GDPR – A checklist for employers

28 September


The EU’s new General Data Protection Regulations (GDPR), which will come into effect in the UK and across the rest of the EU in May 2018, will radically change the way businesses and organisations collect, manage and dispose of data. There are several elements to take into consideration when ensuring compliance with the GDPR; these include sharing data with third parties, ensuring that contracts and policies are compliant, and handling employee data.


We have put together a basic checklist of some of the most important points for employers to consider when it comes to complying with the GDPR:

1. Ensure your contracts of employment are up to date and contain a specific clause dedicated to data protection.

2. Consider asking all employees to sign separate consent forms in relation to the processing of their data.

3. Make sure you have a watertight reason to process sensitive person data.

4. Employee handbooks should contain a Data Protection Policy, which all employees should read.

5. Be prepared to deal with Subject Access Requests from employees in a shorter timescale.


If you would like more information on data protection or the GDPR, please contact our Data Protection team.



Follow us on LinkedIn, Google+, Twitter and Facebook