What is the new law?
Affectionately referred to as GDPR, it an overhaul of data protection laws and introduced a lot of new requirements when processing data. Processing data includes holding data, so if you hold data in your business and on your employees, you will need to comply.
As a HR business we are focusing on this from the HR perspective but we recommend you review your entire business to ensure you comply.
1 – it is the law
2 – the fines for none compliance are huge – 20million euros or 4% of worldwide turnover
3 – keeping individual’s personal data is good practice and you want to treat other people’s data how you want to be treated
4 – you need to be able to prove your compliance
What do you need to do?
1 – audit your records – identify what you hold and why
2 – ensure this is compliant with the new law
3 – review your contracts and policies
4 – prepare an employee privacy notice for each employee telling them what you hold, why, how you process it, how long you keep it, their rights to amend / correct and erase data
5 – ensure your third-party suppliers are compliant
6 – train employees on their obligations and requirements to report breaches
7 – keep a record of breaches
8 – keep a record of when data is shared and why
If this all sound daunting don’t worry we can help! We have a GDPR package, this includes;
1 – GDPR summary explanation,
2 – HR audit form,
3 – Employee privacy notice,
4 – GDRP policy – for employees,
5 – Data retention period guidelines,
6 – Data protection breach policy,
7 – Data protection breach register,
8 – An update to your existing contract and discipline and grievance policy.
This is available for £350.
*all prices subject to VAT