Where do you discuss bad news?

In any organisation, you have to discuss bad news but few people consider where it is discussed. How you discuss bad news will influence, if not determine, the success of your company. The issue is more than critical upwards communication in which junior staff have to be able to report bad (or critical) news upwards either formally or informally. The issue is more than a concern with the learning organisation and double loop versus single loop learning where a company has to learn from its mistakes. Instead, it is something fundamental, which was missing at Enron. At Enron, there was literally nowhere to discuss bad news. Bad news was not suppressed staff had no place to discuss it outside existing management structures. The reporting lines within services and within organisations can reinforce the existing cultural or managerial expectations about bad news or good news. If there is no place for the junior or midlevel managers, who understood something was going wrong, to meet to discuss the issues, then the organisation lacks a critical core needed to deal with bad news. The critical core is rarely at the senior level because they usually do not know about the bad news or take a personal or organisational interest in managing such discussions.

How, where and why BN is discussed will tell you about the organisation and its health. If your management team meetings or extended management team meetings are only focused on good news or what is planned, you give the implicit message that only good news or approved news is to be brought to the meeting. The desire to hear good news, especially in collective meetings, is understandable. No one likes to hear bad news no matter how important it may be. The larger the meeting the less it will be an appropriate place to discuss bad news because it can be seen as criticism. If the bad news becomes a criticism, then in a large group setting it can become like a re-education camp where underperforming units are held to account or to blame. Such an approach will be unintended, but it can easily become the default setting when people set out to discuss bad news. The challenge is to find the right place, the right amount of people, to discuss bad news.

What is bad news?

To understand the problem we need to consider the types of bad news. Broadly speaking there are three types of bad news (BN)

  1. BN staff know
  2. BN only managers know
  3. BN only senior managers know.

Bad news in an organisation is usually of three types, performance, external shocks, and internal shocks. Bad news is not idle gossip or personal problems of staff. Bad news is something that affects the organisation either directly, we are going out of business, or indirectly, division x has lost 10 billion dollars and we need to find the money from all budgets. In most cases, but not all, the bad news has a direct and immediate effect on the company’s reputation. However, bad news is not simply poor performance because performance related issues have an agreed process nor is it well known public news such as the outcome of a trial or a long awaited regulatory sanction.

We may believe that discussing bad news has an obvious reason. However, the reason for discussing bad news reflects an organisation’s cultural norms. This is different from a culture of good news. Instead, it is based on the idea that employees have to follow an internal cultural code that dictates why, how and where bad news is discussed. On the surface, this appears obvious because we discuss bad news when there is a problem to be solved. However, this overlooks the secondary issue of why is there a problem or more precisely “Why do you think there is a problem that needs to be discussed?” A cultural norm may suggest that why you discuss bad news can be understood depending on its context. Is it about under performance? Or is it a threat, a criticism or is it whistle blowing? Senior managers can be unwilling or unable to ask for bad news or to give bad news because the culture norms within their organisation create the fear that they will “make their boss” look bad or be seen as a trouble maker.

Bad news is always a challenge to the chain of command

A closely related concern is the chain of command. The chain of command provides a way to communicate and control decisions within an organisation. It also provides a place and a method for discussing bad news. The discussion will occur within the chain of command and be passed upwards or it is resolved at the proper level. The command level at each level is the place where bad news is to be discussed. One can be disciplined for violating the chain of command by telling a senior manager bad news that the middle manager will tell them. However, the command and control system has problems because it does not create a place for discussing organisation wide bad news.

Most bad news is hidden until it goes away, solves itself or explodes

In many organisations, bad news is kept in silos or hidden because of the chain of command. In some cases, the corporate or departmental culture wants to avoid bad news. If bad news is suppressed or hidden, it can reach dysfunctional levels. Most organisations are very good at single loop learning. They can solve a problem as it emerges. Many companies are not good at double loop learning where they prevent problems by modifying systems to remove the cause of the problems. If a company relies exclusively on single loop learning, then managers only deal with symptoms because that is what they are rewarded for doing. If bad news is not discussed openly or in a place where a wider perspective can be used, manager can learn that the best way to avoid problems is to avoid reporting them or discovering them and not dealing with the causes. They simply explain things are going ok and soften the news so that bad news is watered down into mild news or becomes god news.


