Employment law advice | Southampton | Winchester Skip to content

Employment Law Solicitors

Work is often a big part of your life so it’s important that any work issues are managed promptly. Small difficulties at work can easily escalate into problems that create a huge amount of stress and you may require the help of employment law solicitors to resolve matters. You may be facing disciplinary action, a redundancy situation, unfair dismissal or discrimination, or you may want to leave your employer in an amicable way. Whatever situation you are facing, our experienced team of expert lawyers based in Southampton and Winchester can provide support, help you understand your rights and achieve the best outcome for you. We offer a fixed fee service for individuals who wish to take some initial advice.

Contact our team

GET IN TOUCH

Problems in the workplace

Below are some of the areas in which our employment law solicitors can provide advice:

  • Disciplinary or grievance situations, advising you on your rights and reaching a solution
  • Discrimination issues including discrimination on the grounds of sex, race, age, religion or belief, sexual orientation, pregnancy/maternity and disability
  • Bullying or harassment issues
  • Contract issues – has there been a breach of contract or are the terms of your contract in dispute? 
  • Whistleblowing cases
  • Long term sickness absence – is your employer managing your absence properly?
  • Unlawful deductions from wages
  • TUPE advice if your employment has or will be transferred to a new employer
  • Equal pay issues
  • Flexible working requests including a change in hours or working from home

Restrictive covenants

  • Post-termination restrictive covenants are common in employment contracts. We are often asked to advise on enforceability of restrictive covenants.
  • You may be thinking of leaving your employer and want to know what you can and cannot do.
  • You may be accused of being in breach of a restrictive covenant and we can defend you and negotiate an amicable resolution with your employer.

Leaving your role

  • Unfair dismissals – leaving your employer on bad terms can be incredibly stressful, even more so when you feel you have been dismissed unfairly or forced to resign
  • Redundancy situations – has the process been fair and have you received the payments you are entitled to?
  • Settlement Agreements
  • Representation in employment tribunal claims

For Directors

  • Service Agreements – advice on the terms of your contract
  • Settlement agreements and exit terms
  • Obligations after your employment including post-termination restrictions
  • Benefits, bonuses and commission schemes
  • Share options
  • Long term incentive plans

How we work with you

Whilst based in the South of England, Paris Smith acts for businesses and families throughout the UK. Technology has enabled us to provide a high level of service to our clients whether they are local to our offices or not. Our advice can be given in many ways:

  • Over the telephone
  • Via video conferencing
  • In face to face meetings

We will talk through how you would like to be contacted and the best ways for us to meet in our early conversations with you.

Fixed Fee Scheme

We offer new clients an initial fixed fee meeting to discuss their situation in more detail with one of our employment law solicitors. Prior to the meeting you will be asked to provide a brief summary of the situation. At the meeting, the legal issues will be discussed and any future work agreed. In some cases, you might not need anything more than the fixed fee meeting.

The cost of the meeting will be charged at a fixed fee rate of £150 plus VAT (£180) to be advised for up to 1 hour by a solicitor in the team. This meeting is priced on the basis that you will not require the solicitor to read through any documents in advance of your meeting.

If you would like the solicitor to read through relevant documentation in advance of your appointment, we charge a slightly higher fixed fee of at £195 plus VAT. This includes up to 30 minutes of the solicitor’s time in advance of the appointment reviewing the paperwork. It also includes up to a 1-hour meeting with you to talk through the situation.

Please note, if more than 30 minutes of time will be required based on the volume of documents, or complexity of them, the solicitor will contact you to provide a cost estimate for any additional time required in advance of your meeting. Certain matters may be too complex or involved for the fixed fee scheme. If the matter is not suitable for the fixed fee scheme, we will discuss your options and provide you with details of the likely costs.

Get in touch to speak with an expert.

