Call Us
08000 224 224
Part II of the Act give employees and trade union members important rights including access to the data held about them and to amend any information held that is incorrect. Although under the 1984 Act employees had access to certain information stored on them, the 1998 Act gives employees much wider access and will have a larger impact because they will be able to access certain paper-based files, including their personnel files.
The request for information must be in writing and employers are able to charge up to £10 for supplying this information. Requests must be complied with promptly, and in any event within 40 days from receipt of the request. There are exceptions to the information one may have access to and this includes references.
To amend inaccurate data, an employee should first ask the employer. If the employer refuses, the employee can ask the information commissioner for an assessment or as a last resort seek an order from the court.
There are also rights for data subjects in relation to health and criminal records, to see and to prevent processing likely to cause damage or distress.
Rights to see references given by a data controller are excluded from the Act. However, the person the reference was sent to is obliged to disclose the reference as long as it does not identify any third party.
It should be noted that referees need consent from the data subject to include sensitive data in the reference, like matters relating to health or criminal convictions.
The information commissioner's office has produced a code of practice on the use of CCTV although this does not relate specifically to employees. The draft code of practice suggests that routine monitoring is only likely to be justified if there are particular safety or security risks.
The information commissioner and the courts have powers to deal with breaches of the Act.
The commissioner has powers to serve information notices and enforcement notices. An enforcement notice can require a data controller to take or refrain from taking certain action. There is a right of appeal. The commissioner also has entry and inspection powers.
A person can bring a claim in the County Court or High Court for any breach of the Act where damage and loss has occurred.
Paragraph 5.55 of the Act prohibits the unlawful obtaining or disclosing of personal data by those who have access to it. To do so may be a criminal offence.