A place to discuss bad news creates the opportunity to define its limits.

If senior managers do not have a place to discuss bad news they may hide it from other senior manages. In this case, the chain of command removes the places where bad news can be discussed.  As a result, senior managers only find out about bad news from external events, bad news in the press, or from external inquiries, like an auditor, who suddenly create a space where bad news can be discussed because individual managers who may be able to see the issue cannot meet to discuss the bad news. In these situations, the performance management system and performance information become a proxy for discussing bad news. The art of indirect reporting or simply focusing on the targets that are working well is rewarded. Instead of discussing bad news, the conversation is about under performance and a discussion focuses on the quality of the performance indicators and the performance management process rather than the actual problem, the bad news. People seek to change the target or say that the target is unfair or can be qualified in a variety of methods. Bad news is not discussed openly.

Are your corporate cultural norms keeping such a place from forming?

Culture norms in an organisation can inhibit bad news and remove the areas where it can be discussed. The culture norms of an organisation can make it appear that to discuss bad news you have challenged the organisation. You are a troublemaker. When these norms exist, bad news is only discussed by indirect means. People gossip about it or talk in the hallways but never in the meeting room. The bad news becomes capital or ammunition within the bureaucratic negotiations or battles within the organisation. For example, if a junior employee discovered a security leak. They would not have a place to discuss it. Instead, they would tell their senior managers so they can use this information and manage it. The demand that such actions be channelled upwards means that bad news is contained and managed within the chain of command.

What is to be done?

First, an organisation must create a place where people can discuss bad news. A formal meeting could prove counterproductive as no bad news is ever discussed. A place could be created indirectly; so that challengescan be considered to create, the space to discuss that comes from discussions that cover Strength, Weaknesses Opportunities and Threats (SWOT) meetings. At the same time, the organisation can look at how it does communicate critical informationupward and link that to the

English: Stokes, NC, 09/16/1999 -- Pitt County...

English: Stokes, NC, 09/16/1999 — Pitt County State Emergency Management Team and Emergency Management manager Bobby Joyner (R-Blue, glasses) and SERT Wesley Greene (red hat) meet with shelter officials at the Stokes Elementary School and discuss needs for housing 160 families. Photo by Dave Gatley/ FEMA News Photo (Photo credit: Wikipedia)

way managers meet to discuss topics. The best approach is for senior managers to convene off the record meetings where they ask pointed questions like “Tell me what is going wrong and what needs to be done.”  Such meetings cannot emerge overnight, as the senior managers have to be trusted not to be using this to seek out disloyalty or doubt and to be aware that few employees will speak the truth, at least initially, in such settings.


Bad news is a reality. What you can control is how you manage it. If you do not have a space for discussing bad news where managers can meet to explore the issue, then you may have more than bad news to manage.


Enhanced by Zemanta
Posted in change, change managment, culture, leadership, learning organisation, management, renewal | Tagged , , , , , , , , , | Leave a comment

Is privacy the myth that encourages us to be the state’s standing digital reserve?

Cray X-MP/24 (serial no. 115) used by NSA

Cray X-MP/24 (serial no. 115) used by NSA (Photo credit: Wikipedia)

A recent story on the BBC highlighted the number of data breaches reported by Welsh local government councils. Aside from the questions about the breaches, how they can be prevented, and whether the reporting mechanism encourages or discourages organisations from self-reporting, a deeper question about digital privacy emerges. Does the Data Protection Act, a breach of it, or digital privacy even matter?

When a breach occurs and whether or not the organisation tells them or the regulatory, we face a problem. After the initial anger, though, the subject or victim suddenly realize they are literally powerless in the face of the breach of the principle or the law.  They have little basis for which to seek redress. Yes, they can file a complaint with the organisation. Yes, they can get the regulator, the Information Commissioner Office (ICO) interested in taking enforcement action, but that does not satisfy their injury. The data is still lost.

A data breach or lost data, so what?

