Alison's New App is now available on iOS and Android! Download Now
Section 2 - Working in a Business Environment and with other Team Members
In this day and age, you’ll work in a business environment even if you only visit premises infrequently, and you’ll operate as part of a team, or with customers. You will need to be able to understand how businesses operate, what processes you may be involved with, and how to work in a team of quite different people to yourself, which brings its own set of challenges. This unit will help you to understand the following:
Understand and be able to maintain security and confidentiality at work and deal with concerns
Understand the purpose and procedures for keeping waste to a minimum in a business environment and to be able to carry out support activities
Understand procedures for disposal of hazardous materials
Know how to support sustainability in an organisation
Understand and be able to respect other people at work
Understand how your role fits with organisational values and practices and be able to work effectively in a team to meet organisational needs, values to achieve goals and objectives
Understand how to communicate as part of a team; dealing with problems and disagreements and how to use feedback processes
Understand the contribution of individuals within a team and be able to use feedback on objectives in a team
The unit will include several reflections exercises and activities, with a quiz at the end. Aim to spend around 5-6 hours completing this module and make notes as you progress through it.
Understand and be able to maintain security and confidentiality at work and deal with concerns
All functions and businesses need information or data to enable them to function effectively. It provides actions and helps strategic decisions to be made. It depends on the type of business, the number and type of employees as to what data is held, where and why.
The information needs to be readily available at all times to those who are authorised to use it. Equally it must be stored, handled and disposed of in such a manner as to prevent access to it by those who are not authorised.
As an example, a High Street Bank will store information about customers who have different types of accounts, loans, mortgages, savings, bonds, etc. In addition, there will be employee records, so that employees can be recruited, managed, paid, or exited accordingly. There will also be regulatory records linking into the Financial Services Authority, which may include compliance audits. This data is sensitive and must be maintained, updated by select personnel, and carefully stored.
In addition, there may be secure areas at work, for which a high-level pass is required, which could include retinal or biometric checks, key-coded access points, etc. Technological advancement now means that companies are ensuring their systems are secure. Employee car parks can be staffed by security guards, or have registration plate checks so that only employee cars can enter a secure car park.
Internally, records systems tend to involve some kind of electronic database backed up by paper documents. Any paper forms you do issue and retain should be standardised where possible. Paper-based information needs to be locked away safely, preferably in a secure room, with a main key holder allocated.
Whatever type of records system you have, it should be:
secure
reliable
accurate
consistent
adaptable
confidential
simple to use
easy to maintain
Records maintained include:
Employee records
Pay information
Statutory or regulatory records
Organisational records
Supplier information
Client databases
Contractual arrangements with suppliers and clients, or customers
Cloud Security
Dropbox, iCloud, or Google Drive can store data, but companies need to ensure data is private. There are useful technologies to help keep data secure:
Employ tools such as two-factor authentication. Make sure you'll be notified if someone tries to reset your password, and if there are security questions involved, make sure you choose obscure questions.
Your next step is to take a look at any connected apps and devices with access to your cloud storage. In Dropbox, for example, you can see all of them in your account settings. Remove applications you don’t recognise or no longer use. This is particularly important if you customer or other sensitive data.
Tips for Managing Data and Dealing with Concerns
Work out whether you collect personal information about your customers. A list of names and addresses of people you deliver goods to, or a file of contacts you use for telemarketing, is personal information.
If you do collect personal information, decide whether customers would already know who you are and what you are going to do with their information, including disclosing it to a third party. If not, you should draft a privacy notice and provide it to them, for example in the form of a leaflet.
Make sure your privacy notice is clear, honest and will be understood by the people it is aimed at. Avoid confusing mixtures of ‘opt-ins’ and ‘opt-outs’. Don’t ‘pre-tick’ consent boxes as that is now not allowed under the new Consumer Rights Act 2015.
If you are going to give your customers a choice, for example over the disclosure of their details to another business, explain the choice clearly and respect their wishes.
Make sure customers know the difference between information they need to provide to get the goods or services they’ve requested, and information which is optional.
Review your privacy notice from time to time to make sure it is accurate, up to date and accessible to your customers. If you use ‘cookies’, “short strings of text stored on one’s hard drive”, then ensure you inform your customers so that can accept or decline them being stored on their computer.
You should not do anything with personal information that customers might find misleading, unexpected or objectionable.
Being open with customers and treating their details fairly should make them want to do business with you again.
The Information Commissioners Office (ICO) is the authority which advises on Data Protection within the UK. Any organisation or individual can contact the ICO if they think a company is in beach of the use or storage of their data. That is why security and confidentiality are so important in a business administration role. Fines can be imposed, plus the ICO can restrict business activity deemed in breach of Data protection regulations. They have authority to conduct the following:
Using their enforcement notice power where there is significant risk to information rights and this is the most appropriate way of ensuring compliance.
Obtaining formal undertakings when improvements to information rights practices are required and this is the most appropriate way of ensuring compliance; ensuring required actions are undertaken.
Encouraging organisations to sign up to improvement plans which address information rights compliance issues, backed by formal action when needed.
If you are concerned about a process which you think may impact upon the security and/or confidentiality of company information, i.e. there is malpractice with/or intent to hurt, or injure a party, you should always raise it formally with your manager, citing what the issue is and how it impacts. You should also be aware of the concept of ‘whistle-blowing”, if you think the circumstances are in the wider public interest.
Whistle-Blowing
Blowing the whistle is more formally known as 'making a disclosure in the public interest' so it is important you can do so knowing that you are protected from losing your job and/or being victimised as a result of what you have uncovered and made public.
Who is protected?
As a whistle-blower. you're protected from victimisation if you are:
a worker
revealing information of the right type by making what is known as a 'qualifying disclosure'
revealing it to the right person, and in the right way making it a 'protected disclosure'
It is important to note that 'worker' has a special and wide meaning for these protections. As well as employees it includes the self-employed, agency workers and people who aren't employed but are in training with employers.
Qualifying Disclosures
To be protected, you need to reasonably believe that malpractice in the workplace is happening, has happened or will happen. You also need to make your disclosure in the right way. The types of malpractice the law covers are:
criminal offences
failure to comply with a legal obligation
miscarriages of justice
threats to people's health and safety
damage to the environment
In order for a disclosure to a 'prescribed person' to be protected, you must fulfil the following requirements:
make the disclosure in good faith
reasonably believe that the information is substantially true
reasonably believe you are making the disclosure to the right 'prescribed person'
In certain circumstances you can also make disclosures to others. These include:
your legal adviser
a government minister, if you're a public sector employee
more generally (to a professional standards body, for example, or in extreme circumstances, the media)
In the United Kingdom, the Public Interest Disclosure Act (1998) protects workers from detrimental treatment or victimisation from their employer if, in the public interest, they expose wrongdoing.
Join our community of 40 million+ learners, upskill with CPD UK accredited courses, explore career development tools and psychometrics - all for free.