Chambers Alternative 500

Introducing your key contacts

Clive Dobbin

Partner and Head of Employment & Sports

David Roath

Partner – Employment Team, Winchester

How we’ve helped our clients

“I would like to thank Claire Merritt for her prompt, considered and clear approach to my unplanned exit. Claire was able to rapidly assess options and suggest best solutions and timescales. I was able to meet Claire by phone, Teams and face to face. Thank you Claire and the Paris Smith team.”

Senior Retail Exit

“They helped me decide on the best and most appropriate solution in my circumstances. I instructed Paris Smith on a complex exit from a professional practice. They were clear and concise in their advice. They helped me decide on the best and most appropriate solution in my circumstances. They talked through the options and gave me a really clear view on the likely outcomes of each option. I wouldn’t hesitate to contact the Employment team in the future and recommend them to anybody in similar circumstances. I would recommend Paris Smith LLP. ”

Architecture Services

“Outstanding service provided by Tabytha Cunningham and her colleague Charlotte Farrell. I would highly recommend Tabytha as she provided exceptional and first class legal advice on an elongated dispute with my previous employer. Tabytha is very professional and her attention to detail is astounding. Tabytha is honest, hardworking, trusted and a brilliant individual working for a well sought after legal company – she is a real credit to Paris Smith LLP. Tabytha kept me in the loop and did exactly as she said she would and I was never let down. After two years I was grateful for Tabytha’s tenacity and her extreme passion in her role. Highly recommended.”

Daljit Kooner

“Adam provides excellent realistic legal advice and provides the potential outcome of any action taken. He is easy to talk to and shows great empathy which I found really helped me through a difficult legal situation. Adam is very responsive in terms of communication. I would highly recommend Adam if you need legal support, a real gem!”

DJF – Resignation/Grievance case

“Sources say “The employment law team is very current, aware and up-to-date with legislation and knowledgeable on a wide range of matters;” “The service has always been very professional and informative and I have always had confidence in the people I have dealt with;” “The Paris Smith Employment Team has great experience and genuine flair in acting for a range of clients over the full spectrum of employment law;” “The advice Paris Smith gives is sound, and it always takes into consideration the commercial aspects as well as the legal framework;” and “The experience of the team really shines through.””

Chambers Legal Directory 2025

“Referees say “There is expertise in all areas. They are quick to respond at all hours and their advice is spot on!”. Another says “hey are the leading Solent-based law firm. Strong roots in local business have been fostered by years of high-quality work. They are expert but also have a good personal touch. A joy to work with”, whilst another says “It employs very well-known and respected employment lawyers who have been practicing in Southampton for many years. They offer an excellent service and lend pragmatism and robust advice to all scenarios.””

Legal 500 2024 Edition

“Referees say “They always impress with their breadth of knowledge” and “They are very commercially aware.””

Chambers & Partners 2023 – Referee Comments

“We had an amazing experience great advice and we put our trust in our legal advisor whom took time to listen and did not disappoint.”

VS – Grievance

“I found Andrew very helpful and informative. He helped me with a complex discrimination claim. Andrew made the process simple, quick and painless. I got an excellent result and highly recommend Andrew.”

CB – Discrimination Claim

“My solicitor Andrew was fantastic! Highly knowledgeable but explained everything to me so simply, friendly, supportive and got me exactly what I wanted!”

SC – Settlement Agreement

“Sarah was very considerate and just the right level of empathetic. She was very clear and explained things in a way that I would understand. I felt in very safe hands with Sarah. ”

Employee – Grievance with employer

“Charlotte & Tabytha have provided an excellent, efficient and honest service throughout with clear and regular updates and communication. ”

Paul Atwal

“Responsive and receptive. Adam Wheal was very helpful and provided some good advice having grasped the details of the situation quickly. All contact with other members of the team were positive experiences.”

