With GDPR looming around the corner, we know you might be feeling a bit anxious. It’s ok. We were there, too. Yes, really! In the face of GDPR, one thing is certain—we’re all in the same boat. With 200+ employees spread across 8 countries there were several HR policies and practices we had to evaluate to ensure full compliance come May 25th. In fact, we want to tell you all about how we personally tackled the process and what we learned.
Our latest case study turns the lens on ourselves. For some of the major principles of GDPR, we break down what the regulation required of us as an employer, what we did to comply, and the role technology had in helping us. Specifically, we talk about:
GDPR demands greater transparency across the board, especially when it comes to informing individuals of the rights they have regarding their personal data. We share how PeopleDoc diligently and clearly communicates these rights to employees and candidates.
To protect your organization from any negligence, HR should collect only the minimum data necessary for the task at hand. At PeopleDoc, this required an entire mindset shift in how we approach data collection and project planning.
3. Employee rights
Some of the biggest changes under the GDPR are the rules that govern individuals’ rights regarding their personal data. We break down how our processes comply with the new requirements and how HR is now prepared to easily respond to data-related requests.
4. Subcontractor compliance
If your organization uses any third party vendor to process your employees’ personal data, it’s important your vendor agreements also reflect the latest GDPR standards. In our case study, we describe the approach we took to data mapping and ensuring subcontractor compliance.
5. Document management
By its nature, GDPR compliance results in more documentation that needs to be managed. Find out how our HR department is able to easily manage the entire lifecycle for each new document generated.
Need more of a primer on GDPR? You may want to check out:
The California Consumer Privacy Act (CCPA), intended to protect the privacy of California residents, is having a ripple effect across the United States. Originally designed to give California consumers new rights, the definition of “consumer” in the Act is so broad that your workforce data may also be affected. If you're an employer who may be impacted by the CCPA, here are 5 actions you can consider before the new privacy law goes into effect on January 1, 2020.
What impact could a no-deal Brexit have on employee data?
Last week, Theresa May’s Brexit plan was defeated, leaving United Kingdom employers (along with the rest of the world) with a number of questions. One primary concern: maintaining compliance with the General Data Protection Regulation (GDPR) if the UK leaves the European Union before a deal is in place. While a lot remains unclear, here are three things to be aware of when preparing employee data for a no-deal Brexit.
It seems like every week there is a news blast on how data has been misunderstood, misused or abused. From Cambridge Analytica’s purposeful abuse of personal data to Strava’s unintentional reveal of military bases, 2018 has brought the consequences of personal data collection to the forefront. That said, it’s important not to forget that with proper use, personal data can have a huge, positive impact on your HR practices. Employers have used personal data to make better hiring decisions, help employees get healthy and address biases in the workplace.
Jolene Nicotina is the Content Marketing Manager for North America at PeopleDoc, Inc. She works on making sure HR professionals have all the latest information they need related to HR service delivery, HR technology, and PeopleDoc, Inc. Prior to PeopleDoc, Jolene worked in marketing communications for the healthcare technology industry.