Ask an expert

Key considerations in implementing workplace harassment policies • The federal privacy legislation and its impact for third-party administrators

Key considerations in implementing workplace harassment policies

We would like to institute a workplace harassment policy in our organization. What are some of the key considerations in implementing such a policy?

Answer: The Ontario Human Rights Code and the Canadian Human Rights Act recognize harassment as a violation of human rights. Accordingly employers have a responsibility to provide employees with a workplace free from harassment as a result of any of the enumerated grounds of discrimination — race, ancestry, colour, marital status, same-sex partnership status, family status and disability.

The courts have held there is a fundamental implied term of any employment relationship that employees will be treated with civility, decency, respect and dignity. Employers also have an obligation to prevent workplace bullying and other forms of general harassment in addition to preventing harassment due to any of the enumerated grounds of discrimination.

Workplace harassment policies provide a relatively quick and simple way of protecting employees from harassment. In some provinces, human rights legislation even goes so far as to specifically impose liability on employers for the acts of its employees. Proactive steps by an employer to deal with workplace harassment may have an impact on a court’s decision regarding the appropriate remedy to be awarded to a victim. It is advisable therefore, for employers to institute some form of workplace harassment policy.

Workplace harassment policies should, at a minimum, provide the following:

•an explanation of the underlying philosophy of the policy;

•some definition of the prohibited conduct;

•a warning on penalties that will be invoked for a violation of the policy;

•a method by which employees can raise issues of harassment in either a formal or informal manner;

•a procedural guideline for filing a complaint; and

•an outline of what might occur once a complaint has been filed.

Designing and instituting the policy is only the first step for employers. Once a workplace harassment policy is in place, the employer must ensure employees are knowledgeable about it. Employers should distribute the policy to all employees, and have it posted prominently in the workplace. It may also be necessary to provide an in-house training awareness program to ensure all employees are fully knowledgeable about the policy.

Supervisors and managers must also be knowledgeable about the policy. They are expected to be able to recognise and control the harassment and to implement the policy. Most importantly, these individuals must be informed of how to proceed if an incident of harassment occurs. If a complaint is made, managers and supervisors should be advised to:

•respond to the complaint in a timely fashion;

•measure the reported behaviour against the harassment policy and determine whether an investigation is warranted;

•if merited, immediately select an independent and experienced investigator; and

•ensure that the investigator meets with the complainant and the alleged harassor to conduct a thorough, timely and confidential investigation.

The federal privacy legislation and its impact for third-party administrators

How does the federal privacy legislation affect the employer-employee relationship? I am specifically interested in how this legislation may affect an employer's handling of employee personal information, disclosed to third-party administrators for the purposes of such things as benefits, payroll and pensions?

Jan. 1, 2004, marked the final phase in the implementation of the federal Personal Information Protection and Electronic Documents Act (PIPEDA). What impact does this legislation have on employers?

The answer is, simply, probably less impact than you have been led to believe. PIPEDA has applied to employers, who are federally regulated, since Jan. 1, 2001. If your employees are subject to the Canada Labour Code, then PIPEDA already applies to their employee personal information. With respect to federally-regulated entities (typically in the transportation, communication or banking sectors) PIPEDA applies to information generated from interactions with employees and dealings with customers.

With respect to provincially regulated businesses, PIPEDA does not apply to employee information. PIPEDA is limited to commercial activity. But it is important to note there has been some debate as to whether or not it will apply to the employment relationship in provinces, such as Ontario, that have not passed substantially similar legislation. The consensus is that until substantially similar legislation is passed in a province, PIPEDA will not apply to the handling of employees' personal information in provincially regulated workplaces. The reasoning for this is twofold. First, it is arguable the definition of "commercial activity" is not broad enough to include the collection of personal employee information that is only incidental to whatever commercial activity an employer is engaged in, such as payroll information. Second, while the federal government has constitutional jurisdiction to pass laws that relate to trade and commerce and to matters of an inter-provincial nature, the provinces have authority over property and civil rights. Arguably, this means the federal government lacks jurisdiction to regulate privacy issues between employers and employees in a provincial workplace.

Nevertheless, employers should recognize that privacy legislation is coming to all provinces – it’s a matter of when, not if. It is also clear that PIPEDA will be the model for the provincial legislation. Therefore there is a practical benefit for employers to implement compliance measures now in an effort to anticipate the types of changes every organization will eventually have to have in place.

With respect to the question regarding the provision of employee information to third-party administrators, we suggest the following. Employers who use an external company to process payroll and benefits will arguably have to ensure the information provided to these outside providers is necessary information. Employee consent should be obtained to provide this information to these third parties.

Employers should take steps to receive assurances from third-party benefit or payroll service providers that they are complying with the requirements of PIPEDA and not, for example, using the address information they have obtained to create and sell mailing lists or target customers for other services that they, or an associated company, may provide.

Peter Israel is the head of Goodman and Carr LLP’s Human Resource Management Group. He can be reached at (416) 595-2323 or

Latest stories