Editor's message: Employers must comply with requirements of the Data Protection Act 1998 in relation to the handling of personal information, which will include information about employees held on a computer.
There are data protection issues around employees using their own devices for work purposes, both in relation to the storage of personal data of other employees in the organisation and the extent to which employers can monitor employees’ use of these devices.
The EU General Data Protection Regulation, which replaces the Data Protection Directive, is due to come into force on 25 May 2018, before the UK is expected to leave the EU. The aim of the Regulation is to establish a modern and harmonised data protection framework across the EU. The Government has confirmed that the UK will implement the Regulation.
Felicity Alexander, employment law editor
Subject access requests - when an employee asks to see any personal data held on them - can throw legal negotiations into disarray if employers do not tread carefully.
Sarah Thompson discusses significant data protection changes employers need to be aware of - including a new penalty regime - and next steps for HR.
Significant employment law changes are anticipated for 2017, amid the ongoing uncertainty resulting from the Brexit referendum.
We discuss the extensive data protection changes coming into effect and how employers can begin their preparations.
The EU General Data Protection Regulation, which replaces the 1995 Data Protection Directive, is due to come into force in the UK on 25 May 2018, before the UK is expected to leave the EU. UK businesses should take steps now to prepare for the Regulation when it comes into effect.
The new EU General Data Protection Regulation introduces fines of up to €20 million or 4% of global turnover. While the rules don't take effect until May 2018, they are complex so employers must start preparations now, suggest Andrew Yule and Nancy Dickie, partners at law firm Winckworth Sherwood.
HR and legal information and guidance relating to data protection.