How to Manage Data Protection

Thursday, May 21, 2020

Appoint a named person(s) to hold responsibility for handling data protection and procedural compliance. For most small businesses, it will not be a legal requirement to appoint a Data Protection Officer (DPO). However, where it is necessary, then it is possible to appoint someone outside of the organisation, eg a consultant, to be a DPO.

Data Protection Policy

Thursday, May 21, 2020

The organisation is committed fully to compliance with the requirements of the General Data Protection Regulation (GDPR). The GDPR applies to all organisations that process data about their employees, as well as others, eg customers and clients. It sets out principles which should be followed by those who process data and it gives rights to those whose data is being processed.

Access to Employee Data Policy

Thursday, May 21, 2020

The organisation aims to fulfil its obligations under the General Data Protection Regulation (GDPR) to the fullest extent.

Bring Your Own Device to Work Policy (BYOD) Policy

Thursday, May 21, 2020

Employers are required to take steps to prevent attacks such as contamination of data through “bring your own device”. This policy sets out the terms relating to the use of personal devices in the workplace. This policy applies to employees who are home workers, or who bring computer equipment (or other devices, for example, mobile telephones or tablets) into a workplace. The policy covers employees using only personal laptops as well as those who occasionally receive work-related emails on their mobile telephones.

Employee Factsheet: General Data Protection Regulation — GDPR

Wednesday, May 20, 2020

Personal information applies to both manual and computerised personal data held in a relevant filing system. It may include names and addresses, email addresses, employee bank account details, posts made on social networking websites, medical information or computer IP addresses.