ML

Chambers Top Ranked logo 2025

Chambers and Partners Legal Directory 2025 – Band 1

What the team is known for

Paris Smith is a respected employment team, noted for its strong reputation in the local market, which acts for both employees and employers and has significant experience in acting on both sides of senior-level exits. The firm represents clients in employment tribunals and restrictive covenant actions as well as aiding companies with employment training programmes. The team regularly advises clients from the education and transport sectors.

Strengths

“The experience of the team really shines through.”

“The employment law team is very current, aware and up-to-date with legislation and knowledgeable on a wide range of matters.”

Notable Practitioners

Clive Dobbin – Band 1

Clive Dobbin leads the Paris Smith employment practice. He regularly advises on senior-level exits, contractual issues and TUPE matters.

“His approach to the work is not only thorough and responsive, but he takes you on a learning journey as well.”

“Clive has assisted with a number of matters, quickly and efficiently.”

“Clive is always ready and willing to assist and to provide advice on complex matters.”

“I trust his judgement implicitly.”

“Clive is a solicitor who inspires genuine confidence in his clients and this is reflected in the loyalty displayed by those clients towards him.”

David Roath – Band 1

David Roath is an experienced employment lawyer and mediator who acts for corporate clients as well as senior employees.

“David has the focussed ability to get the point across effectively.”

Claire Merritt

Claire Merritt is sought out by clients for her ability to advise on both contentious and non-contentious matters. She regularly works with clients on defence strategies in the Employment Tribunal as well as offering support on whistleblowing matters.

“Claire’s professionalism and approachability have been exemplary.”

“Claire provides sound advice.”

Podcast

Sarah Hayes and Tabytha Cunningham | 28th September 2022

Menopause in the workplace

LISTEN TRANSCRIPT

Sarah Hayes and Tabytha Cunningham | 28th September 2022

Menopause in the workplace

In today’s episode, we’ll be discussing the impact of menopause on employees, and some of the steps that employers can take to support staff experiencing menopausal symptoms.

01:21: To start with, we’ll hear from Sarah Hayes, an employment lawyer at Paris Smith LLP. Sarah has extensive experience in advising employers on a range of issues relating to menopause, and she offers some great advice on how to support employees going through this difficult time.

09:00: We’ll also be talking to Tabytha Cunningham, who provides some great tips on how employers can make reasonable adjustments to help staff manage their symptoms.

13:53: Finally, we’ll ask Sarah about the usefulness of introducing a menopause policy, and she offers some great advice on what this could include.

So, whether you’re an employer looking to support your staff better through menopause, or an employee who’s experiencing symptoms and looking for advice, you won’t want to miss this episode.

Thank you for listening.

References and further reading

https://www.acas.org.uk/menopause-at-work
https://parissmith.co.uk/blog/menopause-and-employment-law-is-it-a-disability-and-what-steps-can-employers-take/

LISTEN

Tabytha Cunningham and Charlotte Farrell | 3rd February 2022

Hybrid and Remote Working: Practical Implications for Employers

LISTEN TRANSCRIPT

Tabytha Cunningham and Charlotte Farrell | 3rd February 2022

Hybrid and Remote Working: Practical Implications for Employers

Remote and hybrid working has now become the norm for many businesses. Not only can there be various benefits to this flexibility, but more and more prospective employees look for this when applying for roles.

Employers who have embraced remote and hybrid working however need to ensure they are doing this compliantly; it’s crucial to have the right policies in place and employment contracts.

Employment experts Tabytha Cunningham and Charlotte Farrell discuss in our latest episode.

Find our more: parissmith.co.uk/your-business/employment-law/

Download our guide to hybrid working: parissmith.co.uk/wp-content/uploa…brid-working.pdf

00:45
Why should employers formalise their remote working practices?
Employers need to think about how they can support employees who are now permanently working from home.

02:33
What steps do employers need to take to formalise these new processes? Charlotte and Tabytha talk about the importance of having a hybrid working policy and what this should include.

04:35
Key practical considerations – our experts cover health and safety, risk assessments and data protection obligations in relation to hybrid and remote workers.

