In recruitment, references remain one of the most important tools available to employers.

A well-written reference can validate experience, confirm capability, and provide reassurance that the right hiring decision is being made. But references can also create tension between transparency, data protection rights, and the need for honest professional feedback.

One question continues to divide opinion across HR and business communities:

Should employment references be treated as confidential?

Under UK data protection legislation, confidentiality in references is not automatic. Nor is it an unrestricted right.

Instead, employers are expected to carefully balance transparency obligations against the legitimate interests of protecting candid professional opinions.

At Vetting.com, we believe this is an area where employers need greater clarity, consistency, and confidence.

Confidential References Under UK Law

The UK GDPR and the Data Protection Act 2018 give individuals the right to request access to personal data held about them.

This means candidates and employees can submit a Subject Access Request (SAR) to an organisation and ask to see information connected to them, including information gathered during recruitment processes.

However, there is an important exception when it comes to confidential references.

Schedule 2, Part 4 of the Data Protection Act 2018 provides exemptions relating to confidential references that are given:

• For employment purposes
• For training or educational placements
• For voluntary work
• For the provision of services

Importantly, the legislation does not create a blanket exemption.

Each request must be considered individually.

Employers must assess whether withholding the reference is reasonable, proportionate, and justified under the circumstances.

Official guidance from the Information Commissioner’s Office (ICO) reinforces this principle.

Relevant resources:

• UK GDPR Guidance from the ICO: https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/
• ICO Employment Practices Guidance: https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/employment/
• Data Protection Act 2018: https://www.legislation.gov.uk/ukpga/2018/12/contents

Confidential Does Not Mean Untouchable

One of the biggest misconceptions among employers is that marking a reference as “confidential” automatically prevents disclosure.

That simply is not the case.

If a candidate submits a Subject Access Request, the receiving employer may still need to consider whether the reference should be disclosed.

Factors often considered include:

• Whether the referee expected confidentiality
• Whether disclosure could unfairly impact the referee
• Whether disclosure is necessary for fairness or transparency
• Whether other individuals are identified in the reference
• The wider context surrounding the recruitment process

There is also another important consideration.

Courts and legal disclosure obligations can override confidentiality decisions.

For example, if a reference becomes relevant during employment litigation or tribunal proceedings, organisations may be legally required to disclose information regardless of previous confidentiality assumptions.

This is why HR teams should avoid viewing confidentiality as a guaranteed shield.

The Employer’s Dilemma

Many employers support confidential references because they believe confidentiality encourages honesty.

Without it, there is concern that references may become overly cautious, generic, or legally sanitised.

We have already seen this trend in many sectors.

Today, a significant number of employers provide only:

• Employment dates
• Job titles
• Confirmation of role

While this reduces legal risk, it also reduces the practical value of references.

For hiring managers, that creates a challenge.

How can businesses make informed hiring decisions if references become little more than administrative confirmations?

On the other side of the debate, candidates increasingly expect transparency.

Many believe they should have visibility over information that could directly influence hiring outcomes and career opportunities.

From a fairness perspective, this argument is understandable.

Inaccurate, misleading, or malicious references can have serious professional consequences.

The ability to challenge incorrect information is an important safeguard.

Finding the Right Balance

In our view, the answer is not complete confidentiality or complete disclosure.

The better approach is responsible, evidence-based referencing supported by robust recruitment processes.

Employers should ensure that references are:

• Objective
• Relevant to the role
• Factually accurate
• Professionally written
• Supported by documented evidence where appropriate

References should never include:

• Personal opinions unrelated to performance
• Discriminatory comments
• Unsupported allegations
• Emotional or retaliatory language

At the same time, organisations should have clear policies outlining:

• Who can provide references
• What information can be shared
• How Subject Access Requests are handled
• When confidentiality may or may not apply

Consistency is essential.

Without a clear process, organisations expose themselves to unnecessary legal, reputational, and operational risk.

Why Professional Reference Checking Matters

As recruitment becomes more regulated and compliance-driven, many employers are turning to specialist screening providers to manage reference checking professionally and consistently.

Structured reference checking helps organisations:

• Improve hiring confidence
• Reduce compliance risk
• Standardise recruitment processes
• Create auditable screening records
• Protect candidate and employer interests

At Vetting.com, we support employers with professional reference checking services designed to help organisations recruit safely, fairly, and efficiently.

Learn more about our reference checking services here.

Questions HR Teams Should Be Asking

As legislation, candidate expectations, and workplace culture continue to evolve, HR professionals should consider:

• Are our reference processes legally compliant?
• Do our managers understand confidentiality limitations?
• Are we balancing transparency with honest feedback appropriately?
• Could our current approach expose the business to risk?
• Are our references actually helping hiring decisions?

These are no longer purely administrative questions.

They sit at the centre of recruitment governance, employer reputation, and workforce quality.

Final Thoughts

Confidential references remain a complex and often misunderstood area of UK employment practice.

The law allows employers to consider confidentiality, but it does not provide automatic protection.

Every situation must be approached carefully, reasonably, and with proper consideration of both data protection rights and legitimate business interests.

Ultimately, we believe the future of referencing should focus less on secrecy and more on professionalism, accuracy, and accountability.

Employers should feel able to provide honest references.

Candidates should feel confident that processes are fair.

And HR teams should have the tools, policies, and support needed to navigate the balance between the two.

---

Want to know more about our referencing packages?

If your organisation wants to strengthen its recruitment compliance and improve the quality of its reference checking process, our team can help.

Contact us directly to discuss your requirements: sales@vetting.com

Why Employers Choose VETTING.com

VETTING.com simplifies the reference checking process for clients, candidates, and referees.

Our automated reference checking tool makes collecting references easier and faster, helping remove unnecessary delays and administrative burden from the employment screening process.

Reference checks can provide valuable insight into a candidate’s suitability for a role, including verification of previous employment, professional experience, workplace behaviour, and broader skillset indicators.

Every stage of the background check is completed within the platform, meaning there are no clunky forms for candidates or referees to download or manage manually.

Instead, users simply enter the requested information into a streamlined workflow and submit their responses securely online.

Candidates and referees can complete their part of the process from any device, including mobile, tablet, or desktop.