Personnel Today
  • Home
    • All PT content
    • Advertise
  • Email sign-up
  • Topics
    • HR Practice
    • Employee relations
    • Equality, diversity and inclusion
    • Learning & training
    • Pay & benefits
    • Wellbeing
    • Recruitment & retention
    • HR strategy
    • HR Tech
    • The HR profession
    • Global
    • All HR topics
  • Legal
    • Case law
    • Commentary
    • Flexible working
    • Legal timetable
    • Shared parental leave
    • Redundancy
    • Maternity & Paternity
    • TUPE
    • Disciplinary and grievances
    • Employer’s guides
  • AWARDS
    • Personnel Today Awards
    • The RAD Awards
    • OHW Awards
  • Jobs
    • Find a job
    • Jobs by email
    • Careers advice
    • Post a job
  • XpertHR
    • Learn more
    • Products
    • Pricing
    • Free trial
    • Subscribe
    • XpertHR USA
  • Webinars
  • OHW+

Personnel Today

Register
Log in
Personnel Today
  • Home
    • All PT content
    • Advertise
  • Email sign-up
  • Topics
    • HR Practice
    • Employee relations
    • Equality, diversity and inclusion
    • Learning & training
    • Pay & benefits
    • Wellbeing
    • Recruitment & retention
    • HR strategy
    • HR Tech
    • The HR profession
    • Global
    • All HR topics
  • Legal
    • Case law
    • Commentary
    • Flexible working
    • Legal timetable
    • Shared parental leave
    • Redundancy
    • Maternity & Paternity
    • TUPE
    • Disciplinary and grievances
    • Employer’s guides
  • AWARDS
    • Personnel Today Awards
    • The RAD Awards
    • OHW Awards
  • Jobs
    • Find a job
    • Jobs by email
    • Careers advice
    • Post a job
  • XpertHR
    • Learn more
    • Products
    • Pricing
    • Free trial
    • Subscribe
    • XpertHR USA
  • Webinars
  • OHW+

Employment lawData protection

Keep yourself protected

by Personnel Today 23 Nov 2004
by Personnel Today 23 Nov 2004

When interviewed by Personnel Today at the beginning of the year, Information Commissioner Richard Thomas said he hoped there were ‘very few’ HR professionals who were unaware of the Data Protection Act situation.

Certainly, any HR professional worth their salt knows its organisation has a legal obligation to comply with the Data Protection Act 1998 (DPA), and that they have a major role to play in that compliance. However, in a profession already swamped by legislation, it isn’t helpful that some of the codes of employment practices alone run to 96 pages.

Rather than getting bogged down in details, grasping the principles of data protection (see box) is the best way to approach the Act.

Remember, the aim of the Act is not to try to catch you out, but to promote best practice when it comes to processing personal data. The codes attempt to strike a balance between preserving workers’ legitimate rights to their private life and an employer’s legitimate need to run its business.

“A lot of data protection is common sense,” says Kussum Sharma, compliance manager at the Information Commission-er’s Office (ICO). “Be transparent and be open when processing personal data about employees. Keep personal records secure and don’t use them in a way which is incompatible with the purpose for which they were obtained.”

What follows is a snapshot of some of the key areas covered by the four codes of practices that cover employment issues.

Recruitment and selection

The individual’s rights begin at the point the job is advertised and, even if using an agency, the applicant must be told as soon as possible who holds their details.

One of the eight principles of the Act is that data must be ‘relevant for the purpose’. If you stick to this throughout the recruitment process, you shouldn’t go far wrong. For example, you can only request information about criminal convictions if it can be justified in terms of the role. You should also explain any verification checks that are going to be carried out and if any sensitive data, such as health records, is collected during the process.

While the employer can set the retention period for recruitment records, the Act requires that personal data shouldn’t be kept for longer than is necessary. Those wishing to build a talent pool must be aware of this, says John Spiers, chief marketing and information officer with online recruitment company, StepStone. “If you want to contact a candidate in the future, you must take this into account and get their permission,” he says.

Monitoring

The Act recognises some monitoring of employees is necessary. However, it is important HR recognises that any adverse impacts from monitoring, such as intrusion into employees’ privates lives, must be justified in terms of benefits to the employer or colleagues. To assess this, the code recommends organisations carry out an impact assessment that should:

– identify the purpose behind the monitoring and the benefits it is likely to deliver

– identify any possible adverse impact of the monitoring

– consider alternatives to monitoring or different ways it could be carried out

– take account of any legal/compliance obligations that arise from monitoring

– judge whether monitoring is justified.

Unless a covert form of monitoring is required – which is hard to justify – employees should be made aware of the nature, extent and reasons of the monitoring. Employers are allowed to carry out internet monitoring but an impact assessment is still recommended. It is good practice to set out a policy document explaining what is permitted and what is considered abuse of the internet.

