Data protection overview

Produced by Tolley in association with Hannah Freeman at Old Square Chambers
Data protection overview

The following Employment Tax guidance note Produced by Tolley in association with Hannah Freeman at Old Square Chambers provides comprehensive and up to date tax information covering:

  • Data protection overview
  • Key terms
  • The Eight Data Protection Principles
  • Conditions
  • Consent
  • Sensitive Personal Data
  • Rights of access
  • Pension Schemes and Data Protection Issues
  • Monitoring

Please note that all legislative and case references in this guidance note are subscription sensitive.

Invariably the management of workers and employees necessitates the creation of personnel records and a degree of monitoring of the workforce. Such activities are governed by the Data Protection Act 1998 (DPA 1998).

The Information Commissioner is responsible for enforcement of the DPA 1998. He also has a duty to publish codes to promote good practice. These do not have the force of law but may be referred to in enforcement proceedings and reflect the Commissioner’s views. Employers are therefore strongly advised to familiarise themselves with the codes. Of particular relevance is The Employment Practices Code and The Employment Practices Code Supplementary Guidance both of which can be downloaded from the Information Commissioner’s Office website.

Key terms

The Act and its associated legislation uses various terms that an employer will need to be familiar with, as follows:

Workerthis includes applicants (successful and unsuccessful), employees, agency staff, casual staff and contract staff; volunteers and work experiences placements are also covered by some provisions
Datainformation about individuals, which is kept by an organisation on computer in the employment context, will fall within the scope of the DPA. Information that is kept in manual files will often fall outside the DPA: a manual file will only be subject to the DPA if it is part of a structured and referenced system that can be used easily to recover the precise information under request.
Personal datainformation which falls into the definition of data and which relates to a living individual and identifies a person, whether by itself, or together with other information in the organisation’s possession or that is likely to come into its possession - see Example 1
Processingthis term applies to a wide range of activities; it includes the initial obtaining of personal information, the retention and use of it, access, disclosure and final disposal
Sensitive personal datainformation concerning an individual’s racial or

Popular documents