GDPR: Do employers need to update their data protection policies to make them GDPR compliant? - MLP Law

GDPR: Do employers need to update their data protection policies to make them GDPR compliant?

  • Employment Law
  • 20th Mar 2018

As part of our series of short blogs about the General Data Protection Regulations and what impact they will have on employers, we look at whether employers need to update their data protection policy. We recommend that employers review the documents they have in place in relation to data protection. It is likely that any […]

By Stephen Attree

MLP Law

As part of our series of short blogs about the General Data Protection Regulations and what impact they will have on employers, we look at whether employers need to update their data protection policy.

We recommend that employers review the documents they have in place in relation to data protection. It is likely that any existing data protection policies has been drafted with employer’s obligations under the Data Protection Act 1998 in mind and therefore, will need updating or replaced.

We would recommend the following:

Privacy Notice – used to notify employees, workers and contractors about the personal data that you hold relating to them, how they can expect their personal data to be used and for what purposes.

Privacy Standard – to be used in place of a Data Protection Policy to set out the principles and legal conditions that you must satisfy when obtaining, handling, processing, transporting or storing personal data in the course of your operations and activities, including customer supplier and employee data.

Record of Processing Activities – to be used as a record of processing activities, including customer, supplier and employee data.

Data Protection Impact Assessment – to be used to evaluate the potential impact of high risk data processing activities, as required under Article 35 GDPR.

Our employment experts can assist with the review of your existing documents and replacing them with GDPR compliant documents.

GDPR is going to have a huge impact on the data stored and processed by employers about their employees and job applications. If you would like to attend one of our free GDPR: What are your obligations as an employer? Seminars, please contact us on employment@mlplaw.co.uk or call us on 0161 926 9969 to sign up.

 

About the expert

Stephen Attree

Managing Partner

Stephen is the Owner of MLP Law and leads our Commercial, IP and Dispute Resolution teams which provide advice on all aspects of the law relating to mergers, acquisitions, financing, re-structuring, complex commercial contracts, standard trading terms, share options, shareholder and partnership agreements, commercial dispute resolution, joint venture and partnering arrangements, IT and Technology law, Intellectual Property, EU and competition law, Brexit and GDPR.

Interested in working with Stephen?

Let’s start by getting to know you and your business - either on the phone or in person. Complete the form below and we’ll be in touch shortly.

    This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.