The Labour appeal Court confirmed a number of important principles around misconduct and workplace discipline in the case of Pick ’n Pay Retailers (Pty) Ltd v JAMAFO obo Maluleke and others (2020) 29 LAC.
The employee was a trainer of cashiers. She and a colleague were gifted boxes of chocolates by a customer of the store, which she did not declare and then attempted to exchange for cash. In doing so, she breached a number of company protocols and policies (which she had been well aware of as the trainer) and when she could not succeed, tried to reverse the transactions to try and cover up her activities - involving names and passwords of other employees. She was dismissed by the company on the basis of breaching company policies and attempted fraud, despite her service of 24 years and clean disciplinary record.
The employee did not deny what she had done, but tried to justify her actions by saying that she had not wanted to siphon money from the store, but just...
An employee is pushing the boundaries. You get complaints about performance and client service. You call him/her in, express your discontent and tell them to do better. This happens a few times, but you just do not get around to formalising these little chats (who has the time, and who needs the conflict?). Then something happens that gets the attention of senior management / the Board / social media..........and all eyes are on you to address this issue once and for all. What do you do?
Famously, in our experience, a disciplinary hearing is called. This latest incident is taken and dissected to see how many of the boxes in the company's disciplinary code can be ticked in order to formulate as many charges as possible from this one incident - because this was now the last straw and the pressure is on to dismiss the employee.
So, the bulked-up disciplinary charges for the hearing include added charges like dereliction of duties; bringing the company's name into disrepute; and...
Employers and recruitment agencies as a general practice ask for a job applicant’s current (or past) payslip when they apply for a new position. This has always been a contentious issue, but most job applicants disclose it if a prospective employer insists upon it, for fear of been side-lined if they challenge this request.
With the advent of POPIA, it seems that the shoe will be on the other foot, since such information constitutes personal information and at a minimum, the eight conditions for lawful processing must be complied with by the employer as the responsible party if it wishes to collect and use this information of a job applicant as the data subject.
The eight processing principles / conditions include –
In South Africa, the Information Officer (IO) is the person within an organisation (as the responsible party) who is responsible for compliance with PAIA (Promotion of Access to Information Act) and now also POPIA.
Who is the Information Officer?
This position is automatically assigned to the head of the organisation (such as the CEO, or a partner, or a sole proprietor in the private sector), who will be the Information Officer by default. There is however provision for designating and officially appointing someone in this position and for the appointment of Deputy Information officers to whom such powers and responsibilities can be delegated. The accountability however will remain with the Head of the organisation, regardless of a delegation of responsibilities.
It is also interesting to note that, different from the GDPR, POPIA does not make provision for the outsourcing of this position – i.e. appointing or contracting an external Information Officer. The position of...
Many organisations use agencies / consultants / service providers for a range of activities – which in all likelihood include the processing of personal information and/or special personal information. Think about recruitment agencies, IT service providers, security providers, payroll management, marketing agencies, external auditors – to name just a few. These would, for the purposes of POPIA, be regarded as third-party operators and YOU have to ensure that they comply with the Act when they process personal information on your behalf.
The Responsible Party under POPIA is a public or private body or any other person who, alone or in conjunction with others, determines the purpose of and means for the processing of personal information in their possession.
An Operator is the person (or entity) doing the actual processing.
The responsibilities, rights and obligations of operators are not the same as those of responsible parties. However, the distinction...
There is a disturbing trend that seems to be raising its head in workplaces these days – employees who are called to meetings by their managers (or HR) and then simply….. well…… refuse to attend. Or demanding a detailed agenda for the meeting before considering whether to attend. Or objecting to other attendees to the meeting. Or…….
Not to put too fine a point on it, but this would typically be justified by some perceived infringement of their rights, should they attend said meeting – and hence pre-empting and avoiding the expected unfair treatment by not attending. This especially happens when the subject matter pertains to matters about the employee personally – such as performance or conduct issues.
A recent example of such a scenario was the matter of Gold One Limited v Madalani and Others (JR 1109/15)  ZALCJHB 180 (9 September 2020), where the employee went so far as to resign and claim constructive dismissal,...
A large proportion of an organisations’ IP typically resides in email. Email is also the main mechanism for a host of cyber-attacks, including malware, phishing and social engineering.
POPIA compliance and data protection in relation to the use of emails, relate to technology as well as how the system is used.
On the one hand it is crucial to ensure email data security and data leak prevention solutions are put into place.
In addition, users (such as employees) should be educated in terms of meeting POPIA requirements when they send, forward or reply to emails; and also how they react upon receiving them.
Developing a compliant email strategy requires an organisation to firstly identify and map the process of email data flow as well as the various components. Then, it needs to demonstrate that this data is protected and controlled and that the organisation is aware of all of the data touch points and storage points and who has access to it.
People / Users
When will an employer be exempt from having to pay severance pay to a retrenched employee?
It is trite law that an employee may forfeit his/her claim to severance pay if he/she unreasonably refuses an offer of alternative employment in an attempt by the employer to avoid his /her retrenchment (section 41 of the BCEA). This provision incentivises an employer to provide alternative employment, but it also aims to limit job losses as a result of retrenchment processes.
But who decides when it is a reasonable alternative offer, or an unreasonable refusal of the offer by the employee?
The Labour Appeal Court considered this in a recent case where the affected employee (57) who worked in the employer's Port Elizabeth office where retrenchments were contemplated, had been offered an alternative position in the East London office. The employee refused the offer without providing any reasons.
The employer than revised the offer by increasing the...