q&A 4 for further information about this and for an assessment form tailored to conducting a before monitoring social media pages or other personal online accounts, see Impact Assessment (monitoring staff social media pages).

Q10:Am I allowed to open staff members' post, emails or voicemails?

Yes, but you will need to go through various steps and considerations first in order to ensure that you are acting lawfully and in compliance with your obligations, which are designed to protect the privacy of your .

In many cases, you will have an entirely uncontroversial reason for seeking to open a member of 's post, emails or voicemails (such as unplanned absence or sickness). Business projects and transactions are invariably time-sensitive, and if a member of is absent unexpectedly at a critical time, you are very likely to have a clear legitimate interest in accessing their correspondence or messages. However, you will need to balance this against the need to respect the privacy of the member and act accordingly. This includes adopting procedures which will negate the need to open correspondence in their absence, making them aware that you will do so in certain situations via a suitable policy and only accessing the minimum amount of data necessary to achieve your desired purpose. See Q&A 11 for information about the practical steps you can take to achieve this.

For full guidance on the steps and considerations you need to carry out in order to comply with your obligations, see Q&A 1 and following.

Failure to comply with your obligations can result not just in reduced productivity due to dissatisfaction, but in significant penalties being levied against your business by the (see Q&A 41 for further information about this).

Conducting a before implementing monitoring will help ensure that you have complied with your obligations; see Q&A 4 for further information about this and for an assessment form tailored to conducting a , see Impact assessment (opening staff post, emails or voicemails).

Q11:What can I do to minimise the impact on the privacy of my staff if I need to access their post, emails or voicemails?

It may, in some circumstances, be necessary to access your members' correspondence; see Q&A 10 for further information about this.

However, you will need to balance this against the need to respect the privacy of the member and act accordingly. If you do need to access your members' correspondence, you will need to make them aware that you will do so. This notification could be contained in a policy which explains how, when and why you might open post, emails or voicemails.

You should only access the minimum amount of data necessary to achieve your desired purpose. This will likely mean ensuring any access is targeted to the particular purpose you have identified for your monitoring. If the purpose is to ensure a particular project or transaction can progress in the absence of a member, you should restrict your access to correspondence and messages about that particular project, rather than reading all incoming correspondence or messages. You must also frequently review your policy to access post, emails and voicemails to ensure it is still necessary to achieve the purpose it was originally intended for. Be aware of ; this must not be monitored (or indeed even stored or accessed) by your business, unless you have a specific legal obligation to do so or the information has been made public by the member. As a practical step, you might consider encouraging to not have any sensitive personal post, emails or voicemails sent to their work address or phone number. You should also provide members designated private areas in their email or voicemail inbox, and/or encourage the use of 'personal' or 'private' labelling of emails, to avoid inadvertent monitoring of personal communications. You might also encourage to set up filters on their email inbox which will automatically file sensitive personal emails into a personal folder, which is not monitored or accessed in the case of absence.

In addition, you should have procedures in place which will negate the need to open correspondence in the first place. For instance, if you are seeking to avoid sales or transactions stalling when a member of is absent unexpectedly, you could arrange for any absent members to put an out of office reply on their email for the period of their absence which provides contact details of an alternative person to contact in their absence. You might also require that another more senior member of is copied into any email correspondence, or take steps to ensure that all business calls are routed through a switchboard so that an alternative contact can be located immediately when a member of is absent. In all cases, such alternatives must always be considered and implemented if they would achieve the same benefits as simply opening a member's inbox or post, but result in less impact for individuals.

For a template, IT, communications and social media policy, which you can adapt for your own purposes, see IT, communications and social media policy or create it as part of a using Staff handbook and policies.

Monitoring the location of staff members
Q12:Am I allowed to monitor my staff members' location using location tracking software or other geolocation data?

Yes, but only in very limited circumstances.

For many businesses, monitoring the location of is unlikely to be a necessary or proportionate response to risk, as such monitoring is highly invasive. Certain exceptions to this general rule exist, for instance delivery drivers or other using vehicles whose physical location is an essential aspect of performing their duties. In addition, tracking location data can become important if an loses a work mobile device or laptop. However, your business must be very cautious about how it uses and monitors such geolocation data.

When considering whether you should implement a tool or plan to monitor the physical location of members, there are a number of steps and considerations you will need to go through first in order to ensure that you are doing so lawfully and in compliance with your obligations, which are designed to protect the privacy of your . Failure to comply with your obligations can result in significant penalties being levied against your business by the (see Q&A 41 for further information about this). You must also bear in mind your equally important wider obligations and duties as an before implementing any such monitoring.

The steps and considerations you must go through are as follows:

  1. Make sure you have a valid reason for monitoring your

    You must identify a clear reason for carrying out the monitoring. You do not have an automatic right to monitor your members' physical location or geolocation data simply because you are their and you must consider what you are trying to achieve. See Q&A 13 for further information.

  2. Consider alternatives

    You are not allowed to monitor your members' location using location tracking software or other geolocation data if there is a less intrusive way that you can reasonably achieve your purpose. You therefore need to consider what alternatives there are. See Q&A 14 for further information.

  3. Carry out a

    You will need to carry out a before you start to monitor your . This is also a good way to demonstrate that you have complied with your legal obligations. See Q&A 15 for further information and Impact Assessment (monitoring staff location) for a template you can use.

