DATA PROTECTION - 19.10.2023
New guidance on monitoring workers
In October 2023 the Information Commissioner’s Office (ICO) published guidance for employers on how to lawfully monitor workers. What does the new guidance include and what does the ICO mean by its use of the term “worker”?
DATA PROTECTION - 20.09.2023
Data protection and workers’ health
Updated guidance. In August 2023 the Information Commissioner’s Office (ICO) issued updated guidance on data protection and workers’ health (see The next step ). The guidance aims to help employers understand their data protection obligations under the UK GDPR and Data Protection Act 2018 when they are handling workers’ health information. As well as covering the relevant laws, the guidance explains how to handle sickness and injury records, carrying out of health monitoring and when workers’ health information may be shared. ...
DATA PROTECTION - 06.09.2023
Misusing personal data for sex
Research by the Information Commissioner’s Office shows that hundreds of employees have used a third party’s personal data to make romantic or sexual propositions. What do you need to know?
DATA PROTECTION - 20.06.2023
Protecting payroll data
There have been several high profile payroll data breaches recently. How can you ensure that your payroll systems are robust enough to protect your employees’ personal data?
DATA PROTECTION - 13.06.2023
Q&A - making a subject access request
Q. If an employee wants to make a subject access request, must it be given to us in a particular format? A. The UK GDPR does not set out any formal requirements or suggestions for a valid subject access request. This means that a subject access request can be made to you verbally or in writing, and it does not have to be directed to a specific person or contact point. It’s also important to remember that a subject access request doesn’t have to specifically include the words “subject access request” or refer to rights of access under the UK GDPR . The employee only needs to be clear that they are requesting their own personal information, e.g. by asking: “What information do you hold on me?” or “Please send me a copy of my personnel file”. ...
DATA PROTECTION - 15.05.2023
Personal data obtained during recruitment
During a recruitment exercise you’ll probably gather personal data from a variety of sources, e.g. application forms, CVs and interview notes. How long should you retain this information for and what else must you always do?