Save by Comparing HR Consultant Quotes Have you used HR service providers before? Compare quotes - it only takes a minute
Compare HR Service Providers Today Compare Quotes - it only takes a minute

Employee privacy and employee confidentiality: Know the laws

As a small business employer it’s important to respect employee confidentiality, but do you know your workers' rights? Read on to find out…

Our experts

We are a team of writers, experimenters and researchers providing you with the best advice with zero bias or partiality.

This article was co-authored by:

Updated January 2019

Many employers are unaware of their employee’s rights when it comes to privacy and other issues at the workplace.

Unfortunately, this is an area where ignorance is definitely not bliss, and could potentially land you in a lot of trouble.

Employee rights to privacy at work

As an employee you have rights, by law, to your own privacy at work – within limitations of course.

According to the law that stands today, there are three main privacy rights that employees have, which both an employer and employee must abide by – use of telephone and email, surveillance and the right to protect personal data; the latter reflecting both parties.

A general rule of thumb is to allow your employees privacy and help them feel comfortable in the office for example; let them have a personal space in the office, make space in office cupboards or provide lockers.

What is GDPR and why is it good for business?

Use of telephone and email

An employer needs to follow the guidelines outlined in the Human Rights Act and respect the private life of an employee. This means that throughout the working day, employees are allowed by law to use telephone and email for private purposes, not only during break times but throughout the day.

Of course there need to be restrictions on this, and employers tend to expect that an employee’s usage is within reason. An abuse of this right can lead to a reprimand and possible disciplinary action.


With regards to surveillance, employers are allowed to monitor their employees throughout the working day. Again, there are limitations in terms of what is allowed to be recorded or listened to. For example, an employer is not allowed to hide cameras in the office areas, as these places are intended for staff to relax over lunch or during their breaks.

If employees discover that their conversations and movements are being monitored, this can lead to unnecessary stress, which has the potential to lead to health complications in an individual. It can also reflect badly upon the employer. However, employers are allowed to monitor employees in a professional manner, such as when working at desks. It is when it becomes evident that a call or email is personal or private that this right to monitor.

An employer who monitors their staff must abide by some rules. They must have a just cause for monitoring, they must make their employees fully aware that they are being monitored and the reasons why, and only one or two people can be able to access any recorded data.

If an employer does not comply with these rules then they are in breach of the Data Protection Act (soon to be the GDPR). For example, an employer cannot just hide cameras in a stack of cardboard boxes in a stock room or behind the photocopier – they must be on display and evident to all staff. The only occasion when an employer can conduct covert surveillance is if they have evidence of criminal activity.

Protection of personal data

The protection of personal data is very important. Even from the very beginning when someone applies for a job, an employer can gain knowledge of personal data including name, address and contact details. By law they are not allowed to misuse or broadcast any of this information. It is important to keep employee information and files away from public access – get some handy document storage boxes. If that person goes on to become a member of staff, an employer will probably find out their next of kin, ethnic origin, sexuality, religious beliefs and more – this must all be kept strictly confidential. If an employer is thought to have misused an employee’s personal data, they are in breach of the law and this can lead to a court case.

Meanwhile, an employee has the right to know what their personal details are being used for, if any checks have been carried out on them (such as CRB checks), the results of any checks, exactly what the employer knows about them (this can be requested and an employer has to comply within 40 days), whether their details are secure, and finally they have the right to refuse any tests or checks that have no business purpose. If an employer does not abide by this, staff can go to the police.

Likewise, the employee must also protect any sensitive data about the company they work for and not pass anything on to a third party. Breach of this can lead to disciplinary action and even dismissal.

Protecting the privacy of an employee is incredibly important when you are an employer. Legal factors must be considered if you intend to conduct surveillance and monitor your employees. If there is just cause for you to do so, and you have made sure that employees are fully informed, most employees will not strongly object to the idea. This is especially true if it is being done for security and safety reasons. The worst thing an employer can do is hide it from their staff – this can lead to all sorts of difficulties and may result in legal proceedings.

Whether you are an employer or an employee, it’s important to know your privacy rights in the workplace so that you make sure you are not in breach of any regulations.

Aimee Bradshaw
Aimee Bradshaw

Writer and researcher

Aimee recently joined Startups as resident expert in business tech, products, and services. Having ran her own egg delivery business from the age of 12, she is an advocate of self starters and small businesses.

Get the latest Startup news and information

Please verify before subscribing.