Issues arising from disclosure

Privacy and confidentiality

15.69 A key challenge is to ensure that measures likely to lead to disclosure of family violence contain appropriate privacy safeguards regarding the handling of that personal information. This is particularly important given that concerns about privacy appear to be a central barrier to disclosure of family violence in the context of employment.

15.70 There are several key issues with respect to privacy and confidentiality: general obligations under the Privacy Act 1988 (Cth) and the Fair Work Act; the employee records exemption under the Privacy Act; andthe need for guidance material and workplace policies regarding the protection of employees’ personal information. The ALRC ultimately recommends that the OAIC and the FWO should, in consultation with unions and employer organisations, develop or revise guidance material with respect to privacy obligations arising in relation to disclosure of family violence in an employment context.

The Privacy Act and the Fair Work Act

15.71 Where employees experiencing family violence disclose family violence to employers or others, issues of privacy arise.

15.72 The principal piece of federal legislation governing information privacy in Australia is the Privacy Act 1988,which regulates the handling of personal information by the Australian Government and the ACT Government—to which 11 Information Privacy Principles apply; and the private sector—to which 10 National Privacy Principles apply.^[65]

15.73 There is limited privacy protection for private sector employees under either the Privacy Act or the Fair Work Act. However, the Fair Work Act does contain some provisions with respect to employer obligations in relation to employee records.^[66] For example, s 107 of the Fair Work Act notes that personal information disclosed to an employer for the purposes of accessing leave under the NES may be regulated by the Privacy Act. Further, s 535 of the Fair Work Act requires employers to make, and keep for seven years, employee records of the kind prescribed in the Fair Work Regulations, which include: basic employment details; leave entitlements; and individual flexibility arrangements.^[67] Of particular relevance in light of discussion of these issues in Chapters 16 and 17, is the requirement that employers must make and keep records which, in relation to leave, set out any leave the employee takes,^[68] and in relation to individual flexibility arrangements, include a copy of the agreement.^[69] The Fair Work Regulations only require employers to maintain, provide access to, and correct records for inspection and auditing purposes, rather than to protect the privacy of those records.

Employee records exemption

15.74 Under the Privacy Act, the handling of an ‘employee record’ by a public sector employer is treated differently from the handling of such a record by a private sector employer. Section 6 of the Privacy Act defines ‘employee record’ as a record of personal information relating to the employment of the employee.^[70] To the extent that disclosure of family violence to employers is related to the employment of the employee—for example, for the purposes of obtaining leave or utilising provisions of a family violence clause in an enterprise agreement—it is personal information that constitutes an employee record.

15.75 Government agencies must handle employee records in compliance with the Privacy Act. Private organisations, however, are exempt from the operation of the Act where an act or practice is related directly to: the employment relationship between the organisation and the individual; and an employee record held by the organisation.^[71] This exemption is usually referred to as the ‘employee records exemption’.

15.76 While this type of information was considered ‘deserving of privacy protection’ when the privacy legislation was extended to the private sector in 2000, the Government noted that ‘such protection is more properly a matter for workplace relations legislation’.^[72]

15.77 In For Your Information: Australian Privacy Law and Practice,ALRC Report 108 (2008) (For Your Information), the ALRC concluded that there is no sound policy justification for retaining the employee records exemption and recommended its removal.^[73] Specifically, the ALRC stated that there is a lack of adequate privacy protection for employee records in the private sector, despite the sensitivity of personal information held by employers and the potential for economic pressure to be exerted over employees to provide personal information to their employers. The ALRC concluded that privacy protection of employee records should be located in the Privacy Act to ensure maximum coverage of agencies and organisations and to promote consistency, but commented that this protection should be in addition to that provided by other laws, such as the relevant provisions in the then Workplace Relations Regulations.^[74]

15.78 Stakeholders in this Inquiry expressed differing views with respect to the employee records exemption. As outlined in the Family Violence—Commonwealth Laws, ALRC Discussion Paper 76 (2011), stakeholders such as the Australian Chamber of Commerce and Industry opposed its removal,^[75] however the OAIC and others supported the removal of the exemption to ‘better protect and support those experiencing family violence’.^[76]

15.79 Concerns about privacy may result in employees being reluctant to disclose family violence. To the extent that the employee records exemption may create any additional concerns or barriers on behalf of employees, which may discourage disclosure of family violence, the ALRC considers that this (in addition to the policy reasons expressed in For Your Information) provides an additional consideration in support of amendment of the Privacy Act to remove the employee records exemption. In light of the ALRC’s previous exposition of this issue and the Australian Government’s commitment to considering whether the employee records exemption should be retained,^[77] rather than making a recommendation in this Report, the ALRC simply reiterates the views expressed in For Your Information.

