All items: Personal data

How to respond to subject access requests from employees under the General Data Protection Regulation (GDPR)

Updated to reflect ICO guidance on verbal subject access requests.
How to obtain and use medical reports on employees

Updated to take account of the General Data Protection Regulation, in force from 25 May 2018.
How to manage the retention of employee data under the General Data Protection Regulation (GDPR)

Revised to reflect the requirements of the new data protection regime under the GDPR, including the importance of identifying the legal basis for retaining personal data and the rules on retaining special categories of data.
How to determine the legal grounds for processing employee data under the General Data Protection Regulation (GDPR)

Practical guidance on identifying the legal bases for processing employee data under the General Data Protection Regulation (GDPR), including recognising the most relevant grounds for employers: performance of the employment contract, compliance with a legal obligation and the employer's legitimate interests.
How to develop and implement a General Data Protection Regulation (GDPR) compliance programme

Practical guidance on developing and implementing a GDPR compliance programme, including reviewing data protection policies and documents, third-party data processor contracts and subject access procedures.
How to conduct an audit of HR personal data for the General Data Protection Regulation (GDPR)

Practical guidance on auditing HR-related personal data as part of an organisation's GDPR compliance efforts, including establishing the scope of the audit and understanding how the information collected can be used to identify compliance gaps.
How to start preparing for the General Data Protection Regulation (GDPR)

Practical guidance on starting to prepare for the General Data Protection Regulation (GDPR), including understanding the main changes that will impact on HR; obtaining organisational buy-in for GDPR compliance; assembling a GDPR compliance team; and conducting a risk assessment of employee data processing practices.

About this category

Practical step-by-step advice on how to manage workplace situations relating to personal data.

Task categories

Example tasks

Key topics

Employment law

Templates and workflow

General HR

Surveys and benchmarking

Employment law: Quick look-up

Employment law support

Good practice

XpertHR.co.uk

How to

All items: Personal data

How to respond to subject access requests from employees under the General Data Protection Regulation (GDPR)

How to obtain and use medical reports on employees

How to manage the retention of employee data under the General Data Protection Regulation (GDPR)

How to determine the legal grounds for processing employee data under the General Data Protection Regulation (GDPR)

How to develop and implement a General Data Protection Regulation (GDPR) compliance programme

How to conduct an audit of HR personal data for the General Data Protection Regulation (GDPR)

How to start preparing for the General Data Protection Regulation (GDPR)

About this category

Explore XpertHR

Learn more

Get in touch

Connect with us

Main navigation

Task categories

Example tasks

Key topics

Trending topics

Employment law

Templates and workflow

General HR

Surveys and benchmarking

Employment law: Quick look-up

Employment law support

Good practice

XpertHR.co.uk

How to

All items: Personal data

How to respond to subject access requests from employees under the General Data Protection Regulation (GDPR)

How to obtain and use medical reports on employees

How to manage the retention of employee data under the General Data Protection Regulation (GDPR)

How to determine the legal grounds for processing employee data under the General Data Protection Regulation (GDPR)

How to develop and implement a General Data Protection Regulation (GDPR) compliance programme

How to conduct an audit of HR personal data for the General Data Protection Regulation (GDPR)

How to start preparing for the General Data Protection Regulation (GDPR)

About this category

Explore XpertHR

Learn more

Get in touch

Connect with us