07:15
How employers can best support their remote employees and the importance of using appraisal procedures effectively.

09:35
Issues with international employees. If employers are happy with having staff in other locations, what practically do they need to think about?

LISTEN

10th July 2019

Can Employees Be Made To Wear Heels To Work?

LISTEN TRANSCRIPT

10th July 2019

Can Employees Be Made To Wear Heels To Work?

Recent media coverage around dress code at work has sparked examination into the guidance available for employers; what legal principles do you need to know before making any changes to dress code policy? Solicitor Sarah Hayes discusses.

Show notes
00:30 Sarah talks about recent media coverage from Japan around workplace dress codes – what can we learn from this?
01:25 Sarah examines a recent example from the UK
02:00 Sarah talks about the Equality Act – are there gaps?
02:30 New guidance is published for employers and employees – how are these applied in practice?
03:10 What does this mean for employers and what should you consider if revising your dress code policy?

LISTEN

26th June 2019

Can An Employee Enforce A Discretionary Bonus?

LISTEN TRANSCRIPT

26th June 2019

Can An Employee Enforce A Discretionary Bonus?

By looking at a previous real world example, Aleksandra Golat from our Employment law department answers the question, can an employee enforce payment of a discretionary bonus?

Show notes
00:43 When can employees enforce a discretionary bonus, what must they do?
01:00 Aleksandra discusses the case of Bluestone Medical Recruitment
03:05 What factors need to be considered by the employer and the employee?
03:45 What can we learn from this case? How should employers take this in practice?

LISTEN

Videos

Subject Access Request

TRANSCRIPT

Charlotte Farrell and Ryan Mitchell | 3rd November 2022

Subject Access Request

The Paris Smith Employment Podcast is a regular podcast that discusses all things related to employment law. The podcast is hosted by Charlotte Farrell and Ryan Mitchell, both are lawyers at Paris Smith LLP. In today’s episode, they discuss subject access requests and the key things businesses need to know about them. The GDPR was introduced in 2018 and has led to individuals becoming much more aware of their rights regarding their personal data. As a result, Paris Smith has seen more people making subject access requests.

You can find out more info here: https://parissmith.co.uk/your-business/commercial-law/data-protection-and-gdpr/


01:00:00 – The right to access personal data held by organisations is a legal right given to individuals.

02:00:00 – Personal data is any information that relates to an identified or identifiable living individual.

06:30:00 – Anonymised data can be excluded from a subject access request.

07:00:00 – Subject access requests are being used more often as a way to find information for employment tribunal claims.

07:54:00 – The main use for subject access requests in a commercial setting is to upgrade complaints to “super complaints.”

09:00:00 – The main points to consider when dealing with a subject access request are verifying the requester’s identity, diarising key dates, and trying to locate the requested information.

11:17:00 – Subject access requests are usually free, except for when they are excessive. If someone refuses to pay or withdraws their request, businesses may have trouble recovering costs.

13:38:00 – The business doesn’t have to send everything to the individual who they find. Someone needs to go through it and identify any documents which don’t need to be disclosed.

15:00:00 – Organisations need to include a cover letter with personal data when sending it to someone in response to a subject access request.

16:20:00 – Employees use subject access requests to check their personal data is being processed correctly and tactically.

18:16:00 – The government is proposing to decrease the threshold for an organisation being able to refuse to respond to a subject access request, or to be able to charge a reasonable fee.

19:19:00 – The word vexatious could potentially help to stop requests where the person is only using it to cause trouble for their employer or ex-employer.

19:50:00 – The top tip for dealing with subject access requests is to have a written procedure and use systems which allow for personal data to be easily searched, reviewed and extracted.

21:07:00 – HR and line managers should train all staff on the GDPR and data protection issues, including subject access requests. Staff should be aware of what they can and cannot do with personal information. Deleted emails are still searchable.