At that moment, we start to see what is missing from the moral panics created by the Snowden affair and from the HMRC debacle.  So far, we have to ask who has been harmed and what types of harm have the people who suffered the breach experienced?  I do not mean that people are not upset by a council losing their data, or the NSA accessing their data, or even the HMRC losing their personal details, but what is the harm? As we reflect on this point, we start to realize that the loss of personal data is relatively inconsequential aside from the annoyance factor. We have to consider that our current digital development is relatively primitive so we have not seen the full range of ways that our personal data, even a small amount of it, can (and will be) exploited by the state or the private sector.[1]  The reason being is that there is a difficulty in showing the harm to our digital person in a way that we can show the harm to our physical person from a faulty toaster or a flawed car design where millions of cars recalled when someone gets hurt.

Privacy will not be created or defended by a regulator

Now, before someone asks the silly question that comes with discussions like this, “Well, would you want your data lost or published”, the obvious answer is no. However, that is not the question. The issue is what the redress is for someone who suffers a data breach or has their personal data exploited in ways they did not expect or want. So far, the redress is at best indirect. You can get the organisation to apologize. You may even find one or two that seek to pay you a small amount of money to avoid the hassle of dealing with any legal claims or the bureaucratic paperwork associated with dealing with a regulator. Look at how the banks regularly pay money as mitigation in regulatory investigations. A similar approach, from the regulator’s view is the use of deferred prosecutions.[2] The approach does offer tactical and strategic advantages for both parties except it does not satisfy the aggrieved. In other words, their access to justice is limited to what the regulator feels is in the public interest, which gives us an insight into the coming problems with personal data.

Leaving aside the regulatory pressures, the individual will have a hard time showing damage and distress unless they have experienced it directly, immediately and physically.[3] The problem, at least from those wishing to assert privacy as being control over personal information, is to define or suggest what damage occurs from losing your bank details or your pension details (remember the breach with the contractor who decided to dispose of them in the skip, the personal data was considered minor), thus personal data lost, but no big deal (yes it was a big deal for the Council and the ICO) but for the individuals affected, they had to live with it.[4]

Privacy but what is the damage and distress?

What further adds to the inadequacy of asserting privacy is based on control over personal data is that the loss of control or abuse of that control are not grounded in torts or the injuries to the digital person (or even the physical person) that are easy to know or quantify. In the UK, anyone seeking compensation must be able to show distress and damage.[5] For the most part, the distress never amounts to the damages required to create the basis for a compensation claim.  We can see this in the care.data furore. In this case, the public, or at least the data protection savvy part of the public, were concerned that the health data made available to health care providers would create discrimination against people with health problems.[6] So far, we cannot quantify or identify immediate individual harms based upon the companies having access to the database.  We can feel or believe that it is unfair, but we rarely if ever have laws that say “The community feel aggrieved and thus this is harm”. Instead, we look for individual harms have Mr. X or Ms Y suffered as a result and can they demonstrate it. The problem though is how do you demonstrate that Facebook is discriminating against you in their service provision because you happen to like or dislike something? What would be your evidence, what would be the harm you would show?

The bureaucratic tyranny at the heart of the modern state.

We arrive with the hidden issue. We seem to overlook or forget that data sharing and the use of our personal data for the public interest is embedded in much of the UK legislation.[7] So we may have a situation where we may be seeing our crime rates getting lower (or our health improving) because the police and the government, including local authorities, (or the medical professionals) no longer see as many problems, the fear or risk aversion from breaching the DPA are disappearing, and the willingness to share increases, *even at the expense of people’s rights*. As no one knows about it or even if they did the public interest supports the government (even if it does not condone it) or the effort to challenge by the individual is so far removed or difficult (if you are being done for murder are you really going to focus on the potential data breach?) the sharing becomes easier.  Thus, we see a bureaucratic tyranny emerging that is as silent and efficient as parliament has wanted given the number of laws that encourage (without demanding or explicitly requiring) sharing because they all serve the common good (even though they might have individual cases of harm).  From the perspective of the state, such legislation is the minimum it will tolerate for it does not want anything that will inhibit its ability to act. To an extent this is what the public want, but it shows the tension, if not the failure, of liberalism as the individual “rights” have to be balanced against state “authority”, especially as the state ensures the individual’s rights.

Share because it is better to trample a few rights than have a murder.

