How to report all types of abusive behaviour
In some sectors or organisations reporting can be seen as unnecessary or stigmatising. For this reason, it is important to ensure that managers and employees understand why reporting of all types of abusive behaviour is necessary.
Every organisation has a legal responsibility to ensure that their risk assessments are suitable and sufficient. To identify significant risks you need to have all the relevant information available.
When you need to share information between organisations, you need to make sure that you adhere to General Data Protection Regulation (GDPR) guidance.
The General Data Protection Regulation and the Data Protection Act 2018 set the rules and basis for data management.
Prior to sharing information, the organisation holding it must consider carefully how any recipient organisation or department is going to use it, and what the effect on people is likely to be. Your policy needs to be very explicit about this. It is good practice to get a data sharing agreement with the recipient organisation.
You can find more information about sharing information on the
Information Commissioner’s Office website.
Article 6 of the GDPR explains when you are able to share information with other organisations. You need to have a clear case to allow you to do this, and it’s very important that you keep a record of your decision and the reasons behind it.
You need to be able to demonstrate that you have a lawful reason to share information under
You can use a questionnaire from the Information Commission’s office (ICO) to help you decide if you have a legal reason to process information.
Subscribe to receive updates on our services and activities
For information on workplace health, safety and wellbeing, contact your local health board team