Diversity Data Collection
The deadline for the collection and publishing of diversity data – 31 January 2014 – is fast approaching, and those firms who have not taken the necessary steps to do so should be collecting and collating their data now if they are to avoid being in breach of the regulations.
Why report diversity?
In addition to the general legislative duties upon all employers to protect the rights of individuals and advance equality of opportunity for all, in 2011, the Legal Services Board (LSB) published statutory guidance – designed to increase diversity and social mobility – as to what it expected approved regulators to require of those whom they regulate in terms measuring levels of diversity and social mobility in the legal workforce. In that report, entitled ‘Increasing diversity and social mobility in the legal workforce: transparency and evidence’, the LSB stated that it expected approved regulators to:
- gather a more comprehensive evidence base about the diversity characteristics of the legal workforce by ensuring that every individual is given an opportunity to self-classify against a broader range of characteristics (including age, gender, disability, ethnic group, religion or belief, sexual orientation, socio-economic background and caring responsibilities);
- ensure the transparency of diversity data, including published summary data about some characteristics (age, gender, disability, ethnic group socio
-economic background and caring responsibilities) at the level of individual regulated entities (where approved regulators regulate entities);
- collate diversity data to give an aggregate view of the diversity make-up of each branch of the profession;
- ensure the data identifies seniority where appropriate, so that it can be used to track progress in relation to retention and progression;
- evaluate the effectiveness and impact of existing diversity initiatives.
The result of this is that those firms who are regulated by the SRA must now not only collect diversity data about their workforce – they must also report it and publish it. This has been made more difficult for many firms since the SRA discontinued its online reporting mechanism and replaced it with a suggested diversity monitoring form in Word format. That notwithstanding, firms have only until 31st January 2014 to complete the process.
Collecting, Reporting and Publishing
There are three stages to the process that all firms must undertake – collecting and collating, reporting and publishing:
All members of a firms workforce must be given the opportunity to provide the firm with their diversity data. They cannot be compelled to provide the data and may choose not to provide some or all of the data requested. All members of the workforce including owners of the firm and all other qualified and non qualified staff are to be included in the diversity data collection exercise and the aggregated data must be reported to the SRA, broken down by the role categories set out specified by the SRA, by 31st January 2014.
Although no specific method for the collection of the data has been specified by the SRA, nevertheless the data collected must be in the required form specified by the SRA. The data can be collected on an anonymous basis or may be attributable to specific individuals within the firm. A model questionnaire has been produced by the SRA which can be downloaded from the SRA web site.
The data that needs to be collected includes:
- information about a person’s role, ownership and supervisory responsibilities in the firm;
- information about a person’s protected characteristics under the Equality Act 2010;
- information about socio economic factors (education) and caring responsibilities.
The SRA have indicated that the following people should be included in the diversity data collection:
- full time and part time employees,
- employees on maternity leave or on long term sick leave from the firm (but only if they are in contact with the firm during their absence and are willing to participate in the data collection), and
- temporary employees, those engaged by the firm under a secondment contract, consultants or other contracted staff where they have been or will be engaged on a contract for 3 months or longer,
but that data need not be collected from:
- people engaged in work which has been outsourced by the firm to another firm or company,
- barristers or other experts engaged by the firm on individual matters,
- people who are normally based outside England and Wales.
Having collected the data the firm then needs to collate it according to the categories set out in Section 1 of the SRA guidance note. Thus the data should be able to be collated against:
- different roles within the firm including solicitor, other fee earner, partner, legal secretary, manager etc.;
- role, ownership and responsibility;
- protected characteristic – i.e age, gender, disability, ethnic group, religion or belief and sexual orientation;
- socio-economic background – i.e. education and caring responsibilities.
Some thought will need to be given by firms as to how they best show this data.
Once the data has been collected it needs to be reported to the SRA. Firms are required to input their aggregated diversity data into the Organisation Diversity Data page on mySRA by 31 January 2014.
In order to assist firms in entering their data into mySRA, a guidance note has been produced the “mySRA Diversity Data Entry – User Guide” which is a pdf document that can be found on the SRA web site. The guide covers all aspects including logging in the various information tabs and the nature of the data required in each. It also includes a helpful infographic.
Having reported the diversity data, the firm must also publish that data. Care must be exercised in how this is done so as to ensure that the firm does not fall foul of data protection legislation – see below.
Although the SRA requires firms to publish a summary of their workforce diversity data, they do state in their guidance that:
- Firms are not required to publish a summary of the workforce diversity data relating to the sexual orientation or to the religion or belief of their workforce;
- The SRA has not prescribed the manner or format in which a firm is required to publish a summary of their workforce data;
- Firms must comply with the data protection principles and legislation when publishing a summary of their workforce diversity data and these regulatory requirements are not intended to override this.
In other words, there are limits to the type of data that needs to be published, there is no prescribed way for the publication to take place and firms have to make up their own minds as to whether that which they are doing contravenes data protection principles.
Firms should, therefore, think hard about that data which they publish, ensure that the workforce is aware of how the data will subsequently be used and be particularly careful as to how they retain and use the data in the future.
Data Protection Issues
Finally, just a brief word about data protection.
Data protection laws are complex and cannot be covered adequately in a brief note such as this.
The SRA’s guidance suggests that “data should not be published in a way that allows any individual to be identified” and provides links to the ICO code of practice on publishing anonymous data. This is probably easier to achieve in theory than in practice.
Sole practitioners and smaller firms in particular will find it almost impossible to publish workforce diversity data without the risk of identification and for this reason the SRA will not expect them to comply with the publication requirement. However, even larger firms may have problems if they have individuals in unique roles that enable them to be identified. Such firms may need to combine some of the role categories or publish the data for the whole firm without breaking it down by role categories at all.
Where firms do publish data, they should always take great care. The information to be published is of the sort defined as ‘sensitive personal data’ by the Data Protection Act 1998 (DPA) and those planning to utilise that data must ensure that they satisfy schedule 3 of the DPA, obtain explicit consent and make sure that those giving the consent understand how the information is to be used and processed and has, in supplying the information, understood how that data will be stored, analysed, used, published, reported and who will have access to it.
Firms are advised to be aware of the eight data protection principles (see the Information Commissioner’s Office’s web site), namely:
- Personal data shall be processed fairly and lawfully and, in particular, shall not be processed unless
- at least one of the conditions in Schedule 2 is met, and
- in the case of sensitive personal data, at least one of the conditions in Schedule 3 is also met.
- Personal data shall be obtained only for one or more specified and lawful purposes, and shall not be further processed in any manner incompatible with that purpose or those purposes.
- Personal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed.
- Personal data shall be accurate and, where necessary, kept up to date.
- Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.
- Personal data shall be processed in accordance with the rights of data subjects under this Act.
- Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.
- Personal data shall not be transferred to a country or territory outside the European Economic Area unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data.
The Lawyers Defence Group can assist you in complying with your duties in relation to diversity data.
For more information, contact the Lawyers Defence Group:
- by phone on 0333 888 4070;
- by email to firstname.lastname@example.org;
- by requesting a callback using the form in the right hand menu and someone will call you back; or
- by writing to Lawyers Defence Group at one of the addresses on our contacts page.