Employee records and data privacy

Employee records and data privacy

The Data Protection Act 2018 and UK General Data Protection Regulations (GDPR) set out the basic legal rules in place to protect personal data belonging to private individuals and prevent the misuse of personal data. These are key for employers to understand and be able to apply in practice.

An employer is legally required to protect the personal data of its employees and only use their data for certain lawful purposes by complying with the strict rules known as the ‘data protection principles’.

Under these obligations employers are required to:

  • process personal data in a fair, lawful and transparent manner;
  • collect personal data for specific, explicit and legitimate purposes;
  • ensure information is adequate, relevant and limited to what is necessary for which it is processed;
  • keep data up to date, accurate and in a form that enables data subjects to be identified for no longer than is necessary;
  • process information in a way that ensures it is appropriately secure; and
  • not transfer data outside the UK without adequate protection in place.

    • In addition, employees have the right to be told about:

    • how their personal data is used;
    • what records of personal data are kept about them; and
    • the confidentiality of their data/records and how those records can assist their training and development at work.

      • If an employer fails to adequately protect employee personal data, the employer could automatically be in breach of their duties owed to the employees and this could result in serious consequences such as a breach of contract. Therefore, when it comes to employee records, ensuring the effective data protection safeguards are in place from the outset is essential to protect the organisation.

      To speak with our multi award-winning Employment team on any issue of data privacy and employee records, please call 0333 323 5292 or fill in our enquiry form and we will be happy to help.

      Your key contact

      Required
      Required
      Required

      “The team is very good and responds quickly. They are commercial – they will understand our specific requirements and can adapt their advice accordingly.”

      The Legal 500

      Every insight