IGA News

Be Aware - December 2017

Be Aware - December 2017

30 November 2017

Can An Employer Postpone Parental Leave?

“One of our staff is the partner of a pregnant woman who is due to give birth in late December. He is not the biological father of the baby but has taken on parental responsibility. He has now put in a request for parental leave for 3 weeks over Christmas and New Year.

Our holiday policy is that holiday is granted on a first come, first served basis. Several people in the same department have already submitted and been granted holiday over the same period and no further request would be granted.

If we give our employee his parental leave, we will have to turn work away as we won’t have enough staff to carry it out. None of those people who have already been granted holiday are prepared to cancel it.

Can we turn down the request for parental leave on the dates he has requested and/or grant it for a couple of weeks later?”

In this situation, we have to advise that parental leave can’t be postponed (delayed) if:

  • The employer doesn’t have a “significant reason” e.g. it would cause serious disruption to the business;
  • It is being taken by the father or partner immediately after the birth or adoption of a child;
  • It means an employee would no longer qualify for parental leave, e.g. postponing it until after the child’s 18th birthday.

If it is postponed, the employer:

  • Must write explaining why within 7 days of the original request;
  • Suggest a new start date – this must be within 6 months of the requested start date;
  • Can’t change the amount of leave being requested.

Employers must therefore be very careful when dealing with requests for parental leave and expert advice should always be sought if there is uncertainty about whether it is safe to postpone or not.

Are You Ready for the General Data Protection Regulations - ICO Updates and Fines

The GDPR has effectively rewritten the Data Protection Directive, the mainstay of current data protection regime. From May 2018, the GDPR will have a significant effect on your responsibilities when storing data and the uses you can put data to. All businesses are affected, particularly where they use customer details for marketing purposes or exchange them with other businesses in any way. Failure to get this right can result in fines, or worse.

In this part of our series covering this significant change to the law, we look in more detail at some recent guidance and fines offered by the ICO as businesses start to take steps in preparation for the 25 May 2018

Registering as a Data Controller

Under the current Data Protection Act (DPA), organisations that process personal information are required to notify with the ICO as data controllers unless an exemption applies. The ICO have provided a simple to use assessment process to ascertain whether you need to be registered which can be found here.

If you are a motor trader and not registered with the ICO we recommend that you complete the assessment as a priority and register as appropriate.

Whilst the notification requirements under the GDPR will change, current proposals continue to make it a legal requirement for data controllers to pay the ICO a data protection fee.

Whilst the proposals are yet to be fixed, the new funding system will come into play from 01 April 2018. Further details can be found here.

Updating account details and updating databases

In July the ICO issued a timely reminder that anyone looking to prepare for the GDPR must remember that the current law will still have to be considered.

An investigation by the ICO found that WM Morrison Supermarkets PLC (“Morrisons”) sent emails to people in order to invite customers to update their account details. The emails, were titled ‘Your Account Details’ and appear designed to invite customers to change their marketing preferences. As the email offered money off coupons and extra More Points they were deemed to be marketing emails.

Whilst it appears that Morrisons could establish consent to contact their customers generally they did not check whether the consents had been qualified or withdrawn. Unfortunately, 130,671 of those emails were sent to people who had explicitly opted out of receiving marketing emails in breach of the Data Protection Act 1998 and The Privacy and Electronic Communications (EC Directive) Regulations 2003.

It is vital that any members looking to update their customer databases take all reasonable steps to ensure they remain updated. We would also recommend that any emails sent to update databases and consents are only sent to those customers where there are any concerns that any email should not contain any marketing numeration in order to reduce the risk of breaching the current legislation.

GDPR and Consent

Guidance provided by the Information Commissioner on their regular blog continues to clarify some myths surrounding the GDPR.

The Commissioner confirmed that whilst the GDPR rightly focuses on consent and raises the standards required, consent is only one reason for processing personal data and is far from the only reason.

Whilst the ICO are yet to finalise their formal guidance on consent under the GDPR they have produced a draft guidance which can be found here.

Conclusion

The above is a very broad overview of one aspect of the GDPR. The legislation and guidance is still developing in the weeks and months in the run up to their implementation. This advice is general in nature and we will endeavor to keep you informed through regular articles and case studies.

For further information please visit the Information Commissioner’s Office website here.

Links

Data Controllers self-assessment

Changes to the fee regime

Draft Consent Guidance

Breast feeding: risk assessments

It has long been established in employment law that an employer should carry out risk assessments both in respect of pregnant workers (to assess any dangers or workplace adaptions that may need to be made) and in respect of breast feeding.

In the recent case last week the CJEU in Otero Ramos v Servizo Galego de Saude has confirmed that failure to conduct an appropriate risk assessment for a breast feeding employee can result in sex discrimination.

On the facts of that case the employer had simply, without substantiated explanation, said the employee’s work was “risk free” which the employee argued was incorrect and in breach of the European Directive covering such risk assessments. The Court held if a breast feeding mother can show that a risk assessment was defective, then that can give rise to a prima facie case of discrimination. The burden of proof then turns to the employer to show that in fact the required risk assessment had been done in line with the Directive, but if the employer was unable to discharge that burden, a sex discrimination claim could result.

The case underlines that such risk assessments are important. All businesses both large and small should perform such assessments.

Conclusions

This advice is general in nature and it will need to be tailored to any one particular situation. As an RMI member you have access to the RMI legal advice line, as well as a number of industry experts for your assistance. Should you find yourself in the situation above, contact us on 0845 305 4230 at any stage for advice and assistance as appropriate.