GDPR? Eh, what’s that?

Have you been in a meeting or discussion recently where someone mentions GDPR and everyone nods knowingly and then moves on? What about being bombarded with invitations to GDPR seminars or sales pitches from consultants.

By now most people should have heard of GDPR (General Data Protection Regulations), but how many will have an idea of what impact this will have on those who employ staff.

As the legislation is not due to be introduced till 25th May 2018 no one is 100% sure what the actual impact of GDPR will be. Having read various articles and studied the outline legislation it seems that there are some key steps that can be taken between now and May.

1. Don’t throw the baby out with the bathwater

Providing you are compliant with the Data Protection Act then there will not be massive change for you, more a case of fine tuning

2. Review what you currently do

Look at what data you have, where you keep it and who can access it. Equally important is to take a look at your procedures for processing your employee data.

3. Cleanse your data

Clear out anything that isn’t needed and tidy up what is. Also look at updating your procedures and even look at implementing a system to help store and manage your data more securely.

4. Document your data processing

Documentation needs to include processing purposes, data sharing and retention and needs to be kept up to date.

5. Communicate with your staff

Clearly communicate to your employees what information you record about them, how this is used, why it is required by the company and who has access to it.

Hopefully, once the legislation has been bedded in you will look back and wonder what all the fuss was about

David Cawthorne, Cedar Human Resources

If you need advice please e-mail David at
Tagged with: , ,
Posted in Human Resources Blog