One need only note the near seismic shift since the Bichard Enquiry on the police approach to sharing. One could put it crudely to say that the shift has been from share very little to share everything. The logic for the police being it is better to have the occasional person complain about rights being trampled (Mr. Catt[8]) than to explain to everyone why their failure to share allowed someone like (Mr. Huntley) to kill young girls[9] or a relative kill a child (Victoria Climbie).[10]  At the same time, we see this tension in the NHS, trying to protect Sensitive Personal Data (health data) (your data is confidential you will consent to any use of it)[11] even as the UK government wants to open up health databases to be harvested and exploited for the public good.

We come to the realization that the UK’s excellent medical databases become another resource to be exploited by the state. Instead of coal or North Sea oil, the UK will use their data (the personal data of its citizens) as their comparative advantage, the natural resource, to be exploited to make the UK economy run.[12]

The dual impasse inadequate laws to deal with being the standing reserve

Thus, we arrive at a dual impasse. First our laws are developed for our physical person. We do not yet have a way to protect our digital person except to the point it relates to our physical person. Thus, as the demands on our digital person grow and we find it difficult to trace it back to our physical person and even if we do we find it difficult to show the harm. Any attempt so far has shown the incoherence of the concept of privacy and leave unresolved the horrific consequences of reducing us to a digital person. Second, we want to protect personal data (the autonomous individual is sacrosanct so we must believe from Mr Snowden) except that it (the individual) is now the standing reserve to be harvested so that the economy and the state, can deliver better outcomes and deliver the services the public want.[13]

The terms and conditions of the modern state.

What we now have is the dawning realization that the terms and conditions of the modern state are coming due. Our personal data, beyond taxes, is what makes the state move and we want the state (and the wider economy) to continue to provide us with our benefits so that our rights are enforced and expanded and we want our Facebook, Google, and Amazon preferences tailored to us as individuals. Even if we wanted to recast the social contract, how can we if we do not, and never have, controlled our personal data as these breaches demonstrate and the right to be forgotten reminds us?


[1] Yes, we can show examples of people suffering bad things. But for the vast majority of breaches, we still do not have a clear cause and effect between breach and harm, which is the point I am arguing. (The harm from the Snowden issue is not on the wheat, but on the chaff.  They have probably harvested my details but so far neither Seal Team 6 nor the SAS has been in contact nor do I expect them to be.)

[2] See for example this analysis which suggests that they are used excessively for fear of a criminal conviction becoming a “death penalty” Markoff, Gabriel, Arthur Andersen and the Myth of the Corporate Death Penalty: Corporate Criminal Convictions in the Twenty-First Century (August 20, 2012). 15 University of Pennsylvania Journal of Business Law 797 (2013). Available at SSRN: http://ssrn.com/abstract=2132242 or http://dx.doi.org/10.2139/ssrn.2132242 As well as a similar analysis that suggest that it is open to abuse. Uhlmann, David M., Deferred Prosecution and Non-Prosecution Agreements and the Erosion of Corporate Criminal Liability (October 1, 2013). Maryland Law Review, Vol. 72, No. 4, 2013; U of Michigan Public Law Research Paper No. 352. Available at SSRN: http://ssrn.com/abstract=2334230

[3]Yes, there is a recent case where a group of people sued Islington Council and sought damages for having to move because their personal details were disclosed. However, this is one case in the thousands of data breaches that have been reported. Perhaps, most of these cases are resolved beneath this level, the small payments to avoid the drawn out legal or bureaucratic processes (the crude cost-benefit approach), but that seems unlikely given that the public sector, in particular, are loath to spend money as freely as the financial sector or rather the financial sector calculates the cost benefit analysis quicker or has less ego in trying to solve a problem. J

[4] As this analysis shows, there is a weakness at the heart of the ICO’s enforcement system. http://amberhawk.typepad.com/amberhawk/2013/08/does-quashing-the-scottish-borders-monetary-penalty-mean-a-change-to-ico-enforcement-policy.html

[5] The central case in this issue is Johnson v. Medical Defence Union. See this blog for analysis of recent developments on this area as it relates to Data Protection law in the UK. http://informationrightsandwrongs.com/2013/05/17/damages-under-s13-data-protection-act-an-opportunity-lost/

[6] The data sharing programme was halted until the communication could be improved and the concerns by interested parties were addressed. http://www.telegraph.co.uk/health/healthnews/10634539/Crisis-of-confidence-in-NHS-database-warn-GPs.html

