Skip to content

Brought to you by

Dentons logo

UK People Reward and Mobility Hub

The latest updates in employment, benefits, pensions and immigration

open menu close menu

UK People Reward and Mobility Hub

  • Home
  • Events
    • Past events
  • Who We Are
    • Meet the team
  • How we can help

ICO amends guidance on DSAR response time

By UK People Reward and Mobility Team
January 29, 2020
  • Data protection
Share on Facebook Share on Twitter Share via email Share on LinkedIn

The Information Commissioner’s Office (ICO) has revised its guidance regarding timescales for compliance with Data Subject Access Requests (DSARs) where the data controller requires further information from the data subject.

The new guidance will certainly not be welcomed by employers, as now the clock starts ticking from receipt of the DSAR, or (if later) the receipt of proof of identification. It is not paused if an employer asks the data subject for more information (timeframes, keywords, individuals involved etc.) in order to understand the nature and scope of their request.

This change applies to both the one- and three-month time periods for compliance (the latter applying for more complex requests). The data subject must also be made aware of an extension within the first month after their request.

While employers can, and in many situations still should, ask the data subject for further information to clarify what information they are seeking, this change will inevitably lead to a reduced timeframe in which businesses must collate their responses.

If you require any further guidance in dealing with DSAR requests, please contact a member of the Dentons team.

Share on Facebook Share on Twitter Share via email Share on LinkedIn
Subscribe and stay updated
Receive our latest blog posts by email.
Stay in Touch
Data Subject Access Requests, DSAR
UK People Reward and Mobility Team

About UK People Reward and Mobility Team

Our People, Reward and Mobility team in the UK advises on all aspects of employment law, both contentious and non-contentious, and covers the full range of pensions and employee benefits issues as well as all areas of immigration law.

All posts

You might also like...

  • Data protection
  • Legislative Changes

GDPR: time to start thinking about the new rules coming into force from 2018

The EU's General Data Protection Regulations (GDPR) will apply in the UK from 25 May next year. With increasingly tighter requirements around how employers must maintain and process personal data, and with the number of fines issued for breaches of UK data protection laws on the increase, many employers are already looking to employ permanent staff dedicated to ensure compliance with the new rules.

By Helena Rozman
  • Data protection
  • GDPR
  • Legislative Changes
  • Privacy

GDPR – are your interests legitimate?

Under the GDPR the requirements for consent will be much stricter, particularly in the employment context, where it is generally accepted that the imbalance of power between the employer and employee is likely to invalidate any consent given by the employee.

By Lisa Watson
  • Confidential Information
  • Data protection
  • GDPR

Processing workers’ health information

By Christie Jamieson

About Dentons

Dentons is designed to be different. As the world’s largest law firm with 20,000 professionals in over 200 locations in more than 80 countries, we can help you grow, protect, operate and finance your business. Our polycentric and purpose-driven approach, together with our commitment to inclusion, diversity, equity and ESG, ensures we challenge the status quo to stay focused on what matters most to you. www.dentons.com

Dentons boilerplate image

Twitter

Categories

Dentons logo

© 2023 Dentons

  • Legal notices
  • Privacy policy
  • Terms of use
  • Cookies on this site