Data protection and employee information

STOP PRESS: The Data (Use and Access) Act 2025 (Commencement No 6 and Transitional and Saving Provisions) Regulations 2026, SI 2026/82 bring into force the remaining provisions of the Data (Use and Access) Act 2025 (DUAA 2025). Provisions relating to subject access requests, legitimate interests, purpose limitation, automated decision-making, international transfers and enforcement are in force from 5 February 2026, and provisions relating to penalty notices and complaints are in force from 19 June 2026. For more information, see Practice Note: Data (Use and Access) Act 2025—employment implications. This Practice Note will be updated shortly to take account of these changes.

The material is this subtopic primarily considers the UK GDPR regime, and legislative links are to Assimilated Regulation (EU) 2016/679, UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 (DPA 2018), except where expressly stated otherwise.

For a more detailed introduction to UK GDPR generally, see Practice Notes: The UK General Data Protection Regulation (UK GDPR) and The UK General Data Protection Regulation (UK GDPR)—Navigator.

AI in the workplace

Practice Note:

To view the latest version of this document and thousands of others like it, sign-in with LexisNexis or register for a free trial.

TAKE A FREE TRIAL

Latest Employment News

Extension of the right to work regime

Immigration analysis: The current right to work regime requires all employers to conduct checks on all employees to ensure that only those who are legally entitled to work in the UK are doing so. However, following the Border Security, Asylum and Immigration Act 2025 (BSAIA 2025) being passed and receiving Royal Assent on 2 December 2025, BSAIA 2025, s 48 seeks to extend these obligations further to cover the non-employee workforce. This was subject to a public consultation looking at how the changes should be operationalised and enforced, and how processes could be simplified to make it easier for employers to fulfil their responsibilities. The consultation closed on 10 December 2025 and the results are awaited. This article explores the effects of BSAIA 2025, s 48 in practice and considers some of the issues raised in the consultation. Written by Sajida Hussain, legal director at Addleshaw Goddard.

Home Office revises all principal Sponsor Guidance documents

On 6 March 2026 the Home Office brought into force version 03/26 of the principal sponsor guidance documents within the ‘Workers and Temporary Workers: guidance for sponsors’ collection, together with consequential amendments to the route-specific guidance for Skilled Workers. The changes affect Part 1: Apply for a licence, Part 2: Sponsor a worker, Part 3 (compliance and enforcement), Appendix D (record-keeping guidance) and the ‘Sponsor a Skilled Worker’ guidance, and also see the introduction of a new standalone and expanded Glossary. There is now extensive cross-referencing across all documents to that centralised source of definitions. Across the suite of guidance, the concept of a ‘genuine vacancy’ or ‘genuine employment’ has been removed and replaced with the newly defined term ‘eligible role’. This definition, now embedded in the Glossary and incorporated expressly into the other guidance documents, requires that the role must exist or be reasonably anticipated, meet all route-specific requirements including skill level and salary thresholds, comply with wider employment legislation and remain appropriate to the sponsor’s business throughout the period of sponsorship. References to assessing whether a vacancy is ‘genuine’ have been systematically replaced with consideration of whether the work meets the definition of an ‘eligible role’ and refusal, suspension and revocation provisions have been redrafted accordingly. Other changes include Parts 1 and 3 now making explicit that sponsorship is voluntary, that a licence is granted at the discretion of the Home Office and creates no enforceable right and now stating that enforcement action may be taken on the basis of ‘reasonable suspicion’ of non-compliance rather than established breach. Further details of the changes will follow.

DBT updates Codes of Practice on industrial action ballots and notice to employers and picketing

The Department of Business and Trade (DBT) has published updated versions of the Code of Practice on Industrial Action Ballots and Notice to Employers and the Code of Practice on Picketing. The revisions reflect changes introduced by the Employment Rights Act 2025 (ERA 2025), which came into force on 18 February 2026. These changes include the removal of provisions on picketing supervision, the abolition of the 50% turnout threshold for ballots and amendments to the notice requirements for industrial action ballots.

Office for Equality and Opportunity publishes equality action plan guidance and recommended actions

The Office for Equality and Opportunity has published guidance on equality action plans as well as a list of evidence-informed actions across various business objectives which may be included in the action plans. The Employment Rights Act 2025 introduces a new requirement on larger employers (250 or more employees, or public authorities) to publish an equality action plan alongside their gender pay gap data showing the steps adopted with regard to matters related to gender equality in their workforce. The requirement is set to be introduced on a voluntary basis from 6 April 2026 but will become mandatory from spring 2027. The guidance and the list of actions are designed to assist those employers who wish to implement the action plans in getting started.