In an article published in Compliance and Risk Journal, we consider the data protection and privacy considerations in employee investigations and explain how to minimize associated risks for employers.
- Employee investigations are data-heavy and, where these materials either identify or relate to particular individuals, they will contain personal data and trigger stringent obligations under the General Data Protection Regulation (GDPR) and the Data Protection Act 2018.
- Failure to comply with data protection laws can lead to fines of up to EUR 20 million or 4% of worldwide annual turnover for GDPR breaches. There is also enhanced regulator interest in employee monitoring and increasing employee awareness of data protection rights.
- It is therefore crucial for employers to consider privacy and data protection compliance from an early stage, and embed these considerations into planning, implementation, and ongoing review of the conduct of employee investigations.
Click here to access the full article and guidance for employers.