  4. Keep the extent of your monitoring to a minimum

    You must conduct the minimum amount of surveillance in order to achieve your purpose. See Q&A 16 for further information.

  5. Avoid accessing private and

    When monitoring , you must not usually access or store , except in limited situations. See Q&A 17 for further information.

  6. Make your aware that they are being monitored

    For location tracking, it is particularly important for to be made explicitly aware of the extent (and times) which they will be tracked. See Q&A 18 for further information and IT, communications and social media policy and Staff privacy notice for template policies you can use, which can also be created as part of a template using Staff handbook and policies.

  7. Make sure you store any data you collect securely

    You must store the monitoring information you collect securely, and make sure that you keep only the minimum that is necessary. See Q&A 39 for further information.

Q13:Do I need a specific reason to monitor my staff's location using location tracking software or other geolocation data?

Yes, you need to identify a clear reason for carrying out the tracking. You do not have an automatic right to do so simply because you are the individual's .

If your business employs a driver or other person responsible for deliveries, for instance, having up-to-date information about that individual's physical location is important to your business. In addition, if a work device is lost or stolen, being able to track the geolocation data might help you to recover the device. Think carefully about the specific goal you are trying to achieve and keep this in mind at every stage of the process. The more intrusive the monitoring you plan to undertake, the stronger your justification must be.

Note that the reason you identify must fall within one of the six lawful bases for . In nearly all cases, the legal basis for monitoring 's geolocation data will be the protection of the of your business, if there is no other way you can do this. See Q&A 14 for further information about your obligation to consider alternatives and When to use personal data for more information about lawful bases for data.

You must make sure you do not justify your monitoring for a reason that relates to any such as sex, race, age, , religion, gender reassignment, marriage or civil partnership status or sexual orientation. For example, if you have an unfounded concern that a driver might be slower to carry out their deliveries than your other drivers, and monitor them in order to check this, then you may be discriminating because of their .

Conducting a before implementing monitoring is a good way to make sure your reasons are justified; see Q&A 15 for further information about this.

Q14:Do I need to consider alternatives to using location tracking software or other geolocation data to monitor staff?

Yes. You must not start monitoring your members' location using tracking software or other geolocation data if there is a less intrusive way that you can reasonably achieve your purpose.

You must be satisfied that the final action you take is reasonable and proportionate, and that you have taken measures to reduce any harmful consequences for individuals. For instance, when monitoring a driver's location you could consider features which ensure they are not tracked when driving their vehicle for non-business purposes or when on breaks. Similarly, you could ensure that any tracking systems are designed so that the location data is not available to your business unless certain circumstances occur (eg the device is reported lost or stolen). Such alternatives must be considered and implemented if they would achieve the same benefits of monitoring, but result in less impact for individuals.

Conducting a before implementing monitoring is a good way to make sure you have properly considered alternatives; see Q&A 15 for further information about this and Impact Assessment (monitoring staff location) for a template you can use.

Q15:Do I need to carry out a data protection impact assessment when monitoring staff using location tracking software or other geolocation data?

Yes, having identified a legal basis and purpose for your monitoring (see Q&A 13), you must carry out a . To carry out a , you should weigh up your benefit or interest in carrying out the monitoring against the impact it will have on the individuals concerned. If there are less intrusive alternatives to monitoring the physical location of , you should consider whether these can still achieve the purpose you are seeking (see Q&A 14).

Do not forget that your is not just a box-ticking exercise; you must take appropriate action depending on the recommendations of the assessment.

For an assessment form tailored to conducting a before monitoring the physical location of members, see Impact Assessment (monitoring staff location).

For more general guidance about how to carry out a , see Data protection impact assessments.

Q16:How closely can I monitor staff using location tracking software or other geolocation data?

This will depend upon the situation, but must always be kept to a minimum.

Before you start monitoring using location tracking software or other geolocation data, you must ensure that you have identified a clear reason and objective for doing so; see Q&A 13 for further information about this.

Your right to monitor your member for the reason identified must always be balanced against your member's own right to respect for private and family life. You must therefore only monitor the minimum amount of location data necessary to achieve your desired purpose. This may mean, for instance, that location data of a vehicle is stored automatically but is only accessible to your business when a vehicle leaves a predefined region or route. Alternatively, if you are carrying out location tracking to prevent the loss or theft of an item or vehicle, it may be that the location tracking is only triggered when the item or vehicle leaves a particular location or area. You should also ensure you only monitor the precise data that is required, for the purpose required. For instance, if the purpose of your location tracking is to follow the physical location of a particular vehicle or item, additional data regarding driver behaviour should not be monitored. You should not use the location tracking data for any other purposes, such as performance evaluation.

Conducting a before implementing monitoring is a good way to make sure you have properly assessed the extent of the monitoring you should undertake; see Q&A 15 for further information about this and Impact Assessment (monitoring staff location) for a template you can use.

Q17:Am I still allowed to use location tracking software or other geolocation data to monitor my staff member if they sometimes use their vehicle or device for private purposes?

Yes, but you will need to put certain measures in place to protect their privacy. This is because you need to have a specific reason for carrying out the monitoring and it must always be kept to a minimum, so tracking an individual outside their working hours is very unlikely to be justified. In addition, you should not usually access or store , unless you have a specific legal obligation to monitor such information or the information has been made public by the individual in question.

If a member makes private use of a vehicle or device which is having its location tracked, you must ensure that they can actively prevent their data being captured by location monitoring technologies. This will help to ensure that you only capture location data when your are working and protect the privacy of outside of working hours.

