All items: Personal data

How to review your organisation's compliance with the UK GDPR

Practical guidance on reviewing your organisation's compliance with the UK GDPR, including reviewing data protection policies and documents, third-party data processor contracts and subject access procedures.
How to respond to subject access requests from employees under the UK GDPR

Updated to reflect the ICO's guidance on fees to cover the cost of responding to manifestly unfounded or excessive requests.
How to manage the retention of employee data under the UK GDPR

Updated to reflect a change to the Disclosure and Barring Service's sample policy on handling DBS certificate information.
How to conduct an audit of HR personal data for the UK GDPR

Practical guidance on auditing HR-related personal data as part of an organisation's ongoing UK GDPR compliance efforts, including establishing the scope of the audit and understanding how the information collected can be used to identify compliance gaps.
How to obtain and use medical reports on employees

Practical guidance on obtaining and using a medical report on an employee for the purpose of managing absence, complying with the duty to make reasonable adjustments for disabled employees, or in the recruitment process, including how to comply with the Access to Medical Reports Act 1988 and the Data Protection Act 2018.
How to determine the legal grounds for processing employee data under the UK GDPR

Practical guidance on identifying the legal bases for processing employee data under the General Data Protection Regulation (GDPR), including recognising the most relevant grounds for employers: performance of the employment contract, compliance with a legal obligation and the employer's legitimate interests.

About this category

Practical step-by-step advice on how to manage workplace situations relating to personal data.

How to

All items: Personal data

How to review your organisation's compliance with the UK GDPR

How to respond to subject access requests from employees under the UK GDPR

How to manage the retention of employee data under the UK GDPR

How to conduct an audit of HR personal data for the UK GDPR

How to obtain and use medical reports on employees

How to determine the legal grounds for processing employee data under the UK GDPR

About this category

Explore XpertHR

Learn more

Get in touch

Connect with us