Skip to content
ADVERTISEMENT
Fleet Operations & Compliance

Fleets risk GDPR fines by using driver NI for licence checks, warns FleetCheck

Andy Kirby said the practice could potentially lead to prosecution if a disgruntled employee opted to make a formal complaint.

2 min read
Share
NI number - FleetCheck
ADVERTISEMENT

Fleets are risking General Data Protection Regulation (GDPR) fines by using employees’ National Insurance (NI) numbers for driving licence checks, FleetCheck has warned.

Andy Kirby, director of FleetCheck, said the practice could potentially lead to prosecution if a disgruntled employee opted to make a formal complaint that their personal data – which would usually also include date of birth and home address – was being handled.

He explained there were two compliant routes for fleets to check employee driving licences for penalty points.

One is to ask the driver to enter their own NI number on the Driver Vehicle Licencing Authority (DVLA) website, which generates a code the employer can use to undertake licence checks.

The other is to use a recognised agency or product that carries out authorised checks, such as FleetCheck’s own Licence Assured.

However, FleetCheck said it is aware of several employers simply using each employee’s NI number and accompanying data to carry out DVLA checks, essentially pretending to be the driver.

Kirby said: “This is a very risky approach, leaving businesses at the risk of an investigation by the Information Commissioner’s Office (COI), which could be disruptive, expensive, and lead to reputational damage.

“All it would take is one unhappy current or former employee to reveal what you are doing.

ADVERTISEMENT

“There is perhaps the possibility of mounting a defence on the basis that the employee has freely handed over their NI number and other data, but that is very much open to question.”

The practice is also known to be viewed dimly by the DVLA, he added, although it was something the authority found difficult to prove or disprove without a complaint by someone affected.

Kirby added: “Using NI numbers in this way may remain undetected for an extended period, potentially until the DVLA introduces a more secure portal, as planned for the future.

ADVERTISEMENT

“Nonetheless, a single driver lodging a complaint could lead to significant complications.”

He added that issues over licence checks remained common at many fleets, with fundamental errors often being made.

Kirby said: “We encountered one fleet recently that inspects licences by looking at the standard plastic card, which has never shown points.

“Presumably, that fleet manager is impressed that none of his drivers have ever been penalised. These are basic and worrying risk management failures.”

Related

ADVERTISEMENT