
"Nobody has all the answers" and more real talk about GDPR
Est. Read Time: 3 min.
With the upcoming General Data Protection Regulation (GDPR) going into effect in late May, I was curious to learn from the experts at the International Privacy + Security Forum in Washington D.C. As expected, there was a lot of talk about the GDPR and three themes were common throughout the conference:
No one has all the answers
The most common theme was that while the GDPR is very detailed, there are some open questions that won’t be resolved before May 25.
In order for HR to prepare for the sections of the GDPR that are less clear, the experts recommended clearly documenting each decision relating to personal data (and the Article it relates to) as you come into compliance. In addition, they suggested incorporating ongoing employee data management procedures to ensure that documentation is regularly updated. This way, if a question comes up from regulators later on, you will be able to explain the rationale behind data decisions over time.
The GDPR is spreading
Parts of the regulation are being adopted by nations throughout the world. That said, even if a non-EU country incorporates the entire GDPR into their data protection policies, employers shouldn’t rely on a blanket application of the regulation to become internationally compliant as legal and cultural interpretations will vary.
While there is no perfect strategy, some employers are applying the GDPR as a baseline employee data management standard and adopting other national policies in certain locations as necessary. This allows businesses to efficiently process HR data, while allowing the flexibility to incorporate key national regulations. When deciding whether to incorporate separate national policies into employee data management practices look at the risk of non-compliance, the sensitivity of the data and the number of employees based in each location.
House your data in one place
One big surprise for legal experts? Not even the best IT teams know where all their company’s data is housed. An often-told story was discovering unexpected data sets with privacy ramifications. The only way employers were able to get an accurate picture was to meet with individuals and teams across the entire organization.
What can an employer do in the long term to better manage employee data? Centralize and maintain everything in one place. Keeping your data in one place will improve your team’s ability to comply with record retention regulations and make it much easier to secure personal data. In cases where centralization isn't possible, ensure that exceptions are clearly documented and readily available.
The privacy experts all expect the GDPR will continue to be a hot topic for international businesses in the next year. Make sure you're ready by understanding the implications for HR.
If you’re struggling to manage your HR data, PeopleDoc has a great document management solution for all your HR records:
You May Also Be Interested In:
Data Protection While Working from Home: Tips for a Remote Work Policy
If your office-based employees recently transitioned to working from home, now may be the perfect time to take a second look at the security tips included in your remote work policy. Not sure where to start? Sharing these best practices with your employees can help to make sure everyone is following the same standards, no matter where they work. Consider adding the three suggestions below to your policy (be sure to talk it over with your security team, first).
3 ways HR can increase employee data privacy awareness
Last week, organizations around the world celebrated Data Privacy Day, an annual event with the goal of increasing data protection awareness. But, what can HR do to increase awareness after Data Privacy Day is over? After all, protecting personal employee data isn’t just a one-day project. Here are three things HR teams can do now to put privacy first every day:
Why HR should care about accessible technology
In honor of Global Accessibility Awareness Day we’re explaining what accessibility means and why businesses and their HR leaders should pay attention to it. As the world becomes increasingly digital, you’ll surely encounter the need to evaluate new workplace software or tools. For HR especially, considering whether new technology is accessible can make a world of difference for the employee experience. Here’s a brief overview of what you need to know about accessibility:
About Robin Sendrow
Robin is the HR Compliance Assist Manager at PeopleDoc. She joined the team to help customers remain in compliance globally and easily navigate foreign rules and regulations through HR Compliance Assist. Previously, Robin managed client HR communications and provided outsourced HR support. She has a Masters in Psychological Counseling from Teachers College, Columbia University.