All items: Personal data

How to respond to subject access requests from employees under the General Data Protection Regulation (GDPR)

Updated to reflect the ICO's guidance on fees to cover the cost of responding to manifestly unfounded or excessive requests.
How to manage the retention of employee data under the UK GDPR

Updated to reflect a change to the Disclosure and Barring Service's sample policy on handling DBS certificate information.
How to conduct an audit of HR personal data for the General Data Protection Regulation (GDPR)

Updated to explain that this guide remains relevant to employers, as part of their ongoing GDPR compliance efforts, now that the GDPR is in force.
How to start preparing for the General Data Protection Regulation (GDPR)

Updated to explain that we are retaining this guide on the site now that the GDPR is in force, as it remains useful for employers that are still working on their GDPR compliance plans.
How to obtain and use medical reports on employees

Updated to take account of the General Data Protection Regulation, in force from 25 May 2018.
How to determine the legal grounds for processing employee data under the General Data Protection Regulation (GDPR)

Practical guidance on identifying the legal bases for processing employee data under the General Data Protection Regulation (GDPR), including recognising the most relevant grounds for employers: performance of the employment contract, compliance with a legal obligation and the employer's legitimate interests.
How to develop and implement a General Data Protection Regulation (GDPR) compliance programme

Practical guidance on developing and implementing a GDPR compliance programme, including reviewing data protection policies and documents, third-party data processor contracts and subject access procedures.

About this category

Practical step-by-step advice on how to manage workplace situations relating to personal data.

How to

All items: Personal data

How to respond to subject access requests from employees under the General Data Protection Regulation (GDPR)

How to manage the retention of employee data under the UK GDPR

How to conduct an audit of HR personal data for the General Data Protection Regulation (GDPR)

How to start preparing for the General Data Protection Regulation (GDPR)

How to obtain and use medical reports on employees

How to determine the legal grounds for processing employee data under the General Data Protection Regulation (GDPR)

How to develop and implement a General Data Protection Regulation (GDPR) compliance programme

About this category

Explore XpertHR

Learn more

Get in touch

Connect with us