Must employers still comply with the 30 day response timeframe for subject access requests during the COVID-19 pandemic?
Posted in : First Tuesday Q&A NI on 5 May 2020
Arthur Cox
Arthur Cox
The ICO has confirmed that it cannot relax the 30-day response period for subject access requests because it is a statutory timeframe (set out under sections 45 and 54 of the Data Protection Act 2018). However, the ICO has stated that it appreciates organisations’ attentions may be diverted elsewhere and therefore organisations will not be penalised for prioritising other areas of their business or adapting their usual approach.
Nevertheless, communication is key and if employers do not think they will be able to meet a subject access request deadline, it would be prudent for them to inform the requestor and explain the reason for the delay.
More on Data Protection & Freedom of Information
- If employees willingly provide personal email addresses at the start of their employment and their personal email addresses were used to contact them while they worked from home during the Coronavirus Lockdown, is this a breach of data protection?
- Can we ask staff to let us know if they have been vaccinated, and can we keep a record of this?
- Does the chief executive have the right to view sensitive personal data without an employee’s consent?
- Data Protection Implications of Selling From the UK into the EU after Brexit
- Covert Recording in the 'Workplace' - When Might it be Lawful?
Disclaimer:
The information in this article is provided as part of Legal-Island's Employment Law Hub. We regret we are not able to respond to requests for specific legal or HR queries and recommend that professional advice is obtained before relying on information supplied anywhere within this article.
Arthur Cox
Arthur Cox
The main content of this article was provided by Arthur Cox. Contact telephone number is 028 9023 0007 or email belfast@arthurcox.com
View all articles by Arthur Cox