This case — where a manager revealed a staffer’s mental illness to her colleagues — reveals a lot about when employees do and don’t have privacy in the workplace.
A female employee worked in the Real Estate Title Department for Yum! Brands, the parent company of Pizza Hut, Taco Bell and a number of other food franchises.
The staffer also suffered from bipolar disorder. She took medication to treat it, but it wasn’t always successful, and she occasionally missed work due to the side effects.
After one such absence, the employee returned to work to find that her manager had told everyone that the worker had bipolar disorder.
The staff member then claimed that her co-workers began to shun her. One even asked her if she was going to “go postal.”
She was fired soon after.
Does it have to be in writing to be a privacy violation?
The employee sued, claiming “invasion of privacy by public disclosure of private facts.”
The company argued that cases claiming “invasion of privacy by public disclosure of private facts” hinged on the need for the disclosure to be in writing, not by word of mouth.
The district court bought the argument (which was based on a ruling from 1931). The appeals court, however, said no way.
The court’s reason: Limiting the privacy law to only disclosures made in writing defeats the basic purpose of the law — to allow people to control the kind of info about themselves that’s made available to the public.
All the ways to violate privacy
So where does employee privacy in the workplace come into play here?
Barker Olmsted & Barnier attorney Christopher W. Olmsted notes that there are two types of privacy that firms should be concerned about violating. They include:
- informational privacy, or the disclosure of confidential and sensitive info, and
- autonomy privacy, which “gives employees the right to making intimate personal decisions or conduct personal activities without observation or interference.”
The ways employers can violate staff members’ privacy in the workplace is, unfortunately, rather large. They include:
- revealing medical info
- asking staff to take suspicion-less drug tests (excluding pre-hire and some random drug tests)
- disclosing reasons for firing someone to people who don’t need to know
- monitoring staff via video, audio or computer usage in areas where there’s a reasonable expectation of privacy
- searching employees and their property, and
- conducting intrusive investigations.
3 major takeaways
So what should companies do to stay on the right side of the law when it comes to employee privacy?
Olmsted advises:
“Medical information and other sensitive data about employees should be stored in a secured location with limited access. Exercise control and care when disclosing information to company representatives for a variety of legitimate business reasons, including accommodations. Fundamentally, employers should train supervisors to refrain from disclosing confidential information about employees.”