Although the SRA has recently announced that the next diversity data collection exercise will be held in May 2017, and then every two years after that, many firms now see the business benefits of the annual collection and publication of staff diversity data and have decided to continue with it no matter what the SRA does.
There are a number of pitfalls that you could encounter when collecting and publishing diversity data, and this article is intended to provide you with an insight into these and how they can be avoided.
Although a large number of firms use the secure Riliance diversity system to collect their data, other firms are using methods that may not be secure, don’t allow the data to be collected anonymously, or they may have signed up to a third-party collection tool where ownership and use of the collected data is unclear!
The diversity data collection process is a very sensitive one, which requires a lot of thought by those responsible for it within firms, and therefore great care must be taken when handling employee data; it is imperative that you understand your data protection and regulatory obligations, and are clear about the ownership and potential use of the collected data.
To ensure you protect both yourself and your employees, you should:
- Ensure all staff are given the opportunity to complete a diversity survey
- Provide staff with plenty of time to participate in the survey – don’t leave it until the last minute and then find staff are on holiday and therefore can’t complete it
- Reassure staff about the use of their collected data
- Comply with the Data Protection Act, particularly in relation to the publication of aggregate data
- Read all terms and conditions that relate to the use of third-party survey tools, ensuring that ownership of collected data remains with the law firm and not the provider
The Information Commissioner is regarded as a very robust regulator and has not been frightened to issue significant fines to organisations for failing to store and manage data properly. Many law firms are potentially at risk as they are unclear about their data protection obligations, and have in the past published diversity data on their websites without any thought as to the possibility of individuals being identified, even from aggregated data!
To ensure you can justify the publication of aggregate data under the Data Protection Act, you should keep a record of your decision making process, including a copy of the assessment you undertook to assess the potential risk of employees being identified.
We can help you to avoid the potential pitfalls around collecting diversity data, so if you would like to use our diversity data collection tool, please contact us.
Telephone: 01829 731200