Must employers still comply with the 30 day response timeframe for subject access requests during the COVID-19 pandemic?
Posted in : First Tuesday Q&A NI on 5 May 2020
Johanna Cunningham
Arthur Cox
The ICO has confirmed that it cannot relax the 30-day response period for subject access requests because it is a statutory timeframe (set out under sections 45 and 54 of the Data Protection Act 2018). However, the ICO has stated that it appreciates organisations’ attentions may be diverted elsewhere and therefore organisations will not be penalised for prioritising other areas of their business or adapting their usual approach.
Nevertheless, communication is key and if employers do not think they will be able to meet a subject access request deadline, it would be prudent for them to inform the requestor and explain the reason for the delay.
More on Data Protection & Freedom of Information
- ICO Guidance On Data Protection Compliance During COVID-19 Recovery Period
- Protecting Confidential Advice – How Do I Handle It?
- What factors do employers need to consider in relation to testing employees for Covid-19?
- Quiz: Are you Cyber-Aware Amongst COVID-19?
- 5 COVID-19 scams your organisation should be aware of (and how to prevent them)
Disclaimer:
The information in this article is provided as part of Legal-Island's Employment Law Hub. We regret we are not able to respond to requests for specific legal or HR queries and recommend that professional advice is obtained before relying on information supplied anywhere within this article.
Johanna Cunningham
Arthur Cox
The main content of this article was provided by Johanna Cunningham. Contact telephone number is Johanna Cunningham or email belfast@arthurcox.com
View all articles by Johanna Cunningham