By Suzanna Kerridge, 21 March 2001 00:30
NEWS According to the latest figures from the Industrial Relations Service (IRS), as many as 50 per cent of employers do not have a best practice data protection policy in place to deal with employees personal information. The investigation by the IRS revealed that 70 per cent of companies have not obtained consent from employees to hold sickness absence records. A further 50 per cent do not have a controlled system to ensure that only the human resources department has access to employees' records, and then only on a need to know basis. David Shepherd, author of the report, claims it showed a worrying gap between legal requirements and the steps taken by companies to enforce the law. He told silicon.com: "Large organisations are struggling, even well respected ones are having trouble complying with the law. Legislation only came into force in March last year so it is early days yet, but even the most determined to comply are only in the process of setting up a system to cope." The Data Protection Act is a nightmare to understand, said Mike Pullen, partner at law firm DLA. "A lot of companies are ignorant of the law and they do not have any procedures in place. They are just lazy because the law keeps changing, it's very complicated and to be frank there are little sanctions against the companies if they do not take any action," he said. The Office of the Information Commission prefer to work with companies to resolve disputes rather than prosecute, he claimed, but they have limited resources to do this. "Either they are serious or not," said Pullen.
In order to post a comment you need to be registered and logged in.
Log in or create your silicon.com account below