A model register to record subject access requests from employees and other individuals.
A model contract clause to prohibit existing staff from disclosing secret company information or using confidential information.
The GDPR will make it difficult for employers to process employee personal data on the basis of consent. In this webinar, Jo Broadbent and Stefan Martin from Hogan Lovells discuss the strategic considerations for determining the legal basis to process different types of employee personal data.
The High Court has held that, while the employer was not at fault in the way in which it processed and protected personal data, it is vicariously liable for the actions of a rogue employee who published the personal data of co-employees online.
Practical guidance on developing and implementing a GDPR compliance programme, including reviewing data protection policies and documents, third-party data processor contracts and subject access procedures.
Employee surveillance is becoming ever more pervasive in the workplace. New technologies make it easier to monitor employee performance and behaviour. Ian MacRae and Toni-Ann Murphy look at some of the potential problems.
Court decisions from earlier this year have reduced the scope of legal privilege when it comes to protecting documents created during internal investigations. What steps can employers take to ensure sensitive communications do not have to be released unnecessarily?
The Information Commissioner's Office (ICO) will launch a number of support features to help small businesses to prepare for the General Data Protection Regulation (GDPR).
Practical guidance on auditing HR-related personal data as part of an organisation's GDPR compliance efforts, including establishing the scope of the audit and understanding how the information collected can be used to identify compliance gaps.
HR and legal information and guidance relating to data protection.
We provide a list of model policies and documents in which the sample wording has been updated to comply with the General Data Protection Regulation (GDPR), which is in force from 25 May 2018.