Workers lose hours of productive time every week hunting for information across disparate systems. This is an annoyance, and also an opportunity cost — but increasingly, it’s becoming a real cost.
What has happened?
Fortescue Metals Group, the fourth-largest iron ore producer in the world, has been fined by WorkSafe in their home state, Western Australia, with 34 counts of ‘refusing or failing to provide documents to a WorkSafe inspector within a specific period and without a reasonable excuse’. Each count cops a fine of up to $55,000.00, or a total exposure of more than $1.8M.
Not being able to quickly find and provide information in response to a legal request is a big risk, not just from a financial point of view but also a reputational one. FMG is one of many mining operators included in a Parliamentary Report in 2021 called ‘Enough is Enough: Sexual harassment against women in the FIFO mining industry‘. Fortescue, from 2017 to 2021, recorded 71 reports relating to sexual harassment, at least 65 of which were substantiated. But when WorkSafe, (theoretically) under new legislation introduced in 2022, compelled them to provide documents related to this workplace sexual harassment, FMG were allegedly not able to do so. In fact, they have refused to do so, citing privacy concerns.
What does it mean?
The matter is before the courts, so we will eventually know whether or not ‘privacy’ holds up as an excuse not to be transparent with the regulators. Usually, if a court has made an order for discovery that requires disclosure, the disclosure of personal information to comply with the order is permitted by the relevant Privacy legislation. So it is a contentious argument that such disclosure would not be lawful (or reasonable). It’s likely that the court order will require the disclosure, and if it doesn’t, that the legislation may be revised subsequently to avoid a repeat of this situation.
All this means that corporations will most likely need to comply with requests from regulators and their related Tribunals to supply highly sensitive information, and in a reasonable timeframe (or be fined). This kind of legal discovery can be very hard and expensive to do when records are saved across disparate systems, are not properly indexed or classified, or are in locked-down repositories that don’t have a simple way for the discovery team to search.
What can we do about it?
Prevention is better than cure. Most organisations will at some point need to be accountable to an investigation process, whether through a Tribunal or some other external audit or legal action. Having the ability to search for, collect, preserve, and produce ESI is vital to avoid business impacts, fines, and reputational harm. We developed Castlepoint’s Legal Hold capability to automate this process, across your whole enterprise, in a defensible, secure, and accountable way — with no impacts on your operations, systems, or data. We are experts in compliance and privacy. Contact us for more information on our eDiscovery and eHold capability and to find out how you can reduce your own exposure.