Customers can now set policies within their Cezanne HR system to automatically delete or anonymise selected HR data in line with their own requirements, dramatically reducing HR admin overheads and helping ensure GDPR compliance.

London, 13 May 2019 – HR teams face a huge administrative challenge in managing employee data in line with current regulations – not least when it comes to the requirement to keep data in a form which permits identification of data subjects (in this case, employees) for no longer than is necessary.

“Over an employee’s lifecycle, employers collect and store hundreds if not thousands of pieces of data relating to individual employees; they just wouldn’t be able to operate smoothly otherwise.” explains John Hixon, R&D Director of Cezanne HR.

“However, when an employee leaves, they can’t just delete all that information. Some needs to be retained to enable compliance with other legislation, such as health and safety; some the company may want to hold on to on the basis of legitimate purposes, for example to enable them to track historic headcount.”

Cezanne HR’s new Data Retention Policy feature, automatically provided free of charge with the core Cezanne HR software, allows HR teams to automate data (and document) deletion and anonymisation in a way that is unique to their business, and also takes into account different requirements across different operating units and locations.

“Our global focus means we are very aware that even within the EU, legislative requirements differ hugely from one country to the next. Our aim is to give HR teams a tool that puts them in control, allows them to set up and maintain multiple policies for different parts of their organisation, and saves them huge amounts of time and unnecessary anxiety.”

The new feature also includes inbuilt notifications and a data log, allowing HR teams to demonstrate, if required, compliance with the principles of the legislation. It is just one of a number of features that Cezanne HR provides to assist its customers with GDPR compliance.

Detailed information about this and other enhancements available in the company’s May 2019 product release is available to customers through the support portal.

HR & GDPR: key information

As gatekeepers and processors of employee data, HR leaders and teams have the biggest role to play in ensuring the safe, secure and compliant processing of personal data. The data protection principles in the GDPR set out the key responsibilities for organisations. Article 5 of the GDPR requires that personal data shall be:

  • Processed lawfully, fairly and in a transparent manner in relation to individuals;
  • Collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes;
  • Adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
  • Accurate and, where necessary, kept up to date
  • Kept in a form which permits identification of data subjects for no longer than is necessary; and
  • Processed using appropriate technical or organisational measures in a manner that ensures appropriate security of the personal data.

For more information visit the website of the Information Commissioner’s Office (ICO)