0800 435 772

  per person

Course overview

All employers are responsible for holding and processing the personal data of their employees. The legal obligation to protect that data applies whether the payroll is processed in-house or is outsourced - in both cases, the employer has ultimate responsibility. The financial penalties imposed by the Information Commissioner’s Office for non-compliance have increased significantly in recent years and the maximum penalty will increase substantially under  the new General Data Protection Regulation (GDPR) so it is vital that your organisation is compliant.

This comprehensive half-day course carefully explains how the rules regarding data protection in the UK should be applied by your organisations payroll department. It will show you how to comply with the DPA. It will explain what is required of payroll departments to be compliant and what activities must be undertaken to remain compliant.

What will you learn?

  • What is personal data in an employment context?
  • What is processing?
  • Which payroll processing functions are covered by the DPA?
  • Does the law apply only to computerised staff records?
  • How is a data subject defined and are there any exceptions?
  • Are employers data controllers or data processors?
  • What are the eight data protection principles?
  • What sensitive personal data can you hold about employees and what additional protection applies?
  • What does the law say about transferring employee data internationally?
  • How must ‘consent’ be obtained?
  • How can you demonstrate that you are processing data fairly?
  • What rights do people, including current and former workers, have to see and have changed information held about them?
  • How long can you legally retain staff records and payment details?
  • What are the rights to prevent direct marketing?
  • What are the restrictions on using automatic decision-making systems in the workplace?
  • What is notification and to whom is it given?
  • What should you be aware of when working with a Data Protection Officer?
  • How can an individual make a complaint about the use of their data and what remedies are available?
  • How should an organisation your department respond to complaints?
  • What are the penalties that can be imposed on your business in the event of a breach or complaint?
  • To what types of data breach might a payroll department be particularly vulnerable?
  • How does the DPA apply to written references?
  • Is staff monitoring or surveillance prohibited?

Who should attend?

This course is intended for all people who work in payroll, human resources and the administration of pensions and rewards. It is suitable for all those with managerial responsibility for any part of an organisation processing personal data of employees, sub-contractors and other workers. Knowledge of the current law is not essential to attend this course.

Extra benefits

  • A course pack containing the information presented on the day
  • A compliance action plan setting out the key areas to consider that you can take away and complete for your organisation
  • A certificate of attendance

Course presenters