CIPP-E · Question #65
CIPP-E Question #65: Real Exam Question with Answer & Explanation
The correct answer is D. The employer must supply any information held about an employee unless an exemption applies.. According to the UK GDPR, employees have the right to access and receive a copy of their personal data, and other supplementary information, from their employer. This is known as a data subject access request (DSAR). Employers must respond to a DSAR without delay and within one m
Question
Options
- AThe employer can automatically decline the request if it contains personal data about a third
- BThe employer can decline the request if the information is only held electronically.
- CThe employer must supply all the information held about the employee.
- DThe employer must supply any information held about an employee unless an exemption applies.
Explanation
According to the UK GDPR, employees have the right to access and receive a copy of their personal data, and other supplementary information, from their employer. This is known as a data subject access request (DSAR). Employers must respond to a DSAR without delay and within one month of receipt of the request, unless the request is complex or excessive. Employers should perform a reasonable search for the requested information and provide it in an accessible, concise and intelligible format. Employers can only refuse to provide the information if an exemption or restriction applies, or if the request is manifestly unfounded or excessive. Some of the exemptions that may apply in the employment context are: legal privilege, management forecasting, confidential references, negotiations, regulatory functions, and criminal convictions and offences. Employers should disclose the information securely and inform the employee of their rights and the source of the data.
Community Discussion
No community discussion yet for this question.