Data protection, surveillance and privacy at work
Frequently asked questions on legal issues relating to data protection, surveillance and privacy at work.
Resources
-
The main legislation governing data protection is the Data Protection Act 1998 (DPA) which came into force on 1 March 2000. The DPA implements...
-
The Information Commissioner's Office is a UK independent supervisory authority reporting directly to the UK Parliament which ensures that organisations...
-
The website of the Information Commissioner is the most comprehensive source for guidance as to good practice. The Information Commissioner has published...
-
In essence, data protection means that those who decide how and why personal data are processed (data controllers), must comply with the rules of good information handling, known as...
-
A data controller is any person who determines the purposes for which, and manner in which, any personal data are or are to be processed. Many employers will...
-
No, the Employment practices data protection code refers to 'workers'. Examples of who would be classified as a worker are...
-
The Data Protection Act 1998 (DPA) can apply to computerised and manual records, photographs, CCTV footage, mainframes, laptops, organisers, palm pilots, audio and...
-
Although Durant v Financial Services Authority did not deal with personnel records, it seems that the case suggests that much of the information held in personnel files is...
-
As indicated in the related FAQ on manual files, an employee will probably be entitled to make a written request for certain information from an employer...
-
Under the definitions supplied in the Data Protection Act 1998, this contractor is a third party data processor. In order for this contractor to perform the contract, it will be necessary to...
-
Sensitive personal data is personal data relating to the data subject's racial or ethnic origin, political opinions, religious beliefs or other beliefs of a similar nature, ....
-
Data relating to the medical condition of an employee amounts to sensitive personal data for the purposes of the Data Protection Act 1998 and care needs therefore to be taken with...
-
The fifth data protection principle provides that 'personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose...
-
The basic position is that the provision of a reference will generally involve the disclosure of personal data under the Data Protection Act 1998. Accordingly in most circumstances, and in particular where...
-
An aggrieved employee can appeal to the Information Commissioner for an assessment as to whether processing of personal data is being carried out in accordance with the principles contained in...
-
This question is extremely hard to answer and legal advice should be taken in each set of circumstances. Monitoring by videoing and or tapping of incoming and outgoing telephone calls, faxes and e-mails...
-
The use of social networking sites such as Facebook, Twitter, MySpace, Bebo, Friendster or information from YouTube has become a problem for many employers...
-
All employers must have a detailed communications, internet and data protection policy in place covering monitoring, use of email and the internet and data protection...
-
The Freedom of Information Act 2000 gives the general right of access to all types of 'recorded' information held by public authorities, and those providing services for them. It also sets out...
-
Data protection has been a permanently and rapidly evolving area for some time following several very high profile breaches concerning the protection of personal data...
Related resources
Podcasts
Factsheets
Guides
Survey reports
Books
Dvds
Training courses
Practical tools
People Management magazine
News