Have you been in a meeting or discussion recently where someone mentions GDPR and everyone nods knowingly and then moves on? What about being bombarded with invitations to GDPR seminars or sales pitches from consultants.
By now most people should have heard of GDPR (General Data Protection Regulations), but how many will have an idea of what impact this will have on those who employ staff.
As the legislation is not due to be introduced till 25th May 2018 no one is 100% sure what the actual impact of GDPR will be. Having read various articles and studied the outline legislation it seems that there are some key steps that can be taken between now and May.
1. Don’t throw the baby out with the bathwater
Providing you are compliant with the Data Protection Act then there will not be massive change for you, more a case of fine tuning
2. Review what you currently do
Look at what data you have, where you keep it and who can access it. Equally important is to take a look at your procedures for processing your employee data.
3. Cleanse your data
Clear out anything that isn’t needed and tidy up what is. Also look at updating your procedures and even look at implementing a system to help store and manage your data more securely.
4. Document your data processing
Documentation needs to include processing purposes, data sharing and retention and needs to be kept up to date.
5. Communicate with your staff
Clearly communicate to your employees what information you record about them, how this is used, why it is required by the company and who has access to it.
Hopefully, once the legislation has been bedded in you will look back and wonder what all the fuss was about
David Cawthorne, Cedar Human Resources