Mark Leach 31 August 2017

GDPR and the implications for local authorities as employers

The nature of the UK's future relationship with the EU is yet to be determined, but local authorities should still be taking steps to prepare for the incoming General Data Protection Regulations (GDPR).

The new measures - formally adopted last summer and fully applicable from May next year - change the rules around the handling of personal data. To comply, most organisations will need to make considerable improvements to the way they collect, store and disclose personal information.

An obvious focus for local authorities has been addressing the management and governance of large quantities of sensitive, personal citizen data. However, it's important for councils to remember that the new rules covering employee data are just as stringent and will carry the same severe penalties if breached.

According to the latest figures from ONS, 2.1 million people are currently employed by local government. The onus is on councils to ensure their data handling policies and procedures as major UK employers are prepared for the step change.

Here are three key considerations for local authorities looking to update the way they handle employee data after GDPR comes into effect:

1. Check the wording of employment contracts

The standard 'consent to process data' clause that features in most employment contracts is unlikely to be sufficient after the GDPR come into force. Local authorities will need to consider alternative ways of obtaining more explicit and detailed consent from employees. This is likely to take the form of a separate document, which will also need to outline a mechanism for employees to retract their consent, which they will have the right to do at any time.

2. Streamline internal HR processes

The incoming regulations will reduce the amount of time which an employer has to respond to 'data protection subject access requests' ("SARs"), from the current 40 days to one month. Dealing with SARs is a time-consuming process and local authorities will need to ensure their HR teams make the processes required to deliver this more efficient to meet the more stringent timeframes.

3. Be aware of the new rights the regulations afford employees

The introduction of a new 'right to be forgotten' rule will limit councils' ability to retain employment records and information. It will allow ex-employees to request all of the data their former employer holds on them to be erased. It's an area that could cause a clash between good data protection practice and the need for awareness of historic disciplinary issues and working arrangements. Taking steps now to amend current HR procedures to account for a potential lack of information will soften the blow once the GDPR comes into force in eight months' time.

Mark Leach is a partner and employment law specialist in Weightmans LLP's local government team.

#Data protection

Analysis

LocalGov to partner with LATCo Conference 2026

LocalGov confirmed as the official media partner for the LATCo Conference & Exhibition 2026, supporting the event in highlighting innovation and best practice.

Opinion

From Ambition to Action: how to turn digital vision into reality

James Towner, ArvatoConnect, argues that while public sector digital transformation is advancing, true value lies in turning ambition into measurable outcomes.

Most Popular News

Budget: Government to fund SEND

Council staff demand pay rise amid rising pressures

Budget: Mayors to get tourist tax power boost

Major cyber attack hits London councils

Budget: Two-child benefit cap lifted

New Products

Bolton Council Upgrades 120+ School Crossings with Smart CMS Control by Lucy Zodion

NEC CONTRACTS HAS GONE DIGITAL: PAPERLESS, TO GIVE YOU MORE

Vent-Axia Delivers Social Housing a Smart Ventilation Solution Ahead of Awaab’s Law

New remotely lockable cabinet will help manage medication for people with mental health issues

UK-first tool developed by Bluesky scores areas green credentials to aid urban planners

New partnership drives improved air quality and healthier homes in social housing

ShuttleID launches 90-day free trial for local authorities

Case Studies

Acrospire Delivers Retrofit Lighting for Newbridge’s Joe Calzaghe Footbridge

Acrospire Delivers PIR-Controlled Lighting at Ruislip Lido Car Park

Spennymoor Market Place and Consett Middle Street revitalised using Thorn Lighting’s Thor Lanterns and Customisable Gobo Projectors

Acrospire Partners with Bath & North East Somerset Council to Illuminate Historic Film Location with LED Upgrade

Believ to install 22 charge points across Redcar and Cleveland

Acrospire Enhances Harlington Underpass with Energy-Saving Vandal-Resistant Lighting

Croydon Council selects integrated corporate GIS to improve efficiencies

Company Anouncements

Acrospire triumphs at the 2025 HEA Awards with Sustainable Project of the Year

TRT Lighting retrofit helps Lincolnshire County Council cut street lighting energy use by over 65%

Vent-Axia Welcomes Healthy Homes Standard

Vent-Axia Helps Tackle Condensation and Mould this World Ventilation Day

Airtech Calls For Urgent Government Action to Support Radon Awareness Week

Vent-Axia’s New Smart Fan Helps Landlords Stay Ahead of Awaab’s Law

Lucy Zodion recognised as sustainability leader with Build Back Better GREEN Award for HAWK3

Executive Director, Place and Customer

up to £179,404 per annum

Shape the Future of Essex. Drive climate action. Deliver for our communities.Essex is on the government's Priority Programme for Local Government Ref England, Essex, Chelmsford

Recuriter: Essex County Council