News & Analysis

As many employers will be aware, data subject access requests (DSARs) can take up a significant amount of business resources and are a common tactic used by disgruntled employees.

Since the European Court of Justice declared the “Safe Harbour” agreement invalid in October 2015, transatlantic data traffic has been fraught with significant hurdles and uncertainties.

Despite the absence of the previously promised Employment Bill, new Bills that will, if passed, make changes to employment laws, have been coming thick and fast over the last few months.

As we celebrate a new year, many HR/legal professionals in the UK will be thinking of areas that might need a bit of a refresh, and data privacy may be one of those.

The EU’s General Data Protection Regulation regulates the transfer of personal data in the European Union. The deadline for adapting Standard Contractual Clauses to meet new compliance obligations is December 27, 2022.

The UK government is proposing to amend its data privacy regime to make it easier for employers to comply with its requirements.

Employers often want to have a data retention policy that works for all of their international operations. We look at the challenges with this approach and how to make it work in practice.

The European Commission and the United States have announced a new data transfer mechanism, following the invalidation of Privacy Shield in July 2020.

The subdistrict court found that an employer in the Netherlands may record the phone calls of its employees only if it fulfils all the requirements under the GDPR.

UK employers have just about got used to the idea of GDPR, but the government has launched a consultation on reforms to the data protection regime.