First Tuesday Q&A

The claimant was dismissed by reason of gross misconduct and in particular.

How Can Employers Ensure Their Workplace is GDPR Compliant?

Posted in: First Tuesday Q&A NI on 06/09/2023 The recent PSNI data breach should serve as a reminder to employers about the importance of adhering to the General Data Protection Regulations (GDPR). The PSNI have attributed this data breach to human error. This, along with malicious cyber-attacks, are the two most common causes of data breaches...
This article is listed under the following topics:
Data Protection and GDPR

Can an employer refuse a request from an unsuccessful job applicant to delete any of their data in its possession as it may be necessary for the defence of legal claims?

Posted in: First Tuesday Q&A NI on 07/09/2021 An employer’s data protection obligations extend to job applicants in relation to retention and erasure of personal data. As a matter of good practice, employers should seek consent from applicants at the outset in relation to their application kept on file in case of future vacancies. At this poin...
This article is listed under the following topics:
Data Protection and GDPR Recruitment and Selection

If employees willingly provided a personal email addresses and these were subsequently used to contact them at home during the Covid Lockdown, is this a breach of data protection?

Posted in: First Tuesday Q&A NI on 06/07/2021 If employees provide personal email addresses at the start of their employment and their personal email addresses were used to contact them while they worked from home during the Coronavirus Lockdown, is this a breach of data protection? It will be important to check the content of your privacy not...
This article is listed under the following topics:
Data Protection and GDPR Coronavirus/Covid-19

What factors do employers need to consider in relation to testing employees for Covid-19?

Posted in: First Tuesday Q&A NI on 02/06/2020 The below answer is for guidance purposes only and specific legal advice should be sought if your organisation is considering implementing Covid-19 testing. There are various factors for employers to consider in relation to making employees take a Covid-19 test, for example: Data protection implic...
This article is listed under the following topics:
Data Protection and GDPR Policies and Procedures Coronavirus/Covid-19

Must employers still comply with the 30 day response timeframe for subject access requests during the COVID-19 pandemic?

Posted in: First Tuesday Q&A NI on 05/05/2020 The ICO has confirmed that it cannot relax the 30-day response period for subject access requests because it is a statutory timeframe (set out under sections 45 and 54 of the Data Protection Act 2018). However, the ICO has stated that it appreciates organisations’ attentions may be diverted elsewhe...
This article is listed under the following topics:
Data Protection and GDPR Coronavirus/Covid-19

How Can We Help Staff Adhere To Data Protection Principles When Working From Home?

Posted in: First Tuesday Q&A NI on 07/04/2020 The European Data Protection Board and ICO have acknowledged that we are in an unprecedented and difficult situation meaning that normal working practices had to be modified very quickly. Despite this, organisations should ensure that security measures are in place for home-working, similar to thos...
This article is listed under the following topics:
Data Protection and GDPR Coronavirus/Covid-19

Can We Share an Employee’s Health Information with The Public Health Agency?

Posted in: First Tuesday Q&A NI on 07/04/2020 Organisations are not prevented from sharing employees’ health information with authorities, such as the Public Health Agency, for public health purposes. This is in accordance with the lawful basis for processing under Article 9(2)(i) of the GDPR whereby processing special category data (e.g. heal...
This article is listed under the following topics:
Data Protection and GDPR Coronavirus/Covid-19

Is personal data held on a workplace messenger disclosable under a SAR for an ex-employee?

Posted in: First Tuesday Q&A NI on 06/08/2019 Article 15 of the GDPR, gives data subjects the right to access personal data held about them by a data controller, usually via a subject access request (“SAR”). Messages sent via a workplace messenger which involve the data subject would likely have to be disclosed as part of a subject access requ...
This article is listed under the following topics:
Data Protection and GDPR

GDPR implications of providing employee information in a TUPE situation

Posted in: First Tuesday Q&A NI on 04/06/2019 In a TUPE transfer, the transferor (former employer) must provide the transferee (new employer) with employee liability information in relation to the transferring employees as set out under Regulation 11 of the Transfer of Undertakings (Protection of Employment) Regulations 2006 (“TUPE”) This in...
This article is listed under the following topics:
Data Protection and GDPR Transfer of Undertaking (TUPE)

Can an employer disclose a departing employee’s restrictive covenants to their new employer?

Posted in: First Tuesday Q&A NI on 04/06/2019 It is standard course for an employer to notify a departing employee’s new employer of any post-termination restrictions in place. Often this will simply be by cutting and pasting across the relevant sections from the employee’s contract of employment. An employee’s contract of employment wil...
This article is listed under the following topics:
Contracts of Employment Data Protection and GDPR