23:25:00 – The risks of getting subject access requests wrong include complaints to the Information Commissioner’s Office and investigations which can lead to instructions on how to correct procedures.

Transcript

Welcome to the latest edition of the Paris Smith Employment Podcast.

I’m Charlotte Farrell and for today’s podcast we are very pleased to also welcome a guest from our commercial team, our colleague Ryan Mitchell.

We regularly work alongside Ryan on all things GDPR and data protection related and today we’re delighted that he’s joined us to discuss subject access requests and the key things businesses need to know about them. With the arrival of the GDPR in 2018, data protection and the rights of individuals when it comes to their personal data has come to the forefront of many people’s minds.

We are definitely finding that individuals are much more aware of their rights when it comes to how their personal data is handled and we have seen an increase in people, not just employees, bringing subject access requests against business. This brings with it many practical issues need to bear in mind when carrying out their day to day tasks.

So today we’re going to look at some of these issues, not only from the employment angle but also the general issues businesses should be aware of.

So I suppose the first thing we should talk about is what a subject access request is. Ryan, can you give us a brief overview of what a subject access request is.

Of course! A subject access request is a request by an individual (which can be verbal, in writing or via an automated system) to receive copies of the personal information which an organisation holds about them. We call that personal information ‘personal data’.

When making a subject access request, the individual can also ask for additional information about how and why the organisation uses their personal data.

Individuals have a legal right to make subject access requests. This is called the ‘right of access’. It’s a right which is specifically set out in data protection law. Because it’s a legal right, organisations have a legal duty to respond to a subject access request, subject to some very limited exceptions which we’ll come on to.

So it’s a really broad right in that case then which can be very time consuming for a business to comply with. When you say, “personal data” or personal information, what does that cover. Is it any time that someone’s name is mentioned or is it more limited?

So ‘personal data’ means any information that relates to an identified or identifiable living individual. That individual is called the “data subject” in data protection speak.

To work out whether a piece of information is classified as ‘personal data’ it’s helpful to ask two questions:

1. Does the information identify a living individual? The information could be identifying on its own, for example a person’s name. Alternatively, it might be possible to combine this piece of information with other information the organisation holds (or may in the future hold) in order to identify someone. For example, an employee number can be combined with HR records to work out which specific individual in the business has that employee number.

If we’re combining information to identify a person then we call that ‘indirectly’ identifying personal data. If it’s obvious from the piece of information alone who the person is then it’s ‘directly’ identifying personal data.

2. The second question we need to ask ourselves is whether the information ‘relates to’ the individual. It’s not enough just to be able to identify the individual from the information. The information must ‘concern’ the individual in some way.

Let’s take two examples: the statement “Joe Bloggs lives at 15 Beachcroft Road” and a personnel file note that says “Mary Stewart is dishonest and I think she has been stealing from us”. These are both pieces of personal data. We know this because:

The answer to our first question – does the information identify a living individual – is yes. Each of these two statements contains the individual’s name, meaning they are directly identified.

The answer to our second question – does the information relate to the individual – is also yes. The statement about Joe Bloggs’ address relates to where he lives. The note about Mary relates to her work performance and her integrity as an employee.

Because these are statements containing each individual’s personal data, they would need to be disclosed following a subject access request.

However, let’s take another example. Say we have hundreds of work emails with Joe Bloggs’ name on where the content of the email doesn’t relate to Joe Bloggs as an individual. In that situation, Joe Bloggs’ name and email address on those emails would identify him (so the answer to our first question is ‘yes’) but these pieces of information don’t actually ‘relate to’ Joe (so the answer to our second question is ‘no). Rather, they’re just a record of who sent or received the emails. In this scenario, the emails wouldn’t need to be disclosed in response to a subject access request. The situation would be different if the substance of the emails did actually relate to Joe. For example, because they discussed his performance at work.

The second question, of whether information ‘relates to’ an individual, can lead to some grey areas. When these types of questions arise, a good starting point would be the ICO’s guidance (available online at www.ico.org.uk). The guidance includes a number of worked examples which are really helpful.