For further guidance on your obligations when dealing with , see When to use personal data.

Q18:Do I have to tell my staff that I am monitoring their location tracking software or other geolocation data or can I do it covertly?

Yes. For location tracking, it is particularly important for to be made explicitly aware of the extent (and times) which they will be tracked. Monitoring will be considered covert if the members being monitored are unlikely to know the collection of data is taking place.

The advises that covert monitoring can only be legally justified in exceptional circumstances. Carrying out covert monitoring without clear justification will not only represent a of your legal obligations, which can carry significant financial penalties (see Q&A 41), but could also lead to you facing legal claims for invading the privacy of your . As regards members who are , you must not act in a way to seriously damage or destroy the relationship of trust and confidence between you, unless you have good reason to do so. Covert monitoring activities could undercut this duty. The duty forms part of your employment contracts, so if you fail to uphold it, you will be in and your may be able to sue you for it, or resign and claim .

The strongly recommends putting in place an electronic communications policy which explains when and how any location monitoring will take place. Having a policy in place can help to ensure any location monitoring is transparent. The policy must be clear and accessible, and should be as specific as possible (eg specifying exactly how and when you will carry out such monitoring). Template IT, communications and social media policy and can be found using IT, communications and social media policy and Staff privacy notice, or they can be created as part of a using Staff handbook and policies.

In addition, you may consider providing some kind of notification or visible indication to when their location is being tracked. For example, in a vehicle you could have a light or indicator to show when the vehicle's location is being tracked.

Monitoring staff using CCTV or live video feeds
Q19:Am I allowed to monitor staff using CCTV cameras or live video feeds?

Yes, but only in very limited situations.

Although video surveillance is increasingly possible and affordable as technology develops, you must be extremely cautious about monitoring using CCTV cameras or live video feeds. Most commonly, CCTV is installed for , public safety, or to deter theft. Whilst detecting or investigating criminal conduct and promoting public safety are entirely legitimate purposes for installing CCTV or video surveillance systems, as a general rule you must not use footage from such systems to monitor a member of 's general performance, relationships, timekeeping or other working practices.

When considering whether you should implement a tool or plan to monitor using CCTV or video footage, there are a number of steps and considerations you will need to go through first in order to ensure that you are doing so lawfully and in compliance with your obligations, which are designed to protect the privacy of your . Failure to comply with your obligations can result in significant penalties being levied against your business by the (see Q&A 41 for further information about this). You must also bear in mind your equally important wider obligations and duties as an before implementing any such monitoring.

The steps and considerations you must go through are as follows:

  1. Make sure you have a valid reason for monitoring your

    You must identify a clear reason for carrying out the monitoring. You do not have an automatic right to monitor your members using CCTV or video surveillance simply because you are their , and you must consider what you are trying to achieve. See Q&A 20 for further information.

  2. Consider alternatives

    You are not allowed to monitor your members using CCTV or video surveillance if there is a less intrusive way that you can reasonably achieve your purpose. You therefore need to consider what alternatives there are. See Q&A 21 for further information.

  3. Carry out a

    You will need to carry out a before you start to monitor your . This is also a good way to demonstrate that you have complied with your legal obligations. See Q&A 22 for further information and see Impact assessment (monitoring staff via CCTV or video surveillance) for an assessment form tailored to conducting a before monitoring using CCTV cameras or live video feeds.

  4. Keep the extent of your monitoring to a minimum

    You must conduct the minimum amount of surveillance in order to achieve your purpose and you must not usually access or store . This means that you must think carefully about where cameras are positioned (see Q&A 23) and you must avoid capturing and using footage you do not need (see Q&A 24).

  5. Make your aware that they are being monitored

    For video surveillance, it is particularly important for to be made explicitly aware of the location of cameras and when they are being recorded. See Q&A 25 for further information.

  6. Make sure you store any data you collect securely

    You must store the monitoring information you collect securely, and make sure that you keep only the minimum that is necessary. See Q&A 39 for further information.

Q20:Do I need a specific reason for monitoring staff using CCTV cameras or live video feeds?

Yes, you need to identify a clear reason for carrying out the monitoring. You do not have an automatic right to do so simply because you are the individual's .

Most commonly, CCTV is installed for , public safety, or to deter theft. Whilst detecting or investigating criminal conduct and promoting public safety are entirely legitimate purposes for installing CCTV or video surveillance systems, as a general rule you must not use footage from such systems to monitor a member of 's general performance, relationships, timekeeping or other working practices. Think carefully about the specific goal you are trying to achieve and keep this in mind at every stage of the process. The more intrusive the monitoring you plan to undertake, the stronger your justification must be.

Note that the reason you identify must fall within one of the six lawful bases for . In nearly all cases, the legal basis for monitoring using CCTV or video surveillance will be the protection of the of your business, if there is no other way you can do this. See Q&A 21 for further information about your obligation to consider alternatives and When to use personal data for more information about lawful bases for data.

You must make sure you do not justify your monitoring for a reason that relates to any such as sex, race, age, , religion, gender reassignment, marriage or civil partnership status or sexual orientation. For example, you should not justify your monitoring one member of on the basis that they are and you want to ensure that their is not preventing them from complying with your health and safety rules.

Conducting a before implementing monitoring is a good way to make sure your reasons are justified; see Q&A 22 for further information about this and see Impact assessment (monitoring staff via CCTV or video surveillance) for an assessment form tailored to conducting a before monitoring using CCTV cameras or live video feeds.

