Confidentiality Breach Can Be Just Cause for Termination

Despite its high threshold, the British Columbia Supreme Court upheld the just cause dismissal of a long-service management employee following a series of confidentiality breaches.

What happened?

After 36 years of service, a manager’s employment was terminated for breaching the employer’s confidentiality standards. Given the highly sensitive nature of her position for being in charge of client services, claims made by internal employees and as an ethics adviser, the allegations were especially serious as a co-worker claimed that the manager was sharing confidential information about internal employees with other subordinates by prefacing it with, “I shouldn’t be telling you this, but….”

Following an investigation, the employer dismissed the manager for just cause without severance pay but offered her 24 hours to consider retirement instead, which would afford her four months’ salary in exchange for executing a release. The 61 year old manager elected to retire and signed the release.

Despite her decision, the manager sued the employer for wrongful dismissal.

During the trial the parties did agree that had the manager been dismissed without cause, she would have been entitled to 18 months’ salary due to her long-service employment of 36 years.

Therefore, the court had to decide whether the employee was properly dismissed for cause, and whether the release is enforceable.

British Columbia Supreme Court

Generally speaking, employers have the right to terminate employees, but they are required to give notice that the employment is ending. There is an exception to such a notice requirement. The exception applies where the employer can prove “just cause.”

If the employer terminates an employee for cause, the employee is not entitled to notice or pay in lieu of notice. However, the onus is on the employer to prove that an employee’s behaviour or conduct was so unacceptable that it justifies dismissal with cause without the required notice.

Informed by Panton v Everywoman’s Health Centre Society (1988), 2000 BCCA 621, the test of establishing just cause is “an objective one, viewed through the lens of a reasonable employer taking account of all relevant circumstances.” It requires a serious examination of both the circumstances surrounding the alleged misconduct and the degree of the misconduct. As part of this objective but contextual analysis, it is important for the employer to consider the suitability of alternative disciplinary measures to dismissal.

Due to the manager’s credibility issues, the Court sided that the co-workers who testified against her were generally credible and preferred their evidence over hers. Accordingly, the Court found that the manager breached the employer’s confidentiality standards by inappropriately disclosing enough confidential information about other employees’ claims that certain staff claimants could be identified.

The manager argued that even if all the allegations were proven, the employer still failed to establish that she engaged in conduct that fundamentally strikes at the heart of the employment relationship. She argued, among other things, that:

• the employer admitted that a violation of the Code does not automatically lead to termination or even discipline;
• the breaches were relatively minor;
• the employer has not proved any actual harm stemming from the disclosure of the confidential information in question;
• there is no evidence that the manager disclosed confidential information for any improper purpose or for reasons of personal gain;
• the manager has no history of discipline, and in particular any discipline with respect to the employer’s policy on confidentiality;
• the manager was a new manager at the time of the alleged breaches and had received no training with regard to human resources or labour relations;
• the manager received a positive performance evaluation from Mr. Molnar only three months prior to her termination; and
• the employer failed to consider the considerable stress the manager was undergoing during the time of the alleged breaches given: (i) her mother’s illness; and (ii) the fact that the Hearing Loss Department was undergoing difficult changes which were out of the manager’s control.

Unfortunately for the manager, the Court did not agree with her arguments because the employer took privacy and confidentiality very seriously, and the manager knew that a breach of the protocols could lead to termination.

As such, the employer met its burden of demonstrating just cause as the “cumulative effect of all the incidents found to have occurred suggests a manager out of her depth, reacting to her stress by making an array of improper disclosures, in a misguided effort to obtain support from, or simply be liked by, her subordinates.”

In regard to the release, the Court held that it was, in fact, not unconscionable because the settlement was not a grossly unfair and improvident transaction. While the manager had the opportunity to obtain independent legal advice, she did not take it and falsely represented to her employer that she had. Moreover, as manager, she was aware of the nature of the dismissal process, and she had time to consider the circumstances during her suspension before accepting the release. And although she was given only 24 hours to make her decision to sign the release, this did not rise to the level of being taken advantage of by her employer.

Takeaways for employers

A number of occupations require strict confidentiality in handling customer information, records, investigations, counseling, proprietary data and trade secrets, among others. The disclosure of sensitive employee and management information can also lead to a loss of employee trust, confidence and loyalty. This will almost always result in a loss of productivity.

It is important to have confidentiality standards and measures (policies and procedures) in the workplace, in line with existing laws and regulations.

In the wrong hands, confidential information can be misused to commit illegal activity (e.g., fraud) or bring harm to individuals, which can in turn result in costly lawsuits for the employer.

Failure to properly secure and protect confidential business information can lead to the loss of business, clients and employees, as well as the organizations reputation.

Employers should develop written confidentiality policies and procedures. Every business should have a written confidentiality policy describing both the type of information considered confidential and the procedures employees must follow for protecting confidential information.

Employers should make sure the policies and procedures are communicated and that employees including management are trained on the policies and procedures. In order for a confidentiality policy to have “teeth,” employees who violate the policy must be disciplined in accordance with an employer’s disciplinary policy and procedures.

Also, before firing an employee “for cause,” an employer should ensure that the following inquiries have been made:

• Was the rule/policy reasonable and was the breach serious?
• Was the employee aware of the rule and adequately warned of the consequences of a breach?
• Was the breach fairly and adequately investigated?
• Does the evidence prove the breach?
• Have the rules been applied consistently in the past?
• Does the employee have a past record of breaches?
• Is there any other lesser disciplinary response which may suffice?