But what if the data is anonymised, does it still count as personal data then?

No – if the data is anonymised then isn’t treated as personal data. This is because it doesn’t identify a living individual. Provided you’re confident that the data is truly anonymised, it can be excluded from a subject access request.

Thanks Ryan for that very clear explanation. For three little words the process actually has some quite big implications and many businesses don’t understand that until they have to deal with it in practice themselves. We have definitely found over recent months and particularly since 2018 and the introduction of the GDPR that individuals are much quicker to make a subject access request and much more aware of what thy should be sent. Even though it wasn’t what the process was set up for, we’ve always seen them used in the employment world as a fishing expedition to see if there is are any juicy documents that its worth using to start a tribunal claim. If anything that has got worse since the GDPR.

Ryan, are there any particular ways that you regularly see them used in the purely commercial setting by clients or customers of business?

In a similar vein, we sometimes see customers make subject access requests if there’s a dispute. It’s a very easy way for an individual to upgrade their complaint to a ‘super complaint’ which can take a lot of time and sometimes money to respond to.

The main protection against these sorts of complaints is to have a good subject access procedure in place in readiness. When choosing new IT systems, it’s also a good idea to think about how easy it will be to search for personal data and extract it from the new system if a subject access request is received. This thought process when choosing or developing new systems is known as ‘privacy by design’.

Ok so I think it makes sense to now touch on the process a business should follow if someone makes a subject access request. If someone makes a subject access request there are key steps to take:

Firstly, always check the identify of the person making the request to make sure that it isn’t someone trying to commit fraud. If it’s an employee or someone the business knows personally you can speak to them to check the request came from them. Otherwise you can ask for ID such as a passport or drivers licence or copy of a bill to check the request is legitimate.

Secondly, make sure you diarise the key dates. Since the introduction of the GDPR you have 1 month to process the request. This can be extended by a further two months if the request is particular large or complex. If that’s the case you have to update the person and tell them that you need more time with the first one month time frame so make sure those dates go in the diary and don’t leave dealing with the request until the last minute. In some cases it can take a long time to go through all the documents produced so it’s worth starting early!

Thirdly, always check that the subject access request makes sense and that you understand what they’re asking for. if not you can go back to them to clarify the request and ask them to provide more information. The ICO doesn’t like companies that always ask for clarification though so make sure there is a legitimate reason for asking. The clock stops while you’re waiting to hear back from the person so this can be helpful when the request is very big.

Once you know what is being asked for the business must make reasonable efforts to find the information that was requested. They don’t have to conduct searches which would be unreasonable or disproportionate but will need to explain what searches they have done and why. It might involve searching servers, data bases, email folders and paper filing systems.

Ryan do you want to tell us a bit more about the costs of a subject access request.

Yes of course. So normally a business can’t charge someone if they make a subject access request – there used to be a £10 admin fee but that doesn’t exist anymore.

Now, the only times a business can charge for responding to a subject access request is if:
1. the request is ‘manifestly unfounded’ or ‘excessive’; or
2. the organisation is being asked to provide copies of information which the individual already has.

In either of these scenarios the organisation can charge a ‘reasonable fee’. Alternatively, if the request is ‘manifestly unfounded or excessive’ then the organisation can refuse to process the request altogether.

If you’re thinking of trying to charge the individual then it would be sensible to double-check with them that they still want to proceed, before carrying out any activities which you would look to charge for. If the individual refuses to pay, and you’ve already incurred the costs, then you may struggle to recover the money. If the individual withdraws their request, or part of their request, then you’ve saved the effort and cost of having to respond to it.

Additionally, we’d always recommend taking advice if you suspect a request is ‘manifestly unfounded’ or ‘excessive’. If the data subject complains to the ICO that you’ve unfairly refused to respond to the subject access request for these reasons then the ICO might want to double-check your reasoning. You may face a enforcement action (which could include a fine) if you got it wrong and failed to respond to a valid request.

