Practical guidance on reviewing your organisation's compliance with the UK GDPR, including reviewing data protection policies and documents, third-party data processor contracts and subject access procedures.
Updated to reflect the ICO's guidance on fees to cover the cost of responding to manifestly unfounded or excessive requests.
Updated to reflect a change to the Disclosure and Barring Service's sample policy on handling DBS certificate information.
Practical guidance on auditing HR-related personal data as part of an organisation's ongoing UK GDPR compliance efforts, including establishing the scope of the audit and understanding how the information collected can be used to identify compliance gaps.
Practical guidance on obtaining and using a medical report on an employee for the purpose of managing absence, complying with the duty to make reasonable adjustments for disabled employees, or in the recruitment process, including how to comply with the Access to Medical Reports Act 1988 and the Data Protection Act 2018.
Practical guidance on identifying the legal bases for processing employee data under the General Data Protection Regulation (GDPR), including recognising the most relevant grounds for employers: performance of the employment contract, compliance with a legal obligation and the employer's legitimate interests.
Practical step-by-step advice on how to manage workplace situations relating to personal data.
XpertHR is part of the LexisNexis® Risk Solutions Group portfolio of brands.
The materials and information included in the XpertHR service are provided for reference purposes only. They are not intended either as a substitute for professional advice or judgment or to provide legal or other advice with respect to particular circumstances. Use of the service is subject to our terms and conditions.
Copyright © 2021 LexisNexis Risk Solutions Group
© 2021 LexisNexis Risk Solutions Group.