Updated to reflect that the ICO has published guidance for employers on when they can collect information through medical examinations (which replicates guidance previously contained in the withdrawn Employment practices data protection code).
Practical guidance on reviewing your organisation's compliance with the UK GDPR, including reviewing data protection policies and documents, third-party data processor contracts and subject access procedures.
Updated to reflect the ICO's guidance on fees to cover the cost of responding to manifestly unfounded or excessive requests.
Updated to reflect a change to the Disclosure and Barring Service's sample policy on handling DBS certificate information.
Practical guidance on auditing HR-related personal data as part of an organisation's ongoing UK GDPR compliance efforts, including establishing the scope of the audit and understanding how the information collected can be used to identify compliance gaps.
Practical guidance on identifying the legal bases for processing employee data under the General Data Protection Regulation (GDPR), including recognising the most relevant grounds for employers: performance of the employment contract, compliance with a legal obligation and the employer's legitimate interests.
Practical step-by-step advice on how to manage workplace situations relating to personal data.
XpertHR® is part of the LexisNexis® Risk Solutions portfolio of brands.
The materials and information included in the XpertHR service are provided for reference purposes only. They are not intended either as a substitute for professional advice or judgment or to provide legal or other advice with respect to particular circumstances. Use of the service is subject to our terms and conditions.
Copyright © 2023 LexisNexis Risk Solutions
© 2023 LexisNexis Risk Solutions.