For this reason, it’s good practice to still process the parts of the request which you don’t object to and then explain in the cover letter why you couldn’t or wouldn’t respond to the other parts of the request. The ICO will see this as a better compromise than refusing to comply with the entire request.
Leading on from this, Charlotte, does the business have to send everything to the individual that they find?

That’s a really good point and one that is often forgotten about. The simple answer is no. Once the company has found all the documents containing the personal information requested, someone needs to go through it and identify any documents which don’t need to be disclosed. There is a long list but some of the most common ones we are see are documents which also identify other people, documents which are covered by legal professional privilege, references, documents for the purposes of management forecasting or business planning which would prejudice the business if the information got out (i.e. a planned redundancy programme) and documents about negotiations between the parties which could cause problems in the negotiations if they were shared.

If any of this information is found the business needs to consider whether the document can be redacted to remove the personal information or whether consent can be obtained from the other people named in the document. If not then this can be withheld and a note added to the cover letter to explain this.

So having mentioned the cover letter, Ryan I know these are letters that you often have to put together for clients when they are responding to subject access requests, what information do businesses have to put in the cover letter when they send the personal information to someone.

Yes, the letter is an important part of the process. The ICO guidance sets out what information has to be in the letter and says which documents need to be sent with it. Often the letter is repeating information that is already set out in the organisation’s Privacy Notice or Privacy Policy, and so much of the content can be adapted from there.

I won’t summarise every item that needs to go in the cover letter, but it’s basically the ‘what, why, where and how long’ of the organisation’s data processing activities. The individual also needs to be reminded of their legal rights, including the right to complain. I’d recommend double-checking the comprehensive list of information in the ICO’s guidance before the cover letter is sent, just to ensure that everything has been covered.

Charlotte, you mentioned earlier that you often see unhappy employees sending subject access requests to their employers. Would you like to talk more about the trends you’ve seen with these types of request?

Yes we definitely do. I’m not sure employees always use them, in the right way though. the idea of a subject access request was so that an individual could check a business was processing their personal data in the correct way and for the reasons it was given to them. For example, not selling their contact details to people who want to sell them new windows, or sharing their health information with insurance companies. In the employment world, people tend to use them in a more tactical way.

We regularly see individuals make a subject access request at the same time as they raise a grievance to complain about something happening at work. Or if they are trying to negotiate a settlement package from their employer, an employee will make a subject access request in the hope that dealing with it will be too difficult for the employer and they will agree to the payment to avoid having to do so. Employees do also do it as a fishing exercise to decide whether or not they want to bring a claim and IU would say that more often than not they bring them for the nuisance factor. Sometimes this works and the employer responds to it, in other situations it annoys the employer and they dig their heels in and comply with the request to avoid giving in to what they can perceive as a threat.

Interesting. From the organisation’s perspective, it’s unfortunate that the law can be used in this way.

I know that last year the government consulted on whether to reintroduce a nominal fee for making subject access requests, like the £10 charge we had under the old law. In the end they decided not to go ahead with it.

Following that same consultation the government did decide to proceed with looking to decrease the threshold for an organisation being able to refuse to respond to a subject access request, or to be able to charge a reasonable fee to respond. You’ll remember from earlier that the current threshold is that the request needs to be ‘manifestly unfounded’ or ‘excessive’. In response to the consultation, the government said they would look to reduce this so that the organisation only needs to show that the request was ‘vexatious ‘or ‘excessive’.

This approach hasn’t been finalised but do you see this change as being a positive for employers?

Yes I really think it would be. We often see the word vexatious used to describe things in the employment world and it could potentially help to stop requests where the person is only using it to cause trouble for their employer or ex-employer. Those types of requests weren’t stopped by the “manifestly unfounded” Category as it didn’t quite fit!