Q21:Do I need to consider alternatives to using CCTV cameras or live video feeds to monitor staff?

Yes. You must not start monitoring your members using CCTV cameras or live video feeds if there is a less intrusive way that you can reasonably achieve your purpose.

You must be satisfied that the final action you take is reasonable and proportionate, and that you have taken measures to reduce any harmful consequences for individuals. Justifying video surveillance can therefore be challenging, as very often a less intrusive method can achieve the same . For instance, if you are seeking to deter thefts, you could implement other processes (such as changing keyholders or keys, or having more active physical supervision) which in practice may well be more likely to achieve your of deterring theft than simply installing a camera. If the purpose of installing cameras is to protect from potential accidents or hazardous situations, you could alternatively engage in more extensive training and improve your and safety procedures to minimise the risks associated with such hazards or accidents. Such alternatives must be considered and implemented if they would achieve the same benefits as video surveillance, but result in less impact for individuals.

Conducting a before implementing monitoring is a good way to make sure you have properly considered alternatives; see Q&A 22 for further information about this and see Impact assessment (monitoring staff via CCTV or video surveillance) for an assessment form tailored to conducting a before monitoring using CCTV cameras or live video feeds.

Q22:Do I need to carry out a data protection impact assessment before I start monitoring staff using CCTV cameras or live video feeds?

Yes, as using CCTV is likely to result in a high risk to the individuals you are monitoring, having identified a legal basis and purpose for your monitoring (see Q&A 20), you must carry out a . To carry out a , you should weigh up your benefit or interest in carrying out the video surveillance against the impact it will have on the individuals concerned. If there are less intrusive alternatives, you should consider whether these can still achieve the purpose you are seeking (see Q&A 21 for further information about this).

Do not forget that your is not just a box-ticking exercise; you must take appropriate action depending on the recommendations of the assessment. The also recommends that you consult with your workforce when you are carrying out your .

For an assessment form tailored to conducting a before monitoring using CCTV cameras or live video feeds, see Impact assessment (monitoring staff via CCTV or video surveillance) and for a checklist of associated practical considerations to assist in completing the written assessment, see Video surveillance checklist.

For more general guidance about how to carry out a , see Data protection impact assessments.

Q23:Are there any limitations on where I can position cameras if I plan to monitor staff using CCTV or video surveillance?

Yes.

You must always keep your monitoring to the minimum necessary in order to achieve your objectives.

This will require you to think very carefully about the location of any cameras you install or use to monitor . For instance, having a camera in an area where mix with customers or other visitors to your premises, such as a lobby area, exterior, or car park, is likely to result in extensive being captured. You should seek to avoid having cameras which unintentionally capture personal or private activity, or capture the data of visitors or other individuals who are unaware of the recording. This can be particularly challenging with video surveillance, as by its nature it is designed to capture a clear video record of all activity taking place in a given location at any point. You might achieve this by positioning any cameras to cover the smallest possible area to achieve your aims and not recording sound if you do not need to.

You must exercise particular caution around . This private and sensitive information must not be monitored (or indeed even stored or accessed) by your business, unless you have a specific legal obligation to monitor such information, the information has been made public by the individual in question, or there is a clear public interest justification. For instance, if you are carrying out video surveillance in an area where make personal phonecalls, you should ensure no audio is captured to avoid unintentional capture of . Pictures alone are not regarded as .

Conducting a before implementing monitoring is a good way to make sure you have properly assessed the extent of the monitoring you should undertake; see Q&A 22 for further information about this and see Impact assessment (monitoring staff via CCTV or video surveillance) for an assessment form tailored to conducting a before monitoring using CCTV cameras or live video feeds.

See Q&A 24 for what to do if you capture footage you do not need.

Q24:What do I do if footage I do not need is captured on footage from CCTV or video surveillance?

You must always keep your monitoring to the minimum necessary in order to achieve your objectives. This means that you must ensure you only monitor the precise data that is required, for the purpose required.

For instance, if the purpose of your surveillance is to deter from theft, you should not make use of the surveillance footage to monitor what are doing during their breaks or to manage performance of . On occasions, you may capture personal or private activity unintentionally on your surveillance systems. In such circumstances, you should not monitor or store any record of such activity, and should ensure you have taken steps to minimise the risk of such accidental capture occurring. See Q&A 23 for guidance about where to locate cameras in order to reduce the risk of accidental capture occurring.

For further information about using data captured through monitoring for the purposes of disciplining or dismissing a member, see Q&A 40.

Conducting a before implementing monitoring is a good way to make sure you have properly assessed the extent of the monitoring you should undertake; see Q&A 22 for further information about this and see Impact assessment (monitoring staff via CCTV or video surveillance) for an assessment form tailored to conducting a before monitoring using CCTV cameras or live video feeds.

Q25:Do I have to tell my staff that I am monitoring them using CCTV cameras or live video feeds?

Yes. For video surveillance, it is particularly important for to be made explicitly aware of the location of cameras and when they are being recorded before they enter into an area that is being monitored. Monitoring will be considered covert if the members being monitored are unlikely to know the collection of data is taking place.

