Welcome guest, please log in here   |    T +44(0)115 7180333   |   E   info@halborns.com

Keeping up to date

We take seriously our responsibility to keep you up to date so that you can use changes in employment law to commercial advantage. By understanding and interpreting the latest case law and legislation we can deliver updates to you that are concise and usable. With imagination, we are able to ensure that developing law can be used to allow you to achieve commercial solutions, cost effectively and expediently.

Data protection – building your audit routines

Posted on: October 19th, 2021 by Ginny Hallam

Taking a proactive and consistent approach to your data compliance routines ensures you’re keeping a handle on the data you hold throughout the year. Below are our thoughts on the key building blocks for your audit routine.

Accountability – having someone in the business accountable for data protection will help to drive audit routines and build a culture conscious about data compliance.

Personal data register (PDR) – a requirement if you have over 250 employees, but highly recommended if you don’t! A well-maintained PDR will underpin your audit routines giving you a clear picture of all the data you hold and what you do with it. We’ve got a PDR template in our Data Protection Toolkit – find out how to access.

System security – employees should only have access to personal data necessary to fulfil the requirements of their role. Regular reviews of the safeguards you have in place will reduce the risk of unauthorised access and highlight where extra security measures might be required.

Third-party processors – review any agreements you have in place to ensure they’re up to date and still relevant.

We’ll provide pt.2 of our audit routine building blocks next week. Get in touch if you’d like to access our Data Protection Toolkit or need support carrying out an audit of your data protection practices. 


This update is accurate on the date it was sent (20 October 2021), but may be subject to change which may or may not be notified to you. This update is not to be taken as advice and you should seek advice if anything contained within affects you or your business.