Mark Leach 31 August 2017

GDPR and the implications for local authorities as employers

The nature of the UK's future relationship with the EU is yet to be determined, but local authorities should still be taking steps to prepare for the incoming General Data Protection Regulations (GDPR).

The new measures - formally adopted last summer and fully applicable from May next year - change the rules around the handling of personal data. To comply, most organisations will need to make considerable improvements to the way they collect, store and disclose personal information.

An obvious focus for local authorities has been addressing the management and governance of large quantities of sensitive, personal citizen data. However, it's important for councils to remember that the new rules covering employee data are just as stringent and will carry the same severe penalties if breached.

According to the latest figures from ONS, 2.1 million people are currently employed by local government. The onus is on councils to ensure their data handling policies and procedures as major UK employers are prepared for the step change.

Here are three key considerations for local authorities looking to update the way they handle employee data after GDPR comes into effect:

1. Check the wording of employment contracts

The standard 'consent to process data' clause that features in most employment contracts is unlikely to be sufficient after the GDPR come into force. Local authorities will need to consider alternative ways of obtaining more explicit and detailed consent from employees. This is likely to take the form of a separate document, which will also need to outline a mechanism for employees to retract their consent, which they will have the right to do at any time.

2. Streamline internal HR processes

The incoming regulations will reduce the amount of time which an employer has to respond to 'data protection subject access requests' ("SARs"), from the current 40 days to one month. Dealing with SARs is a time-consuming process and local authorities will need to ensure their HR teams make the processes required to deliver this more efficient to meet the more stringent timeframes.

3. Be aware of the new rights the regulations afford employees

The introduction of a new 'right to be forgotten' rule will limit councils' ability to retain employment records and information. It will allow ex-employees to request all of the data their former employer holds on them to be erased. It's an area that could cause a clash between good data protection practice and the need for awareness of historic disciplinary issues and working arrangements. Taking steps now to amend current HR procedures to account for a potential lack of information will soften the blow once the GDPR comes into force in eight months' time.

Mark Leach is a partner and employment law specialist in Weightmans LLP's local government team.

#Data protection

Analysis

Councils click into the future of planning

In town halls across the country, planning officers are racing to update their Local Plans — but this time, the process looks very different.

Opinion

Making payment processes smarter

It can be challenging to find the right software to streamline payment processes. Lewis McKenna-Crisp argues SmarterPay has the ideal solution for councils.

Most Popular News

Council employee pay offer announced

Unite advises members to reject latest pay offer

London boroughs issue bankruptcy warning over £330m overspend

Toilet access depends on biological sex, watchdog says

Council launches lawsuit against Grenfell fire fridge maker

New Products

New remotely lockable cabinet will help manage medication for people with mental health issues

UK-first tool developed by Bluesky scores areas green credentials to aid urban planners

New partnership drives improved air quality and healthier homes in social housing

ShuttleID launches 90-day free trial for local authorities

New steps to keep tenants safe

Invision360 secures Innovate UK smart grant for VITA EHCP generator

New technology to revolutionise air quality monitoring

Case Studies

Acrospire Partners with Bath & North East Somerset Council to Illuminate Historic Film Location with LED Upgrade

Believ to install 22 charge points across Redcar and Cleveland

Acrospire Enhances Harlington Underpass with Energy-Saving Vandal-Resistant Lighting

Croydon Council selects integrated corporate GIS to improve efficiencies

Bath & North East Somerset Council Shines Light on Heritage Preservation with Acrospire's LED Upgrade

Airtech Improves Indoor Air Quality and Tackles Mould for Mid-Devon Social Housing Resident

Acrospire's Sustainable Lighting Solution for Luton Bus Shelters

Company Anouncements

Believ excels in environmental responsibility and worker satisfaction in B Corp certification

Matrix Workforce Management Solutions Appoints Andrew Curry as Client Engagement Director for Health and Social Care

Stepping up to help disabled social housing tenants

Envirobed® CD534: The benchmark for bedding mortars since 2005

Vent-Axia Supports Global Recycling Day 2025

Vent-Axia Publishes Free eBook to Help Social Housing Landlords Navigate Awaab’s Law

Unlock Awaab’s Law compliance with audits

Director of Public Health

Up to £131,210

The Public Health department is at the heart of the council’s business. Greenwich, London (Greater)

Recuriter: Royal Borough of Greenwich

Head of Regeneration and Growth

£68,387 - £74,411 (MFS and relocation available, pay award pending)

This is a unique opportunity to lead our award-winning development team and directly deliver hundreds of millions of pounds of projects. Plymouth, Devon

Recuriter: Plymouth City Council