The advises that covert monitoring can only be legally justified in exceptional circumstances. Carrying out covert monitoring without clear justification will not only represent a of your legal obligations, which can carry significant financial penalties (see Q&A 41), but could also lead to you facing legal claims for invading the privacy of your . As regards members who are , you must not act in a way to seriously damage or destroy the relationship of trust and confidence between you, unless you have good reason to do so. Covert monitoring activities could undercut this duty. The duty forms part of your employment contracts, so if you fail to uphold it, you will be in and your may be able to sue you for it, or resign and claim .

You can notify about surveillance by installing signage, and taking steps to notify all of the location of cameras. Signs should be clearly visible and readable, located at roughly eye level, contain basic contact details for your business (eg website address, phone number or email), and if it is not otherwise evident explain the purpose for the camera. Your signage should also state that your have rights in relation to their and indicate where they can find your full privacy information (eg on your intranet or in your ). You should also have a policy in place to help to ensure any monitoring is transparent. You could include this in your or have a separate policy on CCTV and video surveillance.

Recording staff telephone conversations and meetings
Q26:Am I allowed to record staff telephone conversations or meetings?

You can potentially record telephone calls or meetings with members, although you must ensure you have a clear purpose for doing so, obtain the consent of members, and ensure that making an audio recording is entirely necessary. If recordings are carried out for uncontroversial purposes, eg to provide a record of a customer transaction, there will be no problem with them, so long as you follow the proper procedures.

When considering whether you should record conversations and meetings, there are a number of steps and considerations you will need to go through first in order to ensure that you are doing so lawfully and in compliance with your obligations, which are designed to protect the privacy of your . Failure to comply with your obligations can result in significant penalties being levied against your business by the (see Q&A 41 for further information about this). You must also bear in mind your equally important wider obligations and duties as an before implementing any such practice.

The steps and considerations you must go through are as follows:

  1. Make sure you have a valid reason for recording your

    You must identify a clear reason for recording your . You do not have an automatic right to do so simply because you are their , and you must consider what you are trying to achieve. See Q&A 27 for further information.

  2. Consider alternatives

    You are not allowed to record your if there is a less intrusive way that you can reasonably achieve your purpose. You therefore need to consider what alternatives there are. See Q&A 28 for further information.

  3. Carry out a

    You will need to carry out a () before you start to record your . This is also a good way to demonstrate that you have complied with your legal obligations. See Q&A 29 for further information and see Impact assessment (recording staff meetings and telephone calls) for a template you can use.

  4. Keep the extent of your monitoring to a minimum

    You must conduct the minimum amount of surveillance in order to achieve your purpose and you must not usually access or store . This means that you must carefully consider what calls or meetings to record. See Q&A 30 for further information.

  5. Make your aware that they are being monitored

    must be made explicitly aware that they are being recorded. See Q&A 31 or further information.

  6. Make sure you store any data you collect securely

    You must store the monitoring information you collect securely, and make sure that you keep only the minimum that is necessary. See Q&A 39 for further information.

Q27:Do I need to have a reason for recording staff telephone conversations or meetings with staff members?

Yes, you need to identify a clear reason for recording your members. You do not have an automatic right to do so simply because you are the individual's .

Recording calls or meetings can provide evidence of the terms and timing of a particular transaction or sale, for instance, or can be useful for training purposes. Think carefully about the specific goal you are trying to achieve and keep this in mind at every stage of the process. The more intrusive the monitoring you plan to undertake, the stronger your justification must be.

Note that the reason you identify must fall within one of the six lawful bases for . In nearly all cases, the legal basis for recording telephone conversations and meetings will be the protection of the of your business, if there is no other way you can do this. See Q&A 28 for further information about your obligation to consider alternatives and When to use personal data for more information about lawful bases for data.

You must make sure you do not justify your monitoring for a reason that relates to any such as sex, race, age, , religion, gender reassignment, marriage or civil partnership status or sexual orientation. For example, if you only record the calls of your younger members of on the basis of an unsubstantiated concern that younger members of may not be as effective in the sales process as your older members of , then this could amount to on the basis of age (the position would be different if you wanted to record calls of particular members because of a concern backed up by evidence of failing to meet sales targets).

Conducting a before implementing monitoring is a good way to make sure your reasons are justified; see Q&A 29 for further information about this and see Impact assessment (recording staff meetings and telephone calls) for a template you can use.

Q28:Do I have to consider alternatives to recording staff telephone conversations or meetings?

Yes. You must not start recording your members' calls or meetings if there is a less intrusive way that you can reasonably achieve your purpose.

Implementing a policy which simply allows you to record all telephone calls and all meetings without notice is highly unlikely to be lawful. Such a policy is more likely to be legitimate if it is targeted in a manner which does not have a detrimental effect on the individual concerned. It may be that you simply adopt a policy which allows members to trigger when a recording is made, for instance, so that members of retain control of their . Alternatively, it may be that you adopt a policy which only permits recordings of meetings with an independent present where members have expressly been notified and agreed in advance. Less intrusive alternatives to an audio recording will often exist (such as making contemporaneous notes and/or having an independent attend any meeting). You must be satisfied that the final action you take is reasonable and proportionate, and that you have taken measures to reduce any harmful consequences for individuals.

Conducting a before implementing monitoring is a good way to make sure you have properly considered alternatives; see Q&A 29 for further information about this and see Impact assessment (recording staff meetings and telephone calls) for a template you can use.

Q29:Do I need to carry out a data protection impact assessment before I start recording staff telephone conversations or meetings with staff members?

