Cookies and privacy

Home
Contact
Us
User
Guide

Log in

Introducing XpertHR
Strategy & Practice
Employment Law
Good Practice Guides
Benchmarking
Recruitment
Pay & Benefits
International
Liveflo
Training
Policies & Documents
How To
FAQs
Line Manager Briefings
Employment Intelligence blog
Help
Help or advice is
available when you
see this icon
XpertHR Feeds
Key to Icons

Browse frequently asked questions and answers on key HR issues. Navigate by topic or key word search. View latest additions or suggest a question to the XpertHR editorial team.


Topics
Search
Latest
Suggest

For the purposes of the Data Protection Act 1998, what constitutes personal data?

What is sensitive personal data, and can it be held on a personal file?


What principles are employers obliged to follow in order to ensure that personal data is handled correctly?

Employers are obliged under the Data Protection Act 1998 to adhere to eight data protection principles. These state that employers must:

  1. process personal data fairly and lawfully (which means that personal information must not be obtained or used unless either the employee has consented or one of a limited range of conditions is met);
  2. obtain and process data only for specified and lawful purposes (ie use personal information only for specified agreed purposes);
  3. ensure that data is adequate, relevant and not excessive in relation to its stated purpose (ie not store more information than is necessary about a person);
  4. ensure that data is accurate and kept up to date;
  5. not keep data for longer than is necessary in relation to its purpose;
  6. process data in accordance with the rights of individuals;
  7. take appropriate measures against unauthorised or unlawful processing and against accidental loss, damage or destruction of the data; and
  8. not transfer data outside the European Economic Area without ensuring adequate protection of the data.

Want to see more?

login arrow blue

XpertHR provides answers to more than 1,000 FAQs. But that's not all...
Request a demo today to find out how XpertHR can benefit your organisation

In relation to the Data Protection Act 1998, what does "processing" data mean?

Do the provisions of the Data Protection Act 1998 apply only to personal data held on computer?

Before an employer can process personal data are there any specific conditions that must be met?

What rights does an employee have under the Data Protection Act 1998 in relation to his or her personal file?

If an employee asks for a copy of his or her "personnel file" is the employer obliged to supply all the information held on the employee?

Can an employee insist that information about him or her is removed from his or her personal file?

Is there any information an employee may not see under the terms of the Data Protection Act 1998?

What rights of access do employees have to job references?

Must an employer always obtain an individual's consent before providing a reference for him or her?

Where a job applicant does not give his or her current or most recent employer as a named referee, can this employer be contacted instead of the named referee?

Where an individual's employment offer is withdrawn due to an unsatisfactory reference does he or she have any right to see the reference?

Do job applicants have the right to see notes made on them at interview?

Aside from discriminatory questions are there any other restrictions on the type of information that employers are allowed to gather from job applicants?

Does an employer have the right to retain any personal data gathered during the application process?

Can employers use computers as the sole instrument to judge an individual's performance, reliability or conduct?

Can an employer hold an unsuccessful candidate's CV on file in case a further job vacancy arises?

Where an unsuccessful job applicant asks for details of why he or she was not offered the job is the employer obliged to disclose those details?

1  2  Next
Top