Fleets risk GDPR compliance fines
Fleets are risking General Data Protection Regulation (GDPR) fines by using an employee’s National Insurance (NI) numbers for driving licence checking.
Fleets should ask drivers to enter their own NI number on the DVLA website or use a recognised agency to carry out DVLA checks.
But according to FleetCheck, some employers use an employee’s own NI number and accompanying data, essentially pretending to be the driver.
Director Andy Kirby said: “This is a very risky approach, leaving businesses at the risk of an investigation by the Information Commissioner’s Office, which could be disruptive, expensive, and lead to reputational damage.
“All it would take is one unhappy current or former employee to reveal what you are doing. There is perhaps the possibility of mounting a defence on the basis that the employee has freely handed over their NI number and other data, but that is very much open to question.”
He added: “Using NI numbers in this way may remain undetected for an extended period, potentially until the DVLA introduces a more secure portal, as planned for the future. Nonetheless, a single driver lodging a complaint could lead to significant complications.”