Yes, having identified a legal basis and purpose for your monitoring (see Q&A 27), you must carry out a , particularly if you are using new technology to monitor. To carry out a , you should weigh up your benefit or interest in carrying out the monitoring against the impact it will have on the individuals concerned. Less intrusive alternatives to an audio recording will often exist (such as making contemporaneous notes and/or having an independent attend any meeting). As part of your assessment, you must consider whether less intrusive alternatives can achieve the same purpose you are seeking. You must be satisfied that the final action you take is reasonable and proportionate, and that you have taken measures to reduce any harmful consequences for individuals.

Do not forget that your is not just a box-ticking exercise; you must take appropriate action depending on the recommendations of the assessment.

For an assessment form tailored to conducting a before recording telephone calls and meetings, see Impact assessment (recording staff meetings and telephone calls).

For more general guidance about how to carry out a , see Data protection impact assessments.

Q30:What do I need to consider when considering which telephone conversations or meetings to record?

When deciding how to go about recording telephone conversations or meetings, you must bear in mind that you should only record and store the minimum amount of data necessary to achieve your desired purpose. This will likely mean ensuring any recording, storage and access is targeted to the particular purpose you have identified for your monitoring. For example, if you need to record calls to provide a record of customer transactions or training purposes, you could have a policy of only recording customer calls and not internal ones.

When recording telephone calls or meetings, there is a risk that you may stumble across . This private and sensitive information must not be monitored (or indeed even stored or accessed) by your busi, unless you have a specific justification (such as an overriding legal obligation to monitor such information, or a clear public interest justification). As a practical step, you might consider encouraging to not conduct sensitive personal conversations on their work telephones.

Q31:Do I have to tell my staff that I am recording their telephone conversations or meetings or can I do so covertly?

Yes, you should notify members in advance of the relevant telephone call or meeting that you will be making a recording of.

Yes, you must notify members in advance of the relevant telephone call or meeting that you will be making a recording of. Monitoring will be considered covert if the members being monitored are unlikely to know the collection of data is taking place.

The advises that covert monitoring can only be legally justified in exceptional circumstances. Carrying out covert monitoring without clear justification will not only represent a of your legal obligations, which can carry significant financial penalties (see Q&A 41), but could also lead to you facing legal claims for invading the privacy of your . As regards members who are , you must not act in a way to seriously damage or destroy the relationship of trust and confidence between you, unless you have good reason to do so. Covert monitoring activities could undercut this duty. The duty forms part of your employment contracts, so if you fail to uphold it, you will be in and your may be able to sue you for it, or resign and claim .

You may provide notice to individual members of specifically, or more generally in a written policy if recordings of telephone transactions are routinely made for or evidential purposes. You should also notify members of the purpose of such recording, and who it will be disclosed to. You must ensure the recording is only used for the stated purpose.

Carrying out drug and alcohol testing on staff
Q32:Am I allowed to carry out drug or alcohol testing on staff?

Yes, but only in limited circumstances and where you follow the proper procedures.You should be cautious about conducting drug or alcohol testing, and should only carry out such testing where it is necessary to detect drinking or drug use which puts the member of or other individuals at risk.

When considering whether you should carry out testing, there are a number of steps and considerations you will need to go through first in order to ensure that you are doing so lawfully and in compliance with your obligations, which are designed to protect the privacy of your . Failure to comply with your obligations can result in significant penalties being levied against your business by the (see Q&A 41 for further information about this). You must also bear in mind your equally important wider obligations and duties as an before implementing any such testing.

The steps and considerations you must go through are as follows:

  1. Make sure you have a valid reason for carrying out drug and alcohol testing on your

    As the samples and results of drug and alcohol testing are , you must identify a clear, justifiable reason for carrying out the testing. Even though your may consent to being tested, you are not allowed to rely on this as the sole justification for it See Q&A 33 for further information.

  2. Consider alternatives

    You carry out drug and alcohol testing on your if there is a less intrusive way that you can reasonably achieve your purpose. You therefore need to consider what alternatives there are. See Q&A 34 for further information.

  3. Carry out a

    You will need to carry out a before you carry out testing on your . This is also a good way to demonstrate that you have complied with your legal obligations. See Q&A 35 for further information and see Impact Assessment (drug and alcohol testing) for a template you can use.

  4. Keep the extent of your monitoring to a minimum

    You must conduct the minimum amount of monitoring in order to achieve your purpose. This means you need to think very carefully about what type of tests to carry out (see Q&A 36) and how frequently (see Q&A 37).

  5. Make your aware of the testing

    Any testing for drugs or alcohol must be transparent and must be aware that drug and alcohol testing is taking place. See Q&A 38 for further information and see Staff handbook and policies for a drugs and alcohol policy which you can adapt to suit your needs.

  6. Make sure you store any data you collect securely

    You must store the monitoring information you collect securely, and make sure that you keep only the minimum that is necessary. See Q&A 39 for further information.

Q33:Do I need to have a specific reason for carrying out drug or alcohol testing on staff?

Yes. As the samples and results of drug and alcohol testing are , you must be very careful to identify a clear and justifiable reason for carrying out the testing.

