Home > Privacy Law > The Employers Code of Practice

The Employers Code of Practice

By: Matthew Strawbridge - Updated: 22 Nov 2020 | comments*Discuss
Code Practice Data Information

The Information Commissioner’s Office (ICO) issues a number of guides relating to privacy. These explain how businesses can operate within the law when it comes to protecting the confidentiality of people both within and outside them.

The Framework Code of Practice for Sharing Personal Information

The Framework Code of Practice provides employers with a policy framework designed to ensure that they operate in accordance with the Data Protection Act. This advice is appropriate for all organisations in the UK, including those in the voluntary and public sectors.

Some of the key recommendations are as follows:

  • Sharing must only take place when it is necessary, and what is shared has to be relevant and not excessive.
  • Personal details must be processed fairly. In particular, the person must know who your company is and what the collected facts will be used for.
  • The knowledge retained will be appropriate in scope and accurate in content.
  • Retention periods must be specified and adhered to.
  • Appropriate technical and organisational safeguards will be in place.
  • People will have access to what is held about them.

The Employment Practices Code

A separate but related document issued by the ICO is The Employment Practices Code. This is designed to protect details about employees, unlike the Framework Code of Practice, which covers measures for appropriate handling of all personal data.

Specifically, the Code covers the privacy of all workers, including the following:

  • applicants and former applicants, whether or not their applications were successful
  • employees
  • agency staff
  • casual staff
  • contract staff

Here are some of the general recommendations from the Code:

  • Nominate someone to have responsibility for ensuring compliance with the Data Protection Act.
  • Make serious breaches of the rules a disciplinary matter.
  • Consult with workers and trade unions when formulating your policy.

Recruitment and Selection

The first part of The Employment Practices Code relates to recruitment and selection. Here are some highlights:

  • Ensure that applicants are made aware of all parties that are part of the process, such as the prospective employer and any recruitment agencies used.
  • Only seek knowledge that is relevant to the recruitment process. Previous criminal convictions, for example, are generally irrelevant unless the job type is specifically mentioned in the Exceptions Order to the Rehabilitation of Offenders Act 1974.
  • Ensure that everything recorded during interview is relevant to the recruitment process.
  • Explain what, if any, third parties will be contacted in relation to the application.
  • Only keep relevant facts from the recruitment process.

Employment Records

The second part of the Code relates to the personnel records of workers. It covers the following topics, and you should consult it directly for the details:

  • general record-keeping
  • security
  • sickness and injury
  • pensions and insurance
  • equal opportunities
  • marketing
  • detection of fraud
  • workers’ rights to see their own records
  • references
  • disclosure and publication
  • business re-organisation
  • discipline
  • outsourcing data processing
  • record retention

Monitoring at Work

The penultimate part of the Code concerns systematic monitoring in the workplace.

Employers should judge whether any of the monitoring procedures they put in place have an adverse impact of their staff, and consider alternatives where this proves to be the case.

This section gives some core principles, which can be summarised as follows:

  • Monitoring of employees is usually intrusive.
  • Workers are entitled to a degree of privacy at work.
  • Monitoring should only be used where it will deliver real benefits to the business.
  • Workers should be made aware of the monitoring that takes place, unless the circumstances are exceptional.

Workers’ Health

The final section is concerned with records relating to the health of employees. It contains general considerations about workers’ health and the operation of occupational health schemes. There is specific discussion of the handling of facts derived from testing workers medically, genetically and for the presence of drugs and alcohol.

Getting More Information

If you are responsible for shaping your organisation’s privacy policies, or are involved in the recruitment of staff, then you may wish to read the full text of these two sets of guidelines. Both are available for download from the Information Commissioner’s website.

