“Developments in technology, changes in the law and new working
practices are putting the spotlight on workers’ privacy,” said
Assistant Commissioner David Smith. “By publishing the Employment
Practices Data Protection Code we are providing employers with a
complete manual on data protection in the workplace.”
“The common sense approach outlined in the Code will encourage
and help employers to comply with data protection requirements,” he
added.
The Code of Practice is a consolidation of a series of four
smaller guides relating to recruitment and selection, employee
records, monitoring at work and medical information. It is based on
the Data Protection Act of 1998 and should be followed by every
employer.
The 1998 legislation places responsibilities on any organisation
to process personal data that it holds in a fair and proper way.
Failure to do so can amount to a criminal offence.
Although the Code contains guidance and is not legally binding,
it provides the benchmarks that the Commissioner will use when
deciding whether or not to enforce the Act. Consequently,
organisations would be well advised to consider its contents very
carefully.
The Code is accompanied by supplementary guidance that provides
explanatory notes, examples and frequently asked questions to help
readers who want a more in depth understanding.
A summary guide, aimed specifically at small businesses, has
also been published. This outlines the key points any business
should consider in order to meet its obligations under the Act.
The Code, Guidance and Summary will be available from the
Commissioner's Codes of Practice page, although technical
difficulties prevented them from being uploaded at the time of
writing.
