Diversity monitoring

Copyright © 2026 LexisNexis

STOP PRESS: This document is being updated to reflect implementation of the Data (Use and Access) Act 2025 (DUAA 2025) which amends the UK GDPR and Data Protection Act 2018. For more guidance on the compliance implications of DUAA 2025, see Practice Note: Data (Use and Access) Act 2025—compliance implications.

This subtopic is intended for commercial organisations in the UK and is not sector-specific. It explains the data protection implications of workforce diversity monitoring, including whether:

  1. you need consent from the individuals concerned

  2. you can fall outside the scope of the data protection regime by collecting data in an anonymised form

Most large commercial organisations collect workforce diversity data and monitor trends. Some organisations will also publish their diversity data on their intranet and possibly their external website. There may also be a sector-specific regulatory obligation to report on your diversity data, eg law firms must report their diversity data to the Solicitors Regulation Authority.

Why is data protection relevant to diversity monitoring?

The UK General Data Protection Regulation (UK GDPR) applies wherever you process personal data.

The type of

To view the latest version of this document and thousands of others like it, sign-in with LexisNexis or register for a free trial.

Existing user? Sign-in TAKE A FREE TRIAL
Powered by Lexis+®
Latest Risk & Compliance News

ICO consults on draft updated guidance on research, archiving and statistics provisions following DUAA 2025

The Information Commissioner's Office (ICO) has launched a consultation on draft updated guidance concerning the research, archiving and statistics (RAS) provisions. The updates follow the introduction of the Data (Use and Access) Act 2025 (DUAA 2025) and include revised criteria for scientific research, in response to requests for greater clarity. The consultation also seeks views on the ICO's approach to the new disproportionate effort exemption under DUAA 2025, s 77, which exempts organisations from the requirement to inform data subjects when re-using previously collected data for research purposes. The consultation closes on 27 April 2026.

HMT publishes guidance on using digital identities under the MLRs

HM Treasury (HMT) has published guidance explaining how the UK digital identity and attributes trust framework interacts with the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017, SI 2017/692 (MLRs 2017). The guidance defines what a digital identity is and confirms that certified digital identity services on the digital verification services (DVS) register can be used by regulated entities as part of customer due diligence, including verifying individuals and company directors. It highlights that while certified digital identity services provide reliable, independent information with anti‑impersonation assurance, entities must still assess customer risk, apply enhanced due diligence where necessary and meet record‑retention obligations. The guidance further explains that the trust framework, developed in 2020, sets technology‑agnostic and sector‑agnostic requirements for providers, with certification overseen by the United Kingdom Accreditation Service (UKAS) and maintained by the Office for Digital Identities and Attributes, while non‑certified services cannot be considered suitable for identity verification under the MLRs 2017.

NCA annual plan sets budget and strategic priorities for 2025-26

The National Crime Agency (NCA) has published its annual plan for 2025–26, outlining a total budget of £1,012m. The plan details four organisational priorities: (1) increasing disruption of organised immigration crime; (2) strengthening collaboration with the Crown Prosecution Service to improve judicial outcomes; (3) delivering high-impact operations against serious and organised crime (SOC) threats and (4) advancing capabilities to address technology-enabled crime. The NCA reports achieving 450 high-impact disruptions in 2024–25, exceeding its target of a 50% increase. The Home Secretary has also set key strategic priorities for 2025-26, directing NCA to: (1) strengthen and protect the UK border; (2) reduce fraud and combat corrupt elites, cyber and economic crime and (3) strengthen bilateral and multilateral international partnerships, including through Europol and INTERPOL.

Risk & Compliance weekly highlights—26 February 2026

This week's edition of Risk & Compliance weekly highlights includes the FCA Chief Executive’s call for fewer new rules, developments in the UK’s Russia sanctions framework including OFSI’s new and amended general licences and the FCDO’s largest sanctions package since early 2022. We also highlight OFSI’s new compliance guidance following a recent penalty, the EDPB’s global statement on AI‑generated imagery and privacy and two key data protection updates: the ICO’s Court of Appeal win in the DSG Retail case and the EDPB’s report on difficulties organisations face in implementing the GDPR right to erasure.

View Risk & Compliance by content type :
News
Practice notes
Precedents
Q&As

Popular documents

Late payment penalties—inheritance tax

Late payment penalties—inheritance taxWhile interest often accrues on overdue tax, the late payment of certain taxes may also attract a penalty. For information on the interest accruing on overdue tax, see Practice Notes: IHT—payment deadlines on death—Interest on IHT and Interest on late paid

If a beneficiary signs a deed of disclaimer of their share of an estate and the estate pays their legal

If a beneficiary signs a deed of disclaimer of their share of an estate and the estate pays their legal fees, will that count as a PET against their estate?A disclaimer is the refusal of a gift prior to acceptance. The refusal of the gift must take place before the beneficiary accepts any benefit

Strike out—making an application to strike out a statement of case

Strike out—making an application to strike out a statement of caseA strike out order can be made either following an application by the parties or on the court's own initiative. This Practice Note deals with the scenario of the order being made following a party's application.Making an application

Can shares in a limited company that have not been paid-up at all be cancelled?

Can shares in a limited company that have not been paid-up at all be cancelled?A limited company having a share capital may not alter that share capital, except in the ways listed in section 617 of the Companies Act 2006 (CA 2006). Shares in a company cannot simply be cancelled without following an
Late payment penalties—inheritance tax

Late payment penalties—inheritance tax

Late payment penalties—inheritance taxWhile interest often accrues on overdue tax, the late payment of certain taxes may also attract a penalty. For information on the interest accruing on overdue tax, see Practice Notes: IHT—payment deadlines on death—Interest on IHT and Interest on late paid

If a beneficiary signs a deed of disclaimer of their share of an estate and the estate pays their legal

If a beneficiary signs a deed of disclaimer of their share of an estate and the estate pays their legal

If a beneficiary signs a deed of disclaimer of their share of an estate and the estate pays their legal fees, will that count as a PET against their estate?A disclaimer is the refusal of a gift prior to acceptance. The refusal of the gift must take place before the beneficiary accepts any benefit

Strike out—making an application to strike out a statement of case

Strike out—making an application to strike out a statement of case

Strike out—making an application to strike out a statement of caseA strike out order can be made either following an application by the parties or on the court's own initiative. This Practice Note deals with the scenario of the order being made following a party's application.Making an application

Can shares in a limited company that have not been paid-up at all be cancelled?

Can shares in a limited company that have not been paid-up at all be cancelled?

Can shares in a limited company that have not been paid-up at all be cancelled?A limited company having a share capital may not alter that share capital, except in the ways listed in section 617 of the Companies Act 2006 (CA 2006). Shares in a company cannot simply be cancelled without following an