[7] See for example, Children’s Act 2004 section 11 http://www.legislation.gov.uk/ukpga/2004/31/section/11 See for example, Crime and Disorder Act 1998 section 17 http://www.legislation.gov.uk/ukpga/1998/37/section/17 coupled with section 115 http://www.legislation.gov.uk/ukpga/1998/37/section/115



[8] Mr Catt is a non-violent campaigner who found out that his DNA was on a police extremist database even though he had done nothing criminal to warrant the inclusion on the database. http://www.bbc.co.uk/news/uk-england-sussex-21783596


[9] See the Bichard Inquiry http://en.wikipedia.org/wiki/Bichard_report following the Soham murders. http://en.wikipedia.org/wiki/Soham_murders

[10] http://en.wikipedia.org/wiki/Murder_of_Victoria_Climbi%C3%A9

[11] http://www.hscic.gov.uk/confguideorg

[12] See for example Francis Maude’s award from the Demographics Users Group in 2011 https://www.gov.uk/government/news/top-companies-commend-francis-maude-for-open-data More generally consider the report from World Economic Forum http://www.weforum.org/reports/personal-data-emergence-new-asset-class

[13] Martin Heidegger foresaw this development in his work on the Question Concern Technology which he presented in 1955. In the essay the key passage for our concerns now is the following This danger attests itself to us in two ways. As soon as what is unconcealed no longer concerns man even as object, but does, rather, exclusively as standing-reserve, and man in the midst of the objectlessness is nothing but the orderer of the standing reserve, ten he comes to the very brink of a precipitous fall; that is, he comes to the point where he himself will have to be taken as standing-reserve. P.26-27 (Harper Torchbook Martin Heidegger The Question Concerning Technology and other essays.)

Enhanced by Zemanta
Posted in data protection act, information management, local government | Tagged , , , , , , , , , | Leave a comment


lawrence serewicz:

This blog post captures the move to a modern approach to work where location does not matter because what matters is the ability to be connected either digitally or physically with colleagues. Work is not about place. It is about the room for improvement. Have you thought about whether you have room for improvement.

Originally posted on philjackman:

Day 9 of the A to Z Blogging Challenge .

The biggest room in your business should be the room for improvement. Is it? I hope it’s bigger than the room for complacency. Perhaps this is a big room where you work. It shouldn’t be. Haven’t you heard it said that there is no room for complacency?

We have a room for improvement. It used to be my office.

I didn’t want an office. My work doesn’t require me to be alone. My work doesn’t require me to have status. We needed a place to meet with people. In a building filled with unoccupied desks there is surprisingly little meeting space and so I changed my office into a meeting room. It has its own booking system as well as tea and coffee facilities but it still had my name on the door and the cynics and the doubters said…

View original 230 more words

Posted in Uncategorized | Leave a comment

Why your boss is a jerk (and what you can do about it)

lawrence serewicz:

Managers need to exercise some control to deliver the results that are requires and to help their works achieve their potential. However obedience can have a dark side unless it is tempered by judgement. Good managers encourage and train their staff to use their judgement and to act with bounded independence. Bad managers demand rote obedience and suppress judgement to mere rule and procedure following. This article by John Stepper shows the dangers of obedience.

Originally posted on John Stepper:

Complete this sentence: “My boss is a …”

Did you say “role model”? Or “true leader”? No. When you start searching the Internet for “My boss is a…,” the most common completions are “bully,” “idiot,” “jerk,” “liar,” “psycho,” “moron,” and some other words that aren’t very nice.

Every day, millions of people are subjected to work situations that rob them of control and often their dignity. Maybe it’s a boss who mistreats you. Or rules that tell you what to do and when to do it. Or management systems that force you to compete with colleagues, bringing out the worst in human behavior.

Here’s why your boss is a jerk – and how you can fight back.

The perils of obedience

The Milgram control panelIn July, 1961, three months after Adolf Eichmann went on trial for Nazi war crimes, the psychologist Stanley Milgram began a series of experiments on obedience to authority figures…

View original 774 more words

Posted in Uncategorized | Leave a comment

The future of Records Management (A youtube video)

I thought it was time to join the YouTube generation and post a video.

I narrated a PowerPoint presentation and converted it into a video. Although these tools have been around for a few years, I did this for two reasons.

