Data Handling Minefield

All businesses, large and small, know that the sharing of data helps make life easier, more convenient, maintains compliance and keeps them connected to clients and industry.

The part that many businesses get complacent about is that the data they handle may not just be theirs. Most data that companies handle, belongs to someone else. That could be staff members (personal data) or client data (sensitive market information). It is essential data is handled in a compliant way. Data protection laws make sure everyone’s data is used properly and legally.


What are staff’s rights?

It is an employee’s right to be informed if their personal data is being used

The Organisation must inform current and past employees if it is using their personal data. This includes getting an ex-employees’ permission to complete an employment reference.

It is an employee’s right to get copies of their data

Staff can ask to know how the company is using or storing their data. You should ensure you have a robust data management system or process sin place. Don’t rely on Word or Excel documents or storing something on your computer’s desktop.

It is an employee’s right to get their data corrected

Staff have the right to ask for their data to be changed. This is linked to personal data such as marital status, gender etc.

It is an employee’s right to get their data deleted

Staff can ask for data to be deleted. This centres around the company no longer needing the staff data for the original reason they collected it and when a staff member initially gave consent to a company to use the data, but the employee now withdraws their consent. 

It is an employee’s right to raise a concern

Staff have the right to raise a concern if they feel their data is being handle poorly. For example, if they feel it is not stored securely, or hold inaccurate information or has disclosed information about you without your consent.

If you want to check that they way you are handling staff data is fit for purpose and your data handling provisions are compliant, get in touch with me and my team. We can undertake a HR Health assessment and provide you with remedies.

For further information and assistance on updating your HR documentation or GDPR queries, please contact me at or call me direct on 07566766954 or call our helpline on 01604 709509.


Connect with me on LinkedIn or visit our website.


About the author

Katherine is a member of the senior management team at RWA. She has over 20 years’ international experience working in HR, across various sectors, including financial services, insurance and regulated environments. Over the years, she has collaborated with some exceptionally talented HR professionals, with whom she has joined forces on special projects. Her network of HR professionals provides advice and training to companies and other HR teams.

In her role with RWA, Katherine heads up RWA’s Human Resources Consultancy and provides objective support to firms on employment law and HR issues. She uses her extensive skills and knowledge to work with firms to help them develop strong and resilient HR strategies and establish healthy organisational cultures.

Katherine holds a degree in Business Administration and Management from the University of Northampton and a Postgraduate Diploma in Human Resource Strategies from London Metropolitan University. She is a Fellow of the Chartered Institute of Personnel and Development (FCIPD).

Get RWA Insight In Your Inbox

Regular business news and commentary delivered direct to your inbox each week. Sign up here