Guidance material and workplace policies

15.80 In this Report, the ALRC makes a number of recommendations likely to increase disclosure of family violence by employees in an employment context, for example to access leave or flexible working arrangements. A number of stakeholders emphasised the need to maintain the confidentiality of any information about family violence disclosed to an employer, particularly where such disclosure is required to access workplace rights or entitlements.^[78]

15.81 As a result, the development or revision of existing workplace approaches and policies may be required to ensure that information about family violence is handled sensitively and appropriately. While, in many cases, workplaces may already have adequate privacy policies in place, the ALRC considers that additional guidance may be necessary.^[79]

15.82 The OAIC and the FWO currently produce a variety of material. For example, the OAIC produces a range of information sheets, case notes and other publications. FWO produces a Best Practice Guide on Workplace Privacy.^[80] The ALRC recommends that the OAIC and FWO, in consultation with unions and employer organisations, should develop or revise guidance for employers which, as well as ensuring compliance with obligations arising under the Privacy Act, specifically safeguards the personal information of employees who have disclosed family violence.^[81]

15.83 While some stakeholders supported the development of a model policy or clause,^[82] the ALRC considers that the development of comprehensive guidance material, rather than a model policy, would be more effective. As noted by the OAIC, the ‘availability of a model privacy policy may encourage organisations to adopt such a policy without consideration for the particular circumstances of that specific workplace’.^[83]

15.84 The ALRC considers that any guidance material should contain information in relation to existing privacy obligations; roles and responsibilities; processes and procedures; and the potential effects of any applicable mandatory reporting or other requirements.^[84]

15.85 In For Your Information, the ALRC recommended that the then Office of the Privacy Commissioner, should develop and publish specific guidance on the application of the Privacy Act to employee records to assist employers in fulfilling their obligations.^[85] The OAIC supported the development and publication of guidance if the Australian Government removed the employee records exemption from the Privacy Act.^[86]

Verifying family violence

15.86 While ensuring that the needs of employees experiencing family violence are met, there is also a need to preserve the integrity of the system to ensure disclosure of family violence is not seen as an easy way to gain additional entitlements. The need to avoid ‘incentivising’ a claim of family violence is a theme of this Inquiry discussed in Chapter 2. To ensure the integrity of the employment system, it is necessary, in certain circumstances, to require verification of claims of family violence.^[87]

15.87 Verification of family violence within the employment law system is discussed in Chapters 16 and 17, in particular, in relation to requirements under s 107 of the Fair Work Act for accessing leave under the NES and as a component of a family violence clause in an enterprise agreement or modern award. In Chapter 17, the ALRC recognises that, in order to preserve the integrity of the leave system, there is a need to ensure that employees accessing family violence leave are subject to the same requirements to demonstrate their entitlement to the leave as other forms of leave.

15.88 A key issue arises as to the type of verification of family violence that should be required. For example, in the context of access to family violence leave, stakeholders suggested that a wide range of documentary verification to support a claim of family violence may be appropriate, including a document issued by:

• a police officer;
• a court;
• a health professional, including doctor, nurse or psychiatrist/psychologist;
• a lawyer;
• a family violence service or refuge worker; and/or
• the employee, in the form of a signed statutory declaration.^[88]

15.89 The OAIC emphasised the importance of individual choice with respect to verification or demonstration of an entitlement to a particular benefit:

Where there is more than one acceptable way of demonstrating an entitlement it is often better practice to offer alternatives and give individuals the choice as to the personal information they provide. Providing choice as to the source of information enables individuals to exercise a level of control over their personal information and may assist in minimising barriers to disclosure.^[89]

15.90 Where relevant in Chapters 16 and 17, the ALRC has noted the need for verification of family violence. The ALRC considers that providing employees and employers with information about what might constitute appropriate verification could form part of the national education and awareness campaign or a workplace policy and be included in material about developing family violence clauses in enterprise agreements.