so-call “ISMgr” logs in as other usrs?

Can someone tell me if it’s proper for an IS mgr to constantly log in as other users in the organization and go through their documents while doing so? I’m a network assistant and have noticed the IS mgr doing this frequently. “A real IS Mgr shouldn’t have to use other login names, should they?”
It seems ok for testing a username and password but not to actually use the username. This all started a couple weeks ago when this organization announced it wanted to go union. Is the IS mgr doing this legally? It just doesn’t seem right! Please reply.