First, I wanted to see how it was done. The ability to use social media technology and be able to present on different platforms is an important business skills. PowerPoint is a dominant platform in most businesses and a key management tool so I thought it would be good to see its potential. A narrated presentation can be sent to people who were unable to attend the meeting and to hear the presentation in their own time at their own pace.

I hope I have avoided the twin dangers of a powerpoint presenation. The first is reading the slides line by line. The second is having visuals that are so abstract that the presentation does not match the screen display.


The second reason I wanted to do it is that I wanted to share my enthusiasm for records management and its future.  I made this presentation two years ago for a conference and I wanted to share it.  I cover three areas, culture, technology, and legislation. I sketched out some developments over the next five and 10 years.  I hope you find it of interest and use. 

As the original contained copyrighted material I had to take those out and replace them. (The artists were paid in milk and cookies.)  I would welcome your comments.

Video | Posted on by | Tagged , , , , , , | Leave a comment

Three ways to check your company’s health

Alfred P. Sloan

Alfred P. Sloan (Photo credit: Wikipedia)

Most chief executives think that they can understand their organisation by what is going right. They look at performance indicators to see what is green, what is delivering the best results and what offers the most profits. For an individual, this makes sense. A manager or a worker must work to their strengths and minimize their weaknesses. Good managers recognise this and create teams that complement their strengths and mitigate their weaknesses.  However, the same can never be true for a CEO who is managing an organisation. The organisation cannot mitigate its weaknesses or avoid the bad news in the same way. It cannot look to the next tier of management to solve their problem. These issues are doubly important for understanding corporate culture, which determines an organisation’s business health. To understand the health of the organisation, the challenge is to get more bad news reported the higher you go in the organisation.

What I mean is that the CEO should be less concerned with hearing about good news or how wonderful things are and more interested in hearing what is going wrong. I do not mean that they need to be negative or search out negative topics to criticise. Instead, I mean they need exception reporting on cultural issues. They need to search this out because reporting, especially on cultural issues, is always inverted in an organisation. Aside from the general concern with bad news, junior staff will have less incentive to report the bad news upwards. To counteract this natural bias to good news, the Chief Executive needs to look for topics that create an exception for the organisation and have those reported to them as standard items. As a standard item, they avoid the appearance of bad news. The topic becomes something that appears to be routine performance information.

Here are three exceptions that can reveal the health of their organisation’s culture. There are others and I focus on these because these are not simply issues of “bad news”, but they are areas where the organisation can see the consequences of its culture and internal procedures. The three areas are

  1. Grievances or disciplinary issues
  2. Compromise agreements,
  3. Exit interviews.

Grievances. Most chief executives do not bother themselves with this level of detail. Yet, grievances are an insight into how their teams are being managed and how the organisation resolves internal disputes. If a service or a department has a higher number of grievances than another, it is time to look at how they manage their staff. What is the culture within that team, department, or the service? What is the nature of the grievance and are there systems in place to learn from them? If the staff leave after grievances, is there something within the way they are managed. Does that unit or department have a “my way or the highway” management approach? If the organisation is not learning to avoid grievances, which are the breakdown of trust and communication between staff and between employees and managers, then where is it learning?

Disciplinary action.

Although these are directly related to grievances and are often lumped together, they need to be considered differently. Grievances may be a disagreement; a disciplinary is a formal process with a legally binding outcome. Here the organisation has to enforce its formal rules and culture. The issue is one where the rules have been broken and order must be restored. However, it is important to know why the problem emerged. What could have prevented it? Was it a problem of ignorance? Does it indicate a larger problem with culture or the way the system constrains the employee? What we may find is that the more the staff have to be disciplined, the less the system allows them to operate effectively or independently. Alternatively, the more staff are disciplined; it may suggest that management has failed because steps to prevent this informally or even formally have not worked. For each disciplinary, is the relevant manager being asked to explain what they did and could have done to prevent it. If an organisation is only efficient at completing these and not looking at preventing them, it may have to reconsider its culture.

Compromise agreements.

Depending on your organisation, the chief executive may not approve these. If that is the case, then it will immediately be an area for concern. At a minimum a Chief Executive needs to know how many, why and where they are occurring even if they do not personally approve them. If a department is using these more than it is using others, the Chief Executive needs to understand what that means. Are they using these to silence whistle-blowers? Is the unit a “soft touch”? Alternatively, is it creating problems so severe that the only way to avoid legal or regulatory proceedings is to “pay off” staff. These questions need to be considered to understand the corporate culture.

