WRC found the dismissal fair, holding that although the case arose from an alleged GDPR breach, the employee was dismissed because she repeatedly failed to attend and engage with the disciplinary process despite clear warnings and multiple opportunities to do so.

The Complainant claimed that she had been unfairly dismissed after reporting what she believed was a GDPR breach to her employer and copying her SIPTU representative on the email. She had worked for the Respondent from January 2018 and was dismissed in December 2023. She accepted that she had sent documents containing colleagues’ personal information to her union representative, but said she had done so because she panicked, wanted a witness, and believed she was properly reporting a breach. She disputed the disciplinary process and repeatedly sought clarification before attending any hearing, including information about how the documents had appeared on her desk and how the original breach had been handled. She maintained that she had not refused to cooperate but had not received sufficient information to attend fairly. She also referred to earlier protected disclosures and argued that dismissal was disproportionate and procedurally unfair.

The Respondent denied that the dismissal had been unfair. It submitted that two employees had raised grievances after the Complainant disclosed their personal information to an external third party, namely her SIPTU representative. An external HR investigator was appointed, met with the relevant parties, and concluded that the Complainant had committed a GDPR breach. The matter then proceeded to disciplinary stage. The Respondent said the Complainant was provided with the relevant documentation, invited to disciplinary hearings on several occasions, allowed representation, and warned that non-attendance could result in the hearing proceeding in her absence and could itself amount to gross misconduct. The Respondent argued that the Complainant repeatedly declined to attend despite warnings. It maintained that she was not dismissed simply for the GDPR breach, but for refusing to engage in the disciplinary process and failing to follow a reasonable management instruction. Her dismissal was upheld on appeal.

The Adjudicating Officer refused a late attempt to recast the claim as a protected disclosures claim, noting that the Complainant was represented, the Respondent had answered an unfair dismissal case, and it would be unfair to permit amendment after evidence had been heard. The Adjudicator applied the Unfair Dismissals Acts and the “band of reasonable responses” test, referring to Bank of Ireland v O’Reilly and O’Riordan v Great Southern Hotels. The Adjudicator found that the Respondent had conducted an investigation, appointed different individuals at each stage, provided documentation, allowed representation, warned of the consequences of non-attendance, and offered an appeal. The disciplinary process had been frustrated by the Complainant’s failure to attend despite repeated rescheduling and warnings. The Respondent was entitled to treat that failure as refusal to follow a reasonable management instruction. The dismissal fell within the range of reasonable responses and the complaint was not well founded.

Employers should:

• Clearly distinguish between the underlying misconduct allegation and any later failure to engage with process. In this case, the Respondent’s position was strengthened because it maintained that dismissal arose not from the GDPR breach alone, but from repeated non-attendance at disciplinary hearings after clear warnings.

• Remember, where an employee seeks clarification before attending a disciplinary hearing, employers should respond meaningfully but should also make clear that the disciplinary hearing is the proper forum to raise explanations, objections and mitigation. If non-attendance may itself be treated as misconduct, that must be stated expressly, along with the possibility that the hearing may proceed in the employee’s absence and that dismissal may result.

• Ensure procedural separation between investigation, disciplinary decision and appeal.  
  

The full case can be found here.