Website Cookie Policy

We use cookies to give you the best possible online experience. If you continue, we’ll assume you are happy for your web browser to receive all cookies from our website.
See our cookie policy for more information.

Practice Areas

More Information

thepartners@wrigleys.co.uk

Leeds: 0113 244 6100

Sheffield: 0114 267 5588

FOLLOW WRIGLEYS:

Send us an enquiry
Close

ICO releases new Q&A for employers on data subject access requests

30 June 2023

The Q&A provides a helpful reference point for employers when responding to a DSAR.

The Information Commissioner’s Office (ICO) has released a Q&A series to assist employers in responding to data subject access requests (“DSARs”) from an employee or former employee.

Employers will recognise that the DSAR regime is often utilised by employees, particularly where a grievance or disciplinary matter has arisen. The Q&A document includes advice on the following common queries:

  • Witness statements - the Q&A explains how to approach the disclosure of witness statements and particularly when it is reasonable to withhold such a witness statements to protect the rights of third parties;
  • References – confidential references are exempt from disclosure in specific circumstances. The ICO clarifies in the Q&A when a reference can properly be treated as confidential and what to do when it is unclear whether a reference is confidential or not.
  • NDAs and Settlement Agreements – the ICO confirms that a DSAR can be made regardless of the terms of a settlement or non-disclosure agreement. Any provision restricting the right to make a DSAR is likely to be unenforceable.
  • What amounts to the employee’s personal data – it is common for organisations to recover a large amount of information when responding to a DSAR from an employee, much of which may not be their own personal data. This includes emails where the employee is copied for information and documents where there is a large amount of personal data about various employees. The Q&A addresses factors employers should take into account when determining whether the information required amounts to the employees’ personal data and the steps that should be taken to ensure that the employee only receives information to which they are entitled.

The Q&A also includes useful examples to illustrate how the ICO would approach these situations.

The clarity provided by the Q&As will be of great assistance for employers in dealing with DSARs from employees. It addresses some common themes we see when assisting clients in their response to a DSAR, acting as a useful supplement to the ICO’s more comprehensive guidance on the right of access.

If you would like to discuss any aspect of this article further, please contact Nick Dunn or any of the employment team on 0113 244 6100.

You can also keep up to date by following Wrigleys employment team on Twitter.

The information in this article is necessarily of a general nature. The law stated is correct at the date (stated above) this article was first posted to our website. Specific advice should be sought for specific situations. If you have any queries or need any legal advice please feel free to contact Wrigleys Solicitors. 

 

 
 
 
 
 
 
 
 
 

 

 
 
 
 
 
 
 
 
 
Nick Dunn View Biography

Nick Dunn

Associate
Leeds

20 Dec 2024

Charities making overseas grants – Charity Commission launch statutory inquiry

The Charity Commission recently opened a statutory inquiry into a charity over concerns about the management & control of charitable funds sent abroad

19 Dec 2024

Can devolution spark a revolution in community ownership?

The Government’s English Devolution White Paper confirms it intends to introduce a “Community Right to Buy”. We take a look at what this might deliver

16 Dec 2024

Wrigleys helps significant membership organisation achieve registered charity status

We are delighted to have been able to support Charity Tax Group (CTG) in obtaining registered charity status.