The new General Data Protection Regulation also known as GDPR will be active since May of this year (2018) at an European level. From that date, all personal data of EU employees must comply with this regulation. This regulation not only affects companies in Spain or Europe but also companies that have employees or customers in Europe and store any type of personal data. If your company is affected, there are some measures that you must do before the new regulation comes into force.
What happens if your company is not GDPR compliant
The GDPR regulation contemplates significant fines for companies that fail to comply. Companies may face fines of up to 20 million euros or 4% of their annual billing for the previous year. Fines may be accompanied by any corrective measure deemed appropriate (such as warnings or reprimands).
What measures must a company fulfill in terms of employee data?
In one way or another, your company is storing employee’s data, name, phone number, address, payroll, leave … Sensitive information that must also comply with the new data protection regulations and is not exempt from sanctions. Now more than ever, it is essential to use a human resources program that complies with the GDPR.
Tips to comply with the GDPR in your HR department
- Store only correct data: The new regulation requires companies to store only correct and updated data and to correct them if they are not correct. Using Factorial you can give remote access to each employee so that they can log in to a 100% secure portal and keep their information updated at all times. The difference with a traditional system is that the person in charge of human resources is not the person who must investigate and update the personal information of the whole team, but the employee can do it himself. Factorial works as a tool to empower the employee to their information ensuring the privacy and security of data throughout the company.
- Communicate clearly: It is important that you create an internal communication plan so that all employees know how to access their information and what to do in case there is a change. Part of the new regulation obliges companies to clearly communicate how, where and for how long a worker’s personal information will be stored. The best way to communicate the entry into force of the new GDPR is through the Factorial communication function. You still have time!
- Manage the employees requests: Workers have the right to see all the information that the company stores about them and request a copy. The most efficient, transparent and fast way is that the employee does not have to formally request this information but has access to it in a secure environment. The employee portal of Factorial is easy and safe.
- Create a culture of privacy: In part, this new regulation seeks to make users feel more protected against companies and that they can make use of their personal information at any time. Creating a culture of data privacy is essential in a company. Those responsible for human resources must understand the risk and responsibility involved in managing information of workers. An email to the wrong recipient can generate great chaos in the company even result in a significant fine. Using a HR program adapted to the new regulations is the best way to avoid situations like this.
Use only a HR program that complies with the GDPR: It is obvious that when dealing with personal data, the HR program you use must comply with the GDPR. Today, not all programs comply with the regulations, so if you are currently using one, you should contact your provider and see if they really comply with the GDPR, in case something happens with the data , it will be your responsibility.
Factorial is the only human resources program that will comply with the GDPR on time. Start using it now!