Employment records

This is a huge subject area, but there are five benchmarks on collecting and keeping records that provide guidelines for working:

– Ensure new workers are aware of the nature and source of any information kept about them, how it will be used and to whom it will be disclosed

– Inform new workers, and remind existing ones, of their rights, including details of their rights of access to this data

– Ensure there is a clear and foreseeable need for any information collected and that data meets that need

– Provide each worker with a copy of the information that may be subject to change (such as home address) annually, and ask them to check it for accuracy

– Build accuracy, consistency and validity checks into the system.

HR’s ability to comply with the codes depends on a good relationship with IT, especially when it comes to managing records. “IT is good at archiving data but HR must know and understand the content of what is being stored and how to get to it,” says Mike Hill, vice-president of marketing at Chronicle Solutions, who specialise in data storage technologies.

Information about workers’ health

The Act’s sensitive data rules are key to this, as this part of the code of practice covers the collection and use of information about a worker’s physical or mental health. To assess whether you are satisfying the main conditions under which such data could be processed, some of the questions you should ask are:

– Is the processing necessary to enable the employer to meet its legal obligations – for example, to ensure health and safety at work or to comply with the requirement not to discriminate against workers on the grounds of disability?

– Is the processing for medical purposes and undertaken by a health professional or someone working under an equivalent duty of confidentiality (such as an occupational health doctor)?

– Has the worker given consent explicitly to the processing of his or her medical information?

This is only a small part of a code that is at draft stage. It is hoped a final version will be published before the end the year.

The codes can be downloaded by searching for ‘codes’ on the Information Commissioner’s website: www.informationcommissioner.gov.uk

Eight principles of data protection

Personal information must be:

– Fairly and lawfully processed

– Processed for specified purposes

– Adequate, relevant and not excessive

– Accurate and up to date (where appropriate)

– Not retained for longer than necessary

– Processed in line with the rights of the individual

– Securely kept

– Not transferred to countries outside the European Economic Area (the EU, plus Norway, Iceland and Liechtenstein)


Avatar
Personnel Today

previous post
Offshoring improves business competitiveness
next post
As seen on screen

You may also like

P&O Ferries boss denies reputational damage after mass...

27 May 2022

Employers lack data to make IR35 worker status...

25 May 2022

Maternity leave: Cost of living crisis highlights need...

25 May 2022

One in five employers planning ‘no jab no...

19 May 2022

MP demands timeline on carer’s leave legislation

13 May 2022

Queen’s Speech: absence of employment bill leaves organisations...

10 May 2022

Queen’s Speech: Exclusivity contracts for low-paid workers to...

9 May 2022

MP seeks legal protections for employees undergoing fertility...

9 May 2022

PwC staff to benefit from extended summer hours...

5 May 2022

A dark day for workers’ rights – why...

29 Apr 2022
  • Strathclyde Business School expands its Degree Apprenticeship offer in England PROMOTED | The University of Strathclyde is expanding its programmes...Read more
  • The Search for Talent: Six Major Employer Pitfalls PROMOTED | The Great Resignation continues unabated...Read more
  • Navigating the widening “Skills Confidence Gap” in 2022, and beyond PROMOTED | Cornerstone OnDemand conducted a global study...Read more
  • Apprenticeships are the solution to your recruitment problems PROMOTED | Apprenticeships have the pulling power...Read more
  • What it really means to be mentally fit PROMOTED | What is mental fitness...Read more
  • How music can help to ease anxiety at work PROMOTED | A lot has happened since March 2020, hasn’t it?...Read more

Personnel Today Jobs
 

Search Jobs

PERSONNEL TODAY

About us
Contact us
Browse all HR topics
Email newsletters
Content feeds
Cookies policy
Privacy policy
Terms and conditions

JOBS

Personnel Today Jobs
Post a job
Why advertise with us?

EVENTS & PRODUCTS

The Personnel Today Awards
The RAD Awards
Employee Benefits
Forum for Expatriate Management
OHW+
Whatmedia

ADVERTISING & PR

Advertising opportunities
Features list 2022

  • Facebook
  • Twitter
  • Instagram
  • Linkedin


© 2011 - 2022 DVV Media International Ltd

Personnel Today
  • Home
    • All PT content
    • Advertise
  • Email sign-up
  • Topics
    • HR Practice
    • Employee relations
    • Equality, diversity and inclusion
    • Learning & training
    • Pay & benefits
    • Wellbeing
    • Recruitment & retention
    • HR strategy
    • HR Tech
    • The HR profession
    • Global
    • All HR topics
  • Legal
    • Case law
    • Commentary
    • Flexible working
    • Legal timetable
    • Shared parental leave
    • Redundancy
    • Maternity & Paternity
    • TUPE
    • Disciplinary and grievances
    • Employer’s guides
  • AWARDS
    • Personnel Today Awards
    • The RAD Awards
    • OHW Awards
  • Jobs
    • Find a job
    • Jobs by email
    • Careers advice
    • Post a job
  • XpertHR
    • Learn more
    • Products
    • Pricing
    • Free trial
    • Subscribe
    • XpertHR USA
  • Webinars
  • OHW+