With data privacy— and specifically GDPR—seemingly taking over the headlines, it can be daunting to decide where to start. What are the real changes that will have to happen in your organisation? What do you need to do to prepare? Are there new processes or workflows that you will need to implement?
The May 2018 deadline will come quickly, so it’s time to make sure all of us have our compliance programmes in place. To help you create an implementation plan, we’ve rounded up five expert resources to help you get to grips with what GDPR means for HR and what your responsibilities are when it comes to handling employee data.
Lewis Silkin Workplace Privacy: 11 ways to prepare for GDPR
Significant changes to workplace privacy are on the horizon. The personal data you store, where you store it, where you send and how you process it, will all need to be mapped and audited to make sure you avoid penalties and fines. This article provides a balanced overview of the key considerations when it comes to workforce privacy.
XpertHR, known for providing expert guidance on HR policy and strategy, has provided an in-depth look at GDPR focusing on what exactly is changing for HR teams. They’ve also included a sample template for a GDPR compliance timeline.
The Information Commissioner’s Office (ico.), the definitive source of information on the application of GDPR to the UK, has put together a 12-step guide to help organisations to prepare for the changes GDPR will bring. Focusing on awareness, communication, and consent (among others), this checklist can help you to get started on your way to GDPR compliance. It’s worth noting the recommendation to provide employees with self-service access to HR software.
In a recent article written for HRZone by Cezanne HR, we discuss the ins and outs of data consent and why you shouldn’t be relying on it for processing essential HR data. For sure, these new requirements for the EU and UK will change the way you collect, manage and secure the information you hold about employees, but for the most part, employee consent isn’t needed – and when used should be approached with caution.
eugdpr.org GDPR FAQs
The GDPR portal is a website dedicated to all things the public will need to know as the deadline looms. This list of FAQs is perfect for a quick but thorough run-through of what GDPR means and what you can do to protect your organisation. Have a look through the whole EUGDPR.org website to read about key changes, GDPR timelines and more resources.