Drug and alcohol testing is more likely to be justified where it is necessary to detect drinking or drug use which puts the member of or other individuals at risk; if this is not the case, regular testing is unlikely to be justified. For instance, in a transport business a random drug test on a coach driver is more likely to be justified than a random drug test on a ticket office booking . Any ad hoc testing, which is not part of a regular testing process, should be clearly based on evidence or a particular incident, rather than your own unsubstantiated suspicion. You must make sure you do not justify your decision to test for a reason that relates to any such as sex, race, age, , religion, gender reassignment, marriage or civil partnership status or sexual orientation. For example, if your policy is to carry out random drug tests in order to ensure the safety of drivers, these tests must be genuinely random and you must not single out on the basis of race or age.

You must always consider whether there is a less intrusive way of meeting your goal; see Q&A 33 for further information about this.

Justifying drug and alcohol testing can therefore be challenging, as the threshold is high. In all cases, you must have a clear drug and alcohol policy in place so that members are aware both of your expectations and of the fact that testing may take place. Note that, although you must obtain the consent of before implementing any drug and alcohol testing , you cannot rely on consent as the sole legal basis or justification for your drug and alcohol testing This is because consent is not regarded as freely given or valid if a member has no genuine choice but to agree to it. This is particularly important in the context of drug and alcohol testing, where members are likely to conclude that refusing to take a test is likely to result in certain negative inferences being drawn. See Q&A 38 for further information about making aware of testing and obtaining consent.

As the justification for carrying out drug and alcohol testing will most likely be to assess the working capacity of , you will need to have a medical professional conduct the necessary testing.

Conducting a before carrying out testing is a good way to make sure your reasons are justified; see Q&A 35 for further information about this and see Impact Assessment (drug and alcohol testing) for a template you can use.

Q34:Do I need to consider alternatives to drug and alcohol testing on my staff members?

Yes. You must not carry out drug and alcohol testing if there is a less intrusive way that you can reasonably achieve your purpose.

You must be satisfied that the final action you take is reasonable and proportionate, and that you have taken measures to reduce any harmful consequences for individuals. For example, following an incident in the workplace, you should only use drug or alcohol testing where it will be significantly more effective at demonstrating your member's impairment than other alternatives. In the first instance, it may be most appropriate for you to simply carry out a hand-eye co-ordination or cognitive ability test.

Conducting a before implementing monitoring is a good way to make sure you have properly considered alternatives; see Q&A 35 for further information about this and see Impact Assessment (drug and alcohol testing) for a template you can use.

Q35:Do I need to carry out a data protection impact assessment before I carry out drug or alcohol testing on staff?

Yes. Having identified a purpose for your testing (see Q&A 33), you must carry out a . To carry out a , you must weigh up your benefit or interest in carrying out the drug and alcohol testing against the impact it will have on the individuals concerned. The extent of the testing you plan to carry out must be assessed and if there are less intrusive alternatives, you should consider whether these can still achieve the purpose you are seeking.

Do not forget that your is not just a box-ticking exercise; you must take appropriate action depending on the recommendations of the assessment.

For an assessment form tailored to conducting a before carrying out drug or alcohol testing on , see Impact Assessment (drug and alcohol testing).

For more general guidance about how to carry out a , see Data protection impact assessments.

Q36:How do I decide on what type of drug or alcohol test to carry out on my staff?

When deciding exactly how you will carry out the monitoring necessary to achieve your purposes, you must ensure you minimise the extent of your testing to the greatest extent possible to achieve your desired purpose. This will require you to think very carefully about the type of testing you carry out, as well as the frequency with which you carry out testing (see Q&A 37) and the period of time for which you retain the results (see Q&A 39).

If you deem drug and alcohol testing necessary, you must be careful to ensure the extent and intrusiveness of the testing you carry out is proportionate to the risk. Some tests are designed to detect the use of a particular drug within the previous eight hour period, for instance, whereas other tests can detect the use of a wider range of substances over a longer period. A positive test result may therefore indicate that a member of has taken a particular substance, but it will not necessarily mean that the member of was under the influence of that substance when they were tested. In the first instance, both to save costs and to avoid the potential complexities, it is often more appropriate for you to simply carry out a hand-eye co-ordination or cognitive ability test.

Your should assist in identifying the least intrusive form of testing for the purpose required; see Q&A 35 for further information about this and see Impact Assessment (drug and alcohol testing) for a template you can use.

Q37:How frequently can I carry out drug and alcohol testing?

When deciding exactly how you will carry out the monitoring necessary to achieve your purposes, you must ensure you minimise the extent of your testing to the greatest extent possible to achieve your desired purpose. This will require you to think very carefully about the frequency with which you carry out testing, as well as the type of testing you carry out (see Q&A 36) and the period of time for which you retain the results (see Q&A 39).

Any kind of frequent, blanket testing where, for example, you test for all substances consumed in the previous month and store the results for significant time is unlikely to be justifiable. Instead, you should carry out targeted testing which seeks only to identify consumption of drugs or alcohol which is likely to directly affect the individual's ability to work and/or pose a risk to other or customers.

Your should assist in identifying the least intrusive form of testing for the purpose required; see Q&A 35 for further information about this and see Impact Assessment (drug and alcohol testing) for a template you can use.

Q38:Do I have to tell my staff that I am going to carry out drug or alcohol testing on them?

Yes. Any testing for drugs or alcohol must be transparent and must be aware that drug and alcohol testing is taking place. Covert testing where an individual is unaware they are even being tested is never likely to be permitted, not least because informed consent will be required in order to validly obtain the necessary sample to test an individual for drugs or alcohol.