Exit interviews.

Exit interviews are often the least exploited asset an organisation has. Many companies do not use these. Some that do may only use them to make sure someone is not going to take the company to an employment tribunal. They use them as part of a dispute resolution or prevention system rather than trying to learn from them. Even where they are used and they are used for the positive reasons, they are not exploited for what they reveal about the company’s culture. The Chief Executive is not going to need to see each one. Instead, they need to make sure a system exists to collect them and department managers and unit managers review them to learn from them. In the same way that induction programmes are needed to introduce an employee to the organisation, the exit interview needs to complete that loop. The reason why people leave is as important as why someone wants to work for a company. If the two are not linked, then the corporate culture will not be revealed, and the organisation is unlikely to be learning.

These are all HR issues, why does the CEO need to know them.

HR covers all of these topics and the CEO needs to know them. If they are not performance indicators within the company, then how the CEO understand the corporate culture? Even if the CEO is too busy for this level of detail, they need to have them reported on some basis even if only in an abstract or aggregated level. They may not add to the bottom line, but they have a direct impact on your bottom line. An alert CEO will realize that if these issues are out of control or not being tracked then the organisation is wasting a lot of energy to deal with problems created within the organisation and not harnessing positive energy to deliver a better service for customers and clients.

Enhanced by Zemanta
Posted in culture, customer service, learning organisation, management | Tagged , , , , , , , , , | Leave a comment

Is quality or timeliness the key to FOIA success?

Act of July 4, 1966, Public Law 89-487, 80 STA...

Act of July 4, 1966, Public Law 89-487, 80 STAT 250, which amended section 3 of the Administrative Procedure Act, chapter 324, of the Act of June 11, 1916, to clarify and protect the right of the public to information., 07/04/1966 (Page 3 of 3) (Photo credit: The U.S. National Archives)

Is quality or timeliness the key to FOIA success?

If you work with freedom of information, you face an eternal debate: is it better to have a lower quality response on time or a complete response that is overdue. In large organisations, it can be difficult to have quality and timeliness coincide for complex requests. The question is not an idle one because it can influence how organisations manage their FOIA process in the time of reduced funding for public sector organisations.

The choice is not without consequences. Late responses can lead to the regulator, the Information Commissioner’s Office (ICO), investigating and potentially issuing an enforcement notice, or, if response times are chronically late, monitoring the organisation’s responses for three months. The monitoring creates adverse publicity. By contrast, poor quality responses will lead to increased requests for internal reviews that increase the work at a time the organisation was trying to reduce costs. If a poor quality response leads to an internal review, and the applicant is unhappy with it, they can complain to the ICO. A complaint can lead to decision notices, which create additional work. At the same time, a rushed response may either release information inappropriately or apply an exemption, to withhold the information, incorrectly.

From my research and analysis, I suggest that quality rather than timeliness is the preferred choice because quality creates less complaints or additional work. To put it crudely, half a loaf is better than no loaf. If that half a loaf is high quality then there will be less likelihood of a complaint and additional work. To support this argument, I analysed the government’s published FOI response rates in 2012.

The central government’s approach to FOI suggests that timeliness rather than the quality creates the bureaucratic burden. Their approach creates more work. I would speculate that it reflects a concern with internal compliance, an output, rather than an outcome. By that I mean, the performance suggests a focus on a target, the response rate, rather than the outcome, the content or quality of its responses. Too much of a focus on timeliness, an output, will distort the desired outcome, inform the applicant. If the applicant is not satisfied with a response, especially those that appear cursory or refuse the information without good reason, they are more likely to request an internal review and complain to the ICO. An internal review and a complaint to the ICO mean more work for the organisation. One caveat to note is that I have not considered whether the organisation needs to apply more exemptions or specific exemptions because they hold sensitive material like national security documents.

To explore the issue, we need to look at the central government’s monitoring statistics. http://www.justice.gov.uk/downloads/statistics/mojstats/foi-statistics/foi-stats-bulletin-q2-2012.pdf . I selected the Department for Transport (DfT) at random.  If we look at the statistics over the last three years, we can see the following emerge.

