Mark Leach 31 August 2017

GDPR and the implications for local authorities as employers

The nature of the UK's future relationship with the EU is yet to be determined, but local authorities should still be taking steps to prepare for the incoming General Data Protection Regulations (GDPR).

The new measures - formally adopted last summer and fully applicable from May next year - change the rules around the handling of personal data. To comply, most organisations will need to make considerable improvements to the way they collect, store and disclose personal information.

An obvious focus for local authorities has been addressing the management and governance of large quantities of sensitive, personal citizen data. However, it's important for councils to remember that the new rules covering employee data are just as stringent and will carry the same severe penalties if breached.

According to the latest figures from ONS, 2.1 million people are currently employed by local government. The onus is on councils to ensure their data handling policies and procedures as major UK employers are prepared for the step change.

Here are three key considerations for local authorities looking to update the way they handle employee data after GDPR comes into effect:

1. Check the wording of employment contracts

The standard 'consent to process data' clause that features in most employment contracts is unlikely to be sufficient after the GDPR come into force. Local authorities will need to consider alternative ways of obtaining more explicit and detailed consent from employees. This is likely to take the form of a separate document, which will also need to outline a mechanism for employees to retract their consent, which they will have the right to do at any time.

2. Streamline internal HR processes

The incoming regulations will reduce the amount of time which an employer has to respond to 'data protection subject access requests' ("SARs"), from the current 40 days to one month. Dealing with SARs is a time-consuming process and local authorities will need to ensure their HR teams make the processes required to deliver this more efficient to meet the more stringent timeframes.

3. Be aware of the new rights the regulations afford employees

The introduction of a new 'right to be forgotten' rule will limit councils' ability to retain employment records and information. It will allow ex-employees to request all of the data their former employer holds on them to be erased. It's an area that could cause a clash between good data protection practice and the need for awareness of historic disciplinary issues and working arrangements. Taking steps now to amend current HR procedures to account for a potential lack of information will soften the blow once the GDPR comes into force in eight months' time.

Mark Leach is a partner and employment law specialist in Weightmans LLP's local government team.

#Data protection

Analysis

10 Ways Councils Are Using AI to Transform Public Services

Councils are increasingly adopting AI-based solutions to improve services. LocalGov Assistant editor Izzy Lepone has collected 10 innovative case studies.

Opinion

Protecting the public: How Martyn’s Law challenges local government to step up

Martyn’s Law makes councils legally responsible for protecting public venues from terrorism. Learn how local government must respond—and why it can’t wait.

Most Popular News

Reform UK claims to have saved councils over £100m

IFS: Fair Funding reforms set to create big ‘winners’ and ‘losers’

Editor’s Comment: Are councils selling off allotments?

Council staff discouraged from using ‘mum’ and ‘dad’

EXCLUSIVE: MHCLG creates cohesion taskforce

New Products

New remotely lockable cabinet will help manage medication for people with mental health issues

UK-first tool developed by Bluesky scores areas green credentials to aid urban planners

New partnership drives improved air quality and healthier homes in social housing

ShuttleID launches 90-day free trial for local authorities

New steps to keep tenants safe

Invision360 secures Innovate UK smart grant for VITA EHCP generator

New technology to revolutionise air quality monitoring

Case Studies

Acrospire Delivers Retrofit Lighting for Newbridge’s Joe Calzaghe Footbridge

Acrospire Delivers PIR-Controlled Lighting at Ruislip Lido Car Park

Spennymoor Market Place and Consett Middle Street revitalised using Thorn Lighting’s Thor Lanterns and Customisable Gobo Projectors

Acrospire Partners with Bath & North East Somerset Council to Illuminate Historic Film Location with LED Upgrade

Believ to install 22 charge points across Redcar and Cleveland

Acrospire Enhances Harlington Underpass with Energy-Saving Vandal-Resistant Lighting

Croydon Council selects integrated corporate GIS to improve efficiencies

Company Anouncements

Cloudhouse offers housing associations risk-free route to IT modernisation

Adaptations teams’ opportunity to optimise value

Vent-Axia Welcomes Awaab’s Law Draft Guidance

Vent-Axia Supports Net Zero Week

Housing without delay: removing one of the major obstacles

Lucy Zodion to Launch HAWK3 at ILP Lighting Live: The Next Generation of Digital Photocells

CU Phosco Named Sole UK Partner for Heper Amenity and Tunnel Lighting

Head of Democratic Services, Elections & Monitoring Officer

Grade 12 £67,236 – £71,223 plus £3000pa Statutory Officer Allowance

We are looking for an accomplished and proactive leader for our vacant post of Head of Democratic Services & Elections Market Harborough, Leicestershire

Recuriter: Harborough District Council