GDPR Compliance: Here’s How We Did It
Jolene Nicotina

By: Jolene Nicotina on December 8th, 2017

Print/Save as PDF

GDPR Compliance: Here’s How We Did It

Compliance and Security

Est. Read Time: 3 min.

With GDPR looming around the corner, we know you might be feeling a bit anxious. It’s ok. We were there, too. Yes, really! In the face of GDPR, one thing is certain—we’re all in the same boat. With 200+ employees spread across 8 countries there were several HR policies and practices we had to evaluate to ensure full compliance come May 25th. In fact, we want to tell you all about how we personally tackled the process and what we learned.

Our latest case study
turns the lens on ourselves. For some of the major principles of GDPR, we break down what the regulation required of us as an employer, what we did to comply, and the role technology had in helping us. Specifically, we talk about:

1. Transparency

GDPR demands greater transparency across the board, especially when it comes to informing individuals of the rights they have regarding their personal data. We share how PeopleDoc diligently and clearly communicates these rights to employees and candidates.

2. Minimization

To protect your organization from any negligence, HR should collect only the minimum data necessary for the task at hand. At PeopleDoc, this required an entire mindset shift in how we approach data collection and project planning.

3. Employee rights

Some of the biggest changes under the GDPR are the rules that govern individuals’ rights regarding their personal data. We break down how our processes comply with the new requirements and how HR is now prepared to easily respond to data-related requests.

4. Subcontractor compliance 

If your organization uses any third party vendor to process your employees’ personal data, it’s important your vendor agreements also reflect the latest GDPR standards. In our case study, we describe the approach we took to data mapping and ensuring subcontractor compliance.

5. Document management

By its nature, GDPR compliance results in more documentation that needs to be managed. Find out how our HR department is able to easily manage the entire lifecycle for each new document generated.

Need more of a primer on GDPR? You may want to check out:

Download the case study
Download the case study

About Jolene Nicotina

Jolene Nicotina is the Content Marketing Manager for North America at PeopleDoc, Inc. She works on making sure HR professionals have all the latest information they need related to HR service delivery, HR technology, and PeopleDoc, Inc. Prior to PeopleDoc, Jolene worked in marketing communications for the healthcare technology industry.