What does privacy mean in duty of care context? How do both apply to organisations, enterprises, employees and extended networks? Most understand 'duty of care' as "moral or legal obligation ensuring others' safety and well-being." However, privacy in duty of care contexts has integrated into every daily working life avenue.
Society is flooded with security breaches and cyber-attacks, particularly amidst COVID-19. The crisis brought cyber pandemic and fivefold cyber attack increases by April 2020. We're targeted daily by imposters claiming parcel re-delivery or banks, prompting card detail entry.
"Majorities think personal data is less secure now, data collection poses more risks than benefits, and believe it's impossible going through daily life without tracking."
Given Europe's GDPR (May 2018) and CCPA (effective January 2020), enterprises must protect customer data constantly. "Half of CEOs surveyed by WEF cited regulation as 2021 priority. This reflects rising government assertiveness around privacy, data and health—amplified by COVID-19."
Trust is business-essential. Privacy or duty of care breaches sabotage brand reputations entirely. People work for and buy from reputable, credible companies keeping data secure. "Data's business value has never been greater. Trade secret or IP loss impacts future innovations and profitability. Trustworthiness is increasingly consumer-important; 75% won't purchase from companies they don't trust protecting their data."
The GDPR Effect: Duty of Care and Privacy Status Shift
"81% of Americans say data collection risks outweigh benefits; 66% say the same about government collection."
To provide duty of care obligations to customers, businesses need solutions actively protecting customer data. "Consumer awareness of data privacy importance is rising. Fueled by increasing public demand, multiple new privacy regulations were enacted, including Europe's GDPR (May 2018) and CCPA (January 2020)."
Failing to follow GDPR or CCPA results in detrimental brand press and public scandal, as Cambridge Analytica's corruption demonstrated.
"Companies overlooking duty of care to customers after data breaches experienced significant, long-lasting reputational damage plus financial penalties by regulators."
Why is data privacy so important? "Robust data security strategies protect information assets against cybercriminals but guard against insider threats and human error—leading data breach causes. Data security deploys tools and technologies enhancing critical data visibility and use location. Ideally, tools apply protections like encryption, data masking, and redaction, automating compliance reporting."
Digital transformation profoundly affects business operations and competition. As created, stored and manipulated data volumes grow, data governance need grows. Computer environments spanning public clouds, enterprise data centers, IoT sensors, remote servers and robots expand. Businesses and enterprises have extensive duty of care protecting customer data privacy.
Recent trends see business enterprises implementing GDPR board-wide for compliance and preparedness. "This trend differs across regions. US companies leverage CCPA collecting more data; Asia Pacific companies default to GDPR leveraging EU data sharing. Therefore, privacy expert, tool, consultant and practice investments will increase dramatically in 2021."
"Many countries stepping forward declare data protection importance showing consumers' rights matter. Major markets like Brazil, China and India implementing these regulations will incentivise smaller countries following suit, creating emulation frameworks."
In duty of care context, privacy is valued when enacted helping, supporting and protecting customers—especially when something goes wrong. Failing to protect customers and their data prompts swift brand abandonment.
Employing Duty of Care and Privacy-First Approach in the Workplace
Basic confidentiality common law level determines workplace privacy meanings and duty of care employers must fulfill to individual employees.
"Legal confidentiality obligation is common law—evolving with case law. The so-called common law duty of confidentiality is complex: essentially, shared personal information in confidence mustn't be disclosed without legal authority or justification. Practically, this often means information cannot be disclosed without explicit consent unless another valid legal basis exists."
In simpler terms: Although constantly evolving with common law, common law duty of confidentiality protects employee private information from disclosure in normal situations. Only with legal necessity or individual consent can this happen. Therefore, basic duty of care is ensured.
Organisations' duty of care isn't only offline in technology-obsessed worlds. A new statutory duty of care was set monitoring online platforms and end-user privacy through the UK Government's Online Harms White Paper (2019).
"Social media platforms, file hosting sites, online discussion boards, messaging services and search engines, plus other 'user-generated content sharing or online interaction allowing' businesses, will be subject to new duty. An independent regulator oversees compliance, which government said industry would fund."
The regulator was proposed having legal obligation to 'pay innovation due regard' and 'protect online users' rights'—particularly privacy and freedom of expression rights.
Recent UK media events highlighted ensuring duty of care obligations to employees after hours, with Sarah Everard's story sparking female security movements.
"Thousands of women shared experiencing unsafe feelings or sexual harassment while alone following Sarah Everard's disappearance."
Organisations monitoring employee safety status with protective intelligence technologies deployed should be privacy-first and user-consent driven. End-users determine tracking and can disable active tracking when safely reaching destinations or no longer feeling at-risk.
Recent years have spotlighted employers' duty of care over employee importance. Post-COVID pandemic, increased UK terror threat levels, organisations focused on both protecting workplace mental health and adopting more hybrid working. Companies are much more 'woke' regarding people wellbeing protection.
Performance management technology example? BambooHR uses geolocation technology recording employee locations and timesheets. The HR platform states: 'Geolocation in Time Tracking BambooHR Mobile app helps make your workforce that much more transparent.' Employee privacy remains protected when they clock out; employees must first willingly opt in.
Let's consider how duty of care evolved into 'reasonable care' during pandemic: "'Reasonable care' means employers assess potential risks, harm to employees and others, plus implementable safety precautions eliminating or minimising risk to reasonably practicable levels."
This obligation becomes complicated considering all remote employees. Two major aspects: protecting individual privacy and taking reasonable care shielding employees from foreseeable harm. Duty of care cannot be delegated to another person or organisation; it entirely rests with the organisation in question. Brand reputation undoubtedly suffers should duty of care or privacy protection malpractices get reported.
Employees now drive employers taking duty of care seriously. Safety, flexibility and wellness are top workplace priorities: Safety: "Workplace safety isn't just manufacturing and warehouse topics. Employers need policies and procedures ensuring office workers feel safe." Flexibility: "Pre-pandemic, flexibility was perk; now it's necessity. Attracting and retaining talent requires flexibility offering. Flexibility benefits companies too—flexible schedules increase morale and productivity while reducing stress." Wellness: "Health care benefits and wellness initiatives have added focus. Employees compare current benefits to prospective employers' benefits, particularly mental health and wellness."
The trends in 2021 prompted major workplace adaptations, including increased technology use and significant mindset shifts. Employees now require feeling safe, well and provided with flexible opportunities. Organisations must provide duty of care rivaling competitors and previous workplaces. In this age, duty of care obligations cannot be ignored.
Takeaways
Answering "What does privacy mean in duty of care context?"—protecting employee privacy IS organisational duty of care culture integral parts. After all, "Trust consists of three components: what you say, what you do, and how you perform."
Trust depends on employees and customers maintaining brand confidence. Organisations must be reliable, dependable, accountable and transparent—internally and externally—in duty of care and data privacy and confidential information handling, particularly with GDPR and CCPA legislation changes.
Modern circumstances—COVID-19 impact, online activity boom, terror threats and hybrid working—have married organisational obligations ensuring sufficient duty of care and privacy protection for employees and extended networks. Perhaps technology provides both necessities' solution.
