If your business stores personal details, such as customer and employee records you must comply with the Data Protection Act 1998. People have a legal right to access information you keep on them, including data about grievance and disciplinary issues.
Do you comply with the eight principles of the Act when collecting personal information?
Do you understand how to deal with sensitive information and how to keep staff employment records?
Do you understand the legal restrictions on monitoring staff emails and web use? Video or audio monitoring? What about testing for drugs and alcohol?
There are financial penalties for non compliance and workers can also apply for compensation. DPA compliance is not only a legal requirement but also good business sense.