One year on what has been the impact?
The General Data Protection Regulation (GDPR) came into effect on May 25th, 2018. These new rules had significant implications for businesses and payroll personnel. GDPR continues to be an ongoing battle for some businesses with the biggest challenges being resourcing.
So, what have we learned?
Stop duplicating your data
Most people are guilty of unnecessarily and unwittingly duplicating data. For example, saving a document to your personal work drive and forwarding via email to another team member is unnecessary data duplication. For that reason, store it in one location and only share a link to that location if absolutely necessary.
Delete unnecessary data
Don’t hold on to outdated data relating to an individual that you don’t need and shouldn’t retain? GDPR gives anyone the right to request their data from a company and you must provide the following:
(a)the purposes of the processing;
(b) the categories of personal data concerned;
(c) the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations;
(d) where possible, the estimated period of time the personal data will be stored, or, if not possible, the criteria used to determine that period;
(e) the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing;
(f) the right to lodge a complaint with a supervisory authority;
(g) where the personal data are not collected from the data subject, any available information as to their source;
(h) the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.
(source: Article 15 europa.eu)
Only collect data you need
Make sure any HR and payroll data request forms are only collecting what you need. Limit data collection to only what is necessary to process your payroll and run HR effectively.
In order to protect data when it is being transferred most businesses are now using password protected documents and encrypted email communications.
Payroll, HR, and businesses as a whole have a responsibility to ensure that they compliant with the continuously developing legislation. Along with their other obligations, payroll and HR teams must prepare for the significant industry changes that are approaching. Ensuring compliance with the many regulations and legislation can be a difficult and time consuming task for businesses. Payroll compliance can be of particular difficulty and importance due to the complex ever-changing legislation and substantial fines that can be incurred if in breach. Also, as payroll is not a core function of most businesses, payroll and HR staff experience significant pressure to ensure accuracy and compliance with the most up to date legislation. This is where Paycheck Plus can help.
To ensure payroll compliance and for expert support contact Paycheck Plus today.