It has been announced recently that WH Smith has been the victim of a cyber attack.

The high street retailer said it has seen hackers access company data including current and former employee information. This is likely to include information such as ID documents (passport or other right to work documents), NI numbers, bank details and other personal information which poses a risk of identity theft or fraud for these individuals.

Greencore, a leading UK manufacturer of convenience foods, has experienced a similar data breach recently, affecting current and former employees, with some former employees going on to experience identity theft following the breach and seeking legal redress from their former employer as a result.

It is critical that employers firstly reduce the risk of such cyber attacks through adequate IT support and secondly, that they only retain appropriate data and that data is kept for an appropriate length of time.  As an example you should retain right to work and immigration documents for two years post-employment whereas you only need to retain recruitment records for applicants for 6 months after the process has concluded.

Further to that you should have all of the appropriate policies that cover data in place within your organisation such as a data protection policy, privacy notice, candidate privacy notice, CCTV policy, and the list goes on!

We can provide you with a document retention guide and any policies that you might require within your business to ensure you are retaining information for the correct period of time.  Please don’t hesitate to contact us on 0333 888 1360 or [email protected] and speak to one of our advisors.

For advice or for a free assessment contact us today