Must employers still comply with the 30 day response timeframe for subject access requests during the COVID-19 pandemic?
Posted in : First Tuesday Q&A NI on 5 May 2020
Johanna Cunningham
Arthur Cox
The ICO has confirmed that it cannot relax the 30-day response period for subject access requests because it is a statutory timeframe (set out under sections 45 and 54 of the Data Protection Act 2018). However, the ICO has stated that it appreciates organisations’ attentions may be diverted elsewhere and therefore organisations will not be penalised for prioritising other areas of their business or adapting their usual approach.
Nevertheless, communication is key and if employers do not think they will be able to meet a subject access request deadline, it would be prudent for them to inform the requestor and explain the reason for the delay.
More on Data Protection & Freedom of Information
- Data Protection Implications of Selling From the UK into the EU after Brexit
- Covert Recording in the 'Workplace' - When Might it be Lawful?
- New ICO Guidance on Subject Access Requests and Education Data
- Black Friday & Cyber Monday Alert: Issues for Employers While staff are WFH
- The Importance and Key Components of A Data Privacy Policy In The Workplace
Disclaimer:
The information in this article is provided as part of Legal-Island's Employment Law Hub. We regret we are not able to respond to requests for specific legal or HR queries and recommend that professional advice is obtained before relying on information supplied anywhere within this article.
Johanna Cunningham
Arthur Cox
The main content of this article was provided by Johanna Cunningham. Contact telephone number is Johanna Cunningham or email belfast@arthurcox.com
View all articles by Johanna Cunningham