You might also like...
Share Your Story, Join the Discussion or Seek Advice..
[Add a Comment]
Delivery firm past my husbands telephone number to another company to ring for parcels delivers and she took it home and rang him out of work also sent tex saying she could be sacked for using his number out of work is this a breach
Mandi - 22-Nov-20 @ 10:50 AM
Can my employer share my hime address with my line manager and if so under what circumstances / grounds.Should i be asked to give permission furst
Scmr - 4-Jun-20 @ 11:59 AM
Today I received a parcel from Moonpigit had my full address but not my name Contacted Moonpig to enquire what to do told to keep the parcel & they would contact the customer & send them another Imagine my shock when the customer came to my house & insisted I gave him the parcel explained the situation but to no avail The alarming part about all this that my address has been given to a total stranger Please advise TY
Alfie - 3-Apr-20 @ 9:39 PM
My employer disclosed details about me to a fellow colleague who has nothing to do with me
WelshRareBit - 26-Mar-20 @ 7:12 PM
My employer has just this week enforced whilst working away from home that we must share rooms at all times with our colleague, is this not an invasion of privacy Is what they are enforcing legal.
Manny - 3-Oct-18 @ 8:11 PM
@Peedorf - what good would emailing her do? You have both left the company now.
CraigT - 16-Apr-18 @ 1:53 PM
Me and my boyfriend worked for the same company. We have both left the company within the start of this year. I bumped into aexcolleague who told me that his (was our) manager told him about my boyfriend suffering from mental health issues. Surely she has no right to do so? I don't want to email her and come off looking stupid!!
Peedorf - 14-Apr-18 @ 11:19 PM
The office manager at my law firm has disclosed all employees' dates of birth to the receptionist so that she can organise birthday celebrations.This is clearly a breach of data protection, which is made worse by the fact that this is a law firm.If I put in a complaint to the ICO, would they do anything?
Kate - 8-Mar-18 @ 10:25 PM
Can a employer use tracking date in a work assessment
Hen - 7-Jul-17 @ 2:06 PM
My manager gained access to my personal (work) email without asking or telling me. I tried to change my password but she was still able to read my correspondence leaving my work emails marked 'read' so I didn't know which emails I had or hadn't read/actioned. IT told me she has complete access to my inbox without the requirement of a password. She continues to do this. I brought it up with a senior staff member who said work emails are property of the school. Is she entitled to covertly gain access to my emails and read them without consent?
Al - 11-Jan-17 @ 1:13 PM
Mr T - Your Question:
My employer wants to do a breathalyser test. Do they have to be trained or can calibrated equipment be ok to use

Our Response:
You can find out more about what policies your company should have in place via the USDAW link herewhich should fully answer your question.
EmployeePrivacyRights - 19-Jul-16 @ 12:19 PM
My employer wants to do a breathalyser test. Do they have to be trained or can calibrated equipment be ok to use
Mr T - 18-Jul-16 @ 7:26 PM
I've recently resigned from my job and understood the reasons to be confidential however I've had messages on social media and seen posts referring to me that could have only come from work. Are my managers at liberty to give personal information about me?
keke - 12-Jan-16 @ 12:13 AM
I recently made a personal call in the work place which was then listen to by another employee and the detail of the conversation was disclosed to other colleges in my work place.I do not think this person had authority to listen to my call.I have put in a complaint but this is not being taken seriously.Have i had my human rights breech and also my data protection.The details of the conversation was of a very personal nature and was very embarresing
andrea68t - 26-Aug-14 @ 9:42 PM
My employer gave out my home & personal mobile out to customers rather than the branch details. Am I able to claim compensation for this?
Pan - 28-Feb-14 @ 9:33 PM
I am a teacher and until recently had a locker to store my personal belongings. We have been moved into a smaller staff room and there is now no provision for secure storage of personal belongings. Does the law compel my employer to provide with secure storage for personal belongings?
Robin - 11-Dec-12 @ 2:02 PM
Is your employer allowed to follow you coersively whilst you are working out on site etc.follow you in his/her car to various locations meetings you have arranged etc.
Sparky - 6-Sep-12 @ 6:18 PM
We had photos taken for a new security pass- then the photos were put on our outlook emails too- so now when we send an e mail these hideous photos go with it. We have asked for them to be removed- but they won't. We were told they were for the passes only and never said they can be used for another purpose. Can they do this?
Crossy - 29-Jun-12 @ 5:55 PM
very good reading. i would like to know if employers occ healthcan keep medical records without your permission
smithy - 27-Jun-12 @ 8:22 PM
Share Your Story, Join the Discussion or Seek Advice...
(never shown)
(never shown)
(never shown)
(never shown)
Enter word:
Latest Comments