First, the DfT has responded to 92% of its requests within 20 working days. On the surface, this looks to be a good response rate. Yet, we need to look beneath the surface to understand the wider context. We need to consider the rate of full responses, the number of internal reviews, and the number of decision notices.

Percentage of responses considered responses in full

A response in full is one where no information is refused or exempted. These requests are less likely to receive an internal review leading to a complaint to the ICO. The DfT had 70 % of its responses as being responses in full. This means they either exempted the material or were unable to provide it. By comparison, no central government ministry that is monitored for FOI was above 80% on consistent basis. This might suggest that the central government uses exemptions more frequently. An important secondary question, that a different research project could explore, is whether those exemptions are appropriate or are they overused to give a quick response. In other words, if in doubt apply an exemption. If the applicant is dissatisfied with the response, this will lead to internal reviews. An applicant can submit an internal review request when the 20 working day deadline is missed but most applicants request an internal review when they are dissatisfied with the response. The applicant would be able to complain that material was missing or that the wrong exemption was applied or the exemption was applied incorrectly.

Decision Notices tell a story

The DfT has received 30 decision notices in the last 3 years up to 2012. Of these decision notices, 21 were upheld and nine were not upheld. The ICO issues a decision notice after investigating a complaint. The applicant has to go through the organisation’s internal review process before they can appeal to the ICO. If the internal review does not resolve the issue, they can appeal to the ICO.  At that point, the ICO has to contact the organisation to resolve the complaint. In all cases, they ask the organisation to resolve the issue informally if possible. If this is not possible, they have to investigate the complaint and either resolves it informally, have the organisation comply without a decision notice, or issue a decision notice to require the organisation to comply or to uphold the organisation’s refusal.

A Stitch in Time Saves Nine

As a rule of thumb, for each complaint to the ICO, there are at least two to three internal reviews that are resolved satisfactorily so they never go to the ICO. Of the internal reviews that go to the ICO, usually, half of these are resolved informally without a need for a decision notice. What this means is that for 30 decision notices, you are looking at 60-100 complaints to the ICO. For there to be 60-100 complaints to the ICO, there has to be roughly 200-300 internal reviews.

Each internal review and each ICO complaint creates more work. This regulatory burden is self-inflicted. The focus on output, the timeliness of the response appears to undermine the outcome, a satisfied applicant. The dissatisfied customer creates more work for the organisation. The best way to describe this is that a stitch in time saves nine. If the organisation is focused on timeliness and quality of the response, a full response, then there are going to be fewer internal reviews and fewer complaints to the ICO. However, this would have to be balanced against the need to apply exemptions appropriately and when required. There is no advantage for an organisation to satisfy the customer at the cost of the organisation because it does work in the public interest.

Other factors to cut the regulatory burden can be useful. First, better customer service would cut its FOI burden by doing as much as possible to cut the complaints to the ICO. Second, proactively publishing more material will cut the number of requests. Finally, the organisation will want to check whether its internal process focuses on timeliness at the cost of quality. A process that provides better responses, even at the cost of timeliness, may actually do more to protect the organisation’s resources.


From my research, I would tentatively suggest that the best result is quality and timeliness. This is obvious as it is the ideal that all organisations want to deliver. The next best result is quality over timeliness. A high quality response reduces the chances of an internal review. There is still the issue of timeliness but that is less likely to lead to an internal review or a complaint to the ICO. The next best result is timeliness over quality. A quick response does show an efficient process even though it may not be an effective process. When timeliness is the priority, is that for the benefit of the customer or the organisation? The worst outcome is low quality and poor quality.

My results though are tentative. I would suggest that a research into the question would survey applicants to understand their preferences and their expectations about timeliness and quality. The approach would need to explore if organisation make the trade-off between quality and timeliness explicitly or implicit. Further research would consider how the exemptions used by an organisation influence timeliness. For example, are they using some exemptions quickly to buy time or to deter an applicant? Alternatively, the exemptions may be right but poorly explained. In any case, the use of an exemption will have an effect on their response rates and the quality of the responses. Further research is needed to confirm these hypotheses and explore how organisations apply exemptions as part of the trade-off between quality and timeliness.

Enhanced by Zemanta
Posted in change, change managment, creative destruction, Uncategorized | Tagged , , , , , , | Leave a comment