Many of you will now be starting to move on from your preparations for the new GDPR. You may well be feeling comfortable, and have the necessary processes and policies in place with your marketing and communications, and in relation to your customers. So, now’s a good time to take a look at how GDPR relates to your staff.

The MIA’s Employment Law specialists at The HR Point have created a checklist for you to ensure that you have taken the right action:

Action Completed Notes
Issue all your employees with the Employee Privacy Notice and / or HR GDPR Policy
Ensure your disciplinary policy lists GDPR breaches as potential gross misconduct / misconduct
Train your employees in their obligations to report breaches
When recruiting, issue all applicants the Applicant Privacy Notice
Do NOT respond to reference requests without proof of the individuals consent for you to be approached to give a reference
Check your documents for correctly worded consent – such as for medical reports, criminal records checks, references and anything else you may seek from a third party