Direct Payments and General Data Protection Regulation (GDPR)

Privacy notice - adult and health services (PDF) [198KB]

GDPR for employers

As an employer it is important that you ensure the privacy of data is taken seriously. You may be aware of the General Data Protection Regulation (GDPR) which is a regulation on data protection and privacy.

To ensure you are compliant with GDPR we recommend that you provide your employees with a record of data processing activities document and an employee data privacy statement. If these have not already been provided you can contact us for a copy.

It is important that you read and understand the record of data processing activities document. To ensure you comply with this you must confidentially destroy any personal information regarding employees seven years after their contract comes to an end. You should also dispose of any unsuccessful applicant's information within 12 weeks e.g. application forms.

For further GDPR advice around your responsibilities as an employer, please call the employment law advice service connected to your insurance company quoting your policy number:

• Peninsula (Fish Insurance) - Telephone 0844 8922 772
• ILG (Premier Insurance) - Telephone 01476 512 192 or email advice@ilgsupport.com

For information around how the Direct Payments Team stores the information of members of staff, see  Privacy notice - direct payments (PDF) [31KB] .

You can also contact us for a copy of any of the documents mentioned above.