🏆 PICCASO Awards Nominee + Growth! DataHub is expanding its Country Reporter Network across Africa. Be part of the story → Apply Here
Free Consultation
Free Consultation
Free Consultation
Your Cart
Loading

Exploring the Access Request Dilemma: Are Meeting Minutes Private or Disclosable Personal Data?

 


 

Introduction:

The Data Protection Act, of 2019 introduced us to the era of stringent data protection regulations. To that end, the handling of personal data has become a paramount concern for individuals and organizations alike. 


In this article, we explore the impact of the ruling by the ODPC in Harrison Kisaka vs. Faulu Microfinance Bank Limited, ODPC Complaint No. 0586 of 2023 where the issue concerned the release to the Complainant, of a report detailing the outcome of a reference checking process concerning the Complainant. The report led to a rescission of a job offer previously issued to the Complainant. 


The bank argued that the report is private. 


The ODPC disagreed with the Respondent and ordered the release of the report to the complainant.


Another example of disclosable minutes/reports and the implications thereof, is illustrated by the Nigel Farage Banking Row. 


In this case, Mr Farage obtained a Coutts Bank (internal) report, which indicated that he did not align with the bank's values on the basis of the banks ideal customer persona. He was de-banked on the basis of the report. The saga was proved problematic for the Bank, and its CEO resigned in the aftermath of it.

 

The complainants in both cases used Data Subject Access Requests to access the reports.

 

So, are meeting minutes considered private records or should they be treated as disclosable personal data? 


In this article, we explore the question and examine some real-life scenarios where this question arises and outline steps you can take to determine when meeting minutes become disclosable.


Scenarios:

Employee Disciplinary Meeting:

Imagine a scenario where a company conducts a disciplinary meeting to address an employee's performance issues. During the meeting, specific instances of the employee's behavior and performance are discussed.


If the employee's name and related details are documented in the meeting minutes, those minutes could be considered disclosable personal data.


Redundancy Discussions:

When a company is undergoing a restructuring process and discussing potential redundancies, the meeting minutes may contain details about affected employees. 


If these individuals can be identified directly or indirectly from the minutes, they might be considered disclosable personal data.


Performance Appraisal Meeting:

In a performance appraisal meeting, an employee's strengths, weaknesses, and career progression may be discussed. 


If these discussions are documented in the minutes and can be traced back to a specific employee, those minutes could potentially be considered disclosable personal data.


Guidelines for determining disclosable minutes.

1. Focus on Individual: Meeting minutes that revolve around a specific individual, where their performance, behavior, or personal attributes are the primary discussion points, are more likely to be considered disclosable.


2. Direct Connection: If the meeting directly pertains to an individual, such as a disciplinary hearing about them, the minutes may be categorized as disclosable personal data.


3. Identifiable Information: If the minutes contain details that can lead to the identification of an individual, even if not the primary focus, they might be considered disclosable. For example, discussing a project an employee is solely responsible for might indirectly lead to their identification.


4. Sensitive Topics: If the meeting touches upon sensitive personal matters, like health issues or family situations, the minutes could be considered disclosable due to the personal nature of the information.


Conclusion:

The question of whether meeting minutes are private or disclosable personal data requires careful consideration of the context and content of the discussions. 


Real-world scenarios involving employee disciplinary meetings, redundancy discussions, and performance appraisals highlight the potential complexities. 


To determine whether meeting minutes are disclosable, one must assess whether the content is directly related to a particular individual, contains identifiable information, or touches upon sensitive matters. 


Navigating these nuances is crucial to striking a balance between data protection and transparency within organizations.


---


As well as blogs, we regularly publish new Communication Tools to help in-house counsel reach your training, communication and compliance goals.


Look out for new free communication tools that you can start using today to inspire, refine and plan your internal compliance strategy.


Join the Zero Carbon Village: Professionals guiding the net zero transition by embedding sustainability objectives into contracts and investments.


We also provide tailored support and training workshops.


Speak to us at info@mzizi-africa.com to organize a demo of our fully resourced compliance management system incorporating Training/LMS, Policy Management, Whistle-Blow Program and many more.


Back to blog
About Us

We are organized under the laws and bar rules of Kenya.

Nairobi Office : Maziwa Lane, Block 1, Ground Floor, P.O. Box 3336 Nairobi 00100, KENYA Tel : +254721640667

Email : info@mzizi-africa.com

RL Partners

Mombasa: Canon Towers II, Bandari Wing, 2nd Floor, Moi Avenue, P.O. Box 41742 Mombasa 80100

Eldoret: Asai Complex, 1st Floor (Next to Equity Bank), Kisumu Road, P.O. Box 1315 Kapsabet 30300

  • Maestro
  • Mastercard
  • PayPal
  • Visa
  • Discover

By using this website, you agree to our use of cookies. We use cookies to provide necessary site functionality and provide you with a great experience.