Reluctant Employers
Employers don’t always want to share with trade unions, but the data protection team can help! Whether the employer is reluctant to share new start lists with branch officials, or being difficult about using the employer email for UNISON work; contact dataprotection@unison.co.uk and let us know the situation. If it’s about any kind of use of personal data or data access, we can provide free advice.
Merlin – the new WARMS
We can also help you gain and retain access to membership systems – WARMS will be replaced by Merlin this year, and you may lose access if you haven’t completed the mandatory GDPR e-learning (available here: https://e-learning.unison.org.uk/). It usually takes less than half an hour to complete, and if you have any trouble accessing it or completing it, then our team can support you.
Industrial Action Ballots
We’ve released new guidance about why all members can be contacted during a ballot period, and how to do it in such a way that is compliant with both data protection legislation and the union’s internal governance. You can find it here: http://msg.unison.org.uk/c/1eg7Z9uCbvMBow3feVkerxUVqql
Data Protection Team at UNISON – What we do
Besides dealing with employers who are reluctant to co-operate with the union, helping you get and keep access to membership systems, and advising on time sensitive ballot issues, what else does the Data Protection team at UNISON do? We look after any data breaches to help branch activists minimise the risk to members!
The most common types of data breach are simple email errors; sending to the wrong person, attaching the wrong document, or sending to a group of people without using the blind copy option (bcc) or WARMS to keep their contact details private. As you can see below, this handful of categories makes up over two thirds of all reported data breaches in UNISON!
Data Protection Case Study 1
Recently, a branch administrator sent a referral out to a support team to help a member get access to support in a difficult case. Because there was a tight deadline, they sent it quickly and clicked the wrong auto-complete option – and the member’s details on the referral form went to the wrong recipient.
The administrator contacted Data Protection as soon as they realised what happened, and we advised them to try and recall the email; and if that didn’t work, to send a fresh email to request that the member’s referral was deleted from both inbox and deleted items. The person who received it was happy to do this without looking at the original email and our member’s data remained safe!
We advised the branch administrator on how to delete suggestions from their auto-complete, so that they could reduce the risk of anything like this happening again.
When emails go astray, let us know; we can log what’s happened, and provide advice not just on how to fix the situation at the time, but also on how to reduce risks and generally protect our members’ personal information. If you have any questions, or think you may have spotted a data breach, contact us on dataprotection@unison.co.uk!
You can also find out more general information in the Data Protection Handbook, available here: https://www.unison.org.uk/content/uploads/2018/03/UNISON-Branch-Data-Protection-Handbook-updated-February-2018.pdf