Carrying out covert testing without clear justification will not only represent a of your legal obligations, which can carry significant financial penalties (see Q&A 41), but could also lead to you facing legal claims for invading the privacy of your . As regards members who are , you must not act in a way to seriously damage or destroy the relationship of trust and confidence between you, unless you have good reason to do so. Covert testing would almost certainly undercut this duty. The duty forms part of your employment contracts, so if you fail to uphold it, you will be in and your may be able to sue you for it, or resign and claim .

You can ensure members are aware of when and how testing will take place by including the relevant details in a drug and alcohol policy. Your drug and alcohol policy should set out your expectations in a clear and measurable way and make members fully aware of the possibility of testing taking place, when and how such testing will be conducted, and the likely consequences of a failed test. For a drugs and alcohol policy which you can adapt to suit your needs, see Staff handbook and policies (where you can choose to generate the policy either on its own or as part of a full ).

Storing and data collected through staff monitoring
Q39:How should I store the data I have collected through staff monitoring?

You must store the monitoring information you collect securely and make sure that you keep as little data as necessary. Depending on the nature and purpose of the monitoring you are carrying out, you may not need to store any data at all unless you come across some anomalous activity. You must also delete the information promptly when it is no longer required. Only keep data you collect for the minimum amount of time necessary to achieve your , and keep this under review.

Failing to store data properly will represent a of your legal obligations, which can carry significant financial penalties (see Q&A 41). As regards members who are , you must not act in a way to seriously damage or destroy the relationship of trust and confidence between you, unless you have good reason to do so. Failing to comply with your obligations regarding storage of their data could undercut this duty. The duty forms part of your employment contracts, so if you fail to uphold it, you will be in and your may be able to sue you for it, or resign and claim .

See Data retention and Secure data storage for detailed guidance about how to store and delete data securely.

Q40:Am I allowed to use the data collected through staff monitoring for disciplinary purposes or as a basis for dismissal?

The general rule is that you must only use the data for the purpose you collected it and need to be aware of this purpose. Therefore, if an intended consequence of your monitoring is that it could trigger disciplinary action, or dismissal, you must be clear with that the monitoring is being carried out to ensure members are complying with their obligations to you, what standards are expected, and what the likely consequences are if your monitoring reveals that a member of has not met those standards. This information could be set out in the relevant policy in your or in the notification you sent to before you started the monitoring. Provided you have done this, you can potentially use any data you have collected to discipline or dismiss a member of .

If your monitoring was carried out for a purpose other than to check that are complying with their obligations to you, the position will be different. For example, in most cases CCTV is used for reasons, for public safety reasons, or to deter theft. Using data from video surveillance for another purpose such as monitoring or policing general performance and working practices of a member is considered highly intrusive and is far less likely to ever be justifiable. You must only use the video footage for the specific purpose for which it was collected.

A caveat to this is that you may be justified in using information collected through monitoring for a purpose other than that for which it was originally introduced if it reveals activity that no could reasonably be expected to ignore. Therefore if a telephone call recorded for training purposes reveals that your member has been abusing customers or revealing confidential information, for example, you may be justified in using this for disciplinary purposes.

In addition, for investigation or detection of crime, exceptions exist which allow you to use the data free from restriction. So a complaint of sexual , for instance, could be investigated by accessing emails or reviewing CCTV footage even if the collection or monitoring of such data was not originally carried out for that purpose.

If you use data collected through monitoring for disciplinary purposes, you must present it to your member and allow them to make representations about it before you take action. For more information about disciplining , see Taking disciplinary action.

Consequences of unlawful monitoring
Q41:What are the consequences of unlawfully monitoring staff?

In the most serious cases, carrying out unlawful monitoring of can result in a significant fine of up to £17.5 million or 4% of your global (whichever is higher).

The has a range of penalties and sanctions available for . Generally, less serious or first-time offences are likely to result in a less serious penalty, however this will depend on all of the circumstances. The has discretion to issue the following penalties to anyone carrying out unlawful monitoring of :

  1. Warnings

    If the believe that you have not yet law, but that you are likely to do so unless you change something about the way you are handling data , they can issue a warning. For example, they could warn you that you do not have an appropriate IT or web usage policy which notifies that monitoring will take place. If you ignore this warning, and then monitor ' web usage without notice, the penalties imposed on you could be much more severe.

  2. Reprimands

    A reprimand is a formal caution that you have law. You may be reprimanded in addition to other penalties. If you have been reprimanded and you later law in a similar way, the penalties imposed on you could be much more severe.

  3. Orders to change your systems

    If the believe that the systems you use to process are not compliant with law (eg you leave location data tracking on as default in your cloud-based applications, or your systems carry out blanket monitoring of data rather than more targeted monitoring), they may order you to alter your systems to fix these problems.

  4. Temporary or permanent bans on data

    A ban on data (even only a temporary one) will usually only be issued if you have very severely law. To be banned from , there would likely need to be a significant failure by you to meet your legal obligations (for instance engaging in unlawful covert monitoring of ).

  5. Fines

    Any of law can be met with a fine of up to £17.5 million or 4% of your global (whichever is higher), depending on the severity of the wrongdoing. While fines anywhere near that size are extremely unlikely for all but the biggest by major , smaller fines could be imposed alongside other penalties if you engage in unlawful monitoring of (particularly for deliberate attempts to conceal or cover up such monitoring, or involving particularly ).

In addition to the 's sanctions and penalties, you could also be sued by your member for if you fail to uphold the relationship of trust and confidence between you by carrying out covert monitoring.