Addressing Privacy Concerns with Lone Working Devices and Apps

In the UK, it’s estimated that there are around 8 million lone workers spanning various industries from healthcare and construction to delivery services. While these employees work alone, employers have a duty of care to ensure they are not at any increased risk. Organisations are increasingly relying on lone working devices and apps to fulfil this obligation.

This technology allows workers to get direct help to their location in an emergency and be supported 24/7. However, for some, they also bring significant privacy concerns, particularly regarding location tracking and the handling of personal data.

Are Lone Worker Systems Used for Monitoring Productivity?

Lone working devices rely on tracking technologies such as GPS and Wi-Fi location tracking to monitor employees’ location and coordinate help directly to them in an emergency. While this capability is invaluable in emergencies, it can also feel invasive. Constant location monitoring can lead to feelings of distrust and surveillance, potentially impacting morale and productivity and ultimately the use of the service.

Key Concerns:

1. Constant Monitoring: Employees may feel their privacy is compromised if their every movement is tracked. This can cause a sense of distrust among employees and may even lead to them not using the service provided.
2. Data Security: Employees may be concerned about the security of the data collected on them through their device or app.
3. Usage Clarity: Employees might be unclear on how their location data is used and who has access to it. They may fear the data is being used to track their productivity or monitor their movements beyond safety purposes.

Addressing Employee Privacy Concerns

To balance safety with privacy, organisations must carefully choose and integrate their suppliers, while maintaining open communication with employees about the collection and purpose of data. This proactive approach not only strengthens workplace safety measures but also boosts employee confidence in the organisation’s dedication to safeguarding their privacy rights.

1. Be Transparent

Successfully implementing an employee safety system requires clear communication and transparency. You should inform employees about the purpose of location tracking and clearly explain the benefits, focusing on the impact it has on their safety. Employees should also understand what other data is collected, how it’s used, and who has access to it.

Encouraging employee input and addressing any questions also fosters a collaborative approach between employers and workers, allowing you to resolve any concerns early on.

2. Choose an Accredited Supplier

When choosing an employee safety app or device, it is crucial to select a supplier accredited to the highest industry standards to ensure your data is protected. This will further give employees confidence that their personal data is in trustworthy hands.  

For example, Peoplesafe is accredited to the highest industry standards including ISO 27001:2017, BS 7858:2019 and Cyber Essentials Plus. This verifies that Peoplesafe’s service complies with strict data security standards, offering robust protection and peace of mind for employers and employees.

3. Limit Data Access

To ensure the proper use of employee personal safety data within your organisation, restrict access to this data to only those who need it for legitimate safety and operational reasons. Communicate clearly to employees that their data is safeguarded against unauthorised access and will only be used for ensuring their safety, not for surveillance purposes. This transparency fosters trust and assures employees that their privacy is respected and protected.

With Peoplesafe, role-based access control within our Nexus management platform gives customers a high level of control over who can view worker data internally. There are four Nexus profile levels, each granting different access to personal data:

1. Administrator – owns the company account and has access to everything
2. Manager – can access everything that is assigned to their Teams
3. Escalation Contact – an advisory role when contacted by the ARC and has access to their own profile only
4. User – an individual who uses the Peoplesafe app or device and has access to their own profile only

How does Peoplesafe use GPS tracking?

Peoplesafe utilises GPS tracking to ensure the safety and security of employees by providing real-time location information to authorised managers and administrators, as well as to our Alarm Receiving Centre (ARC) in emergencies.

For employees with the ‘Tracking’ optional extra, the device or app transmits this GPS data to Nexus at predefined intervals, where this information is displayed on a dynamic map. The same process occurs when an employee sends a manual position update. This ensures that, in case of an incident, the business has clear and accurate information on the employee’s journey and current location.

When an alarm is raised, the employee’s location is immediately accessible to controllers in the Peoplesafe ARC. Controllers can also access previous manual positions and tracking data, enabling them to dispatch assistance directly to the employee’s exact location. This significantly reduces response times and increases the likelihood of a positive outcome in critical situations.

For employees working in remote or low-signal areas, Peoplesafe offers satellite solutions. These alternatives ensure continuous monitoring capabilities, maintaining connectivity and location tracking even when traditional data signals are unavailable.

FAQs

What data do you collect and why?

Peoplesafe only collects personal data which allows Controllers in the ARC to deliver to contact, identify and ensure the safety of our customers. This data includes names, contact details, important medical information, and other identifiers necessary to manage personal safety alarms.

For employees with the ‘Tracking’ optional extra, location data is collected at pre-determined intervals to collect a breadcrumb trail of where they have been. In the event of an alarm, this information can be vital for providing information about what the user may have been doing at the time. For those without tracking, location data is collected only when an alarm is raised and if a manual location position is sent. This information is only available to alarm controllers, and managers/administrators with the necessary permissions on Nexus in the event of an alarm.

All personal data collected is securely managed and used solely for its intended purposes, in full compliance with GDPR.

Is my data secure?

Yes. Your data security is our top priority. Peoplesafe is accredited to the highest industry standards, including ISO 27001, which demonstrates our rigorous information security management practices. We adhere to Cyber Essentials Plus, a government-backed scheme that required independent auditing to ensure strong defences against cyber threats and the General Data Protection Regulation (GDPR), the EU law on data protection and privacy policies.

Internal access to customer’s personal data is on a need-to-know basis, ensuring that only authorised employees can view or handle sensitive information. All users with access to personal data have individual logins and standard industry security practices are maintained.

Are Peoplesafe always listening?

No, Peoplesafe is not always listening. The system only activates a two-way communication channel when an alarm is raised, ensuring privacy and security for users.

Is Peoplesafe always tracking movements?

No, Peoplesafe is not always tracking movements. For users who have the ‘Tracking’ optional extra enabled, their location is recorded at predefined intervals. For those without tracking enabled, location information is only recorded when an alarm is raised or if a manual position is sent.

Who has access to my data?

Within Peoplesafe, employees have access to data strictly on a need-to-know basis. Within your organisation, role-based access controls can be set up to ensure that only relevant managers and administrators have access to employee data, maintaining a high level of security and privacy.