What would your top tip for dealing with subject access requests be Ryan?

I previously mentioned that it’s important for organisations to have a written subject access request procedure. This ensures all the key personnel involved in responding to a subject access request know what to do and can take action within the legal time limit. Where possible, this should be supported by the organisation using systems which allow for personal data to be easily searched for, reviewed and extracted following a subject access request. If searching and collating the data is an issue then there are third party service providers who can help with this process, although they can be costly to use.

A data audit of the organisation’s systems can reveal which repositories of data are most likely to cause an issue. Often these are old, legacy systems or paper-based records which can’t be easily searched. The organisation might want to prioritise searching those sources first when receiving a subject access request. That way they don’t overrun the deadline to respond.

Charlotte, is there anything else which HR teams and line managers can specifically do to prepare for the eventuality of receiving a subject access request?

There definitely are and it is worth investing some time in training all those with line management responsibilities in them to try and make the process as easy as possible if someone does make a subject access request. Some common sense things are :
– to make sure email and filing systems are kept up to date and are easily searchable
– to keep all HR related emails and documents together in one central system and not on individual email accounts or hard drives
– be careful about what is said by email – if in doubt have a conversation
– when writing internal notes and emails, bear in mind that the person it is about and/or a judge could potentially read it in the future. If you wouldn’t want them to read it then reconsider what you’re writing

We also recommend all staff have training on the GDPR and data protection issues in general, including subject access requests so they know what they are and how they fit into the business. This doesn’t just apply to those who manage staff anyone who handles personal information about clients, customers or employees should be aware of the legislation and duties and know what they should and shouldn’t do.

It’s also important to remember that deleted emails are also searchable and so just because something has been deleted doesn’t guarantee that

Before we end our discussion on subject access requests today, I think its worth us just briefly touching on the risks of getting it wrong as well. Ryan do you want to share some final thoughts with us about that?

Of course. If the data subject doesn’t think that the organisation has complied with the process properly then they can complain to the Information Commissioner’s Office (the ICO). The ICO may launch an investigation in response to the complaint. It will take management time (and possibly legal fees) for the organisation to respond to the ICO’s enquiries.

If the ICO finds that the organisation has not followed the law then it may give binding instructions on how the organisation should correct its procedures and documentation. If there has been a serious breach of the law then the ICO might use its other enforcement powers, such as publishing a public notice about the breaches (which can lead to reputational damage) and/or issuing fines.
It’s therefore worth investing the time to ensure you respond to subject access requests properly and promptly first time around!

So that brings us to an end of our brief foray into data protection and subject access requests. Thank you to Ryan for being our first guest star on the employment podcast and thank you to you all for joining us too. We hope you found it useful. For further information in relation to the issues we have discussed today, please contact us via our website www.parissmith.co.uk or find us on LinkedIn.

Top tips: how to get the most from your employment lawyer

TRANSCRIPT

Claire Merritt | 10th December 2021

Top tips: how to get the most from your employment lawyer

Look You may also be interested in

Professional Negligence
professional-negligence-professional-action-financial-damage-to-business-negligent-supplier-supplier-professional-negligence-professional-standards-claim-professional-negligence-claim-against-architec
Representation at Employment Tribunal
representation-at-employment-tribunal-dispute-over-my-employment-dispute-with-an-employee-dispute-with-my-employer-early-conciliation-employment-disputes-employment-tribunal-fees-et1-claim-form-fired
Settlement Agreements
settlement-agreements-discrimination-claim-settlement-ending-employment-ending-employment-on-agreed-terms-ex-gratia-payment-gagging-clauses-legally-binding-agreement-mutually-agreed-resignation-partin

Stay up to date with our latest industry news

By completing your details and submitting, you are consenting to us sending you relevant legal updates and invitations based on the areas of interest you select. For further details please read our privacy notice.

Back Back to YOUR LIFE

AccreditationAccreditationAccreditationAccreditationAccreditationAccreditation