GDPR for HR
Support for your business to improve GDPR compliance for HR
You can improve regulatory compliance and implement best practice HR data management
The General Data Protection Regulation (GDPR) is likely a term you’ve heard by now, and it often brings fear and dread so we’ve made it quick and easy for businesses to gain GDPR compliance for HR.
Employers have responsibilities under the regulations relating to how they collect and process personal data. Compliance is not only a legal requirement but also helps to develop trust with employees.
We offer consulting services to help you interpret the many pages of legislation that apply to your business and integrate the policies into your HR processes.
Support Options for
GDPR for HR
GDPR for HR Policy Pack & Consultancy
Provision of full Policy Pack* plus the required consultancy, including onsite visit to conduct data audit, preparation of the full set of documentation, and briefing sessions for managers.
GDPR for HR Policy Pack
Downloadable copy of the Policy Pack*, including the policies and overview documentation for communication and training.
* See our GDPR for HR FAQ for the Policy Pack contents list
Key Service Features
for GDPR for HR
Full set of GDPR policies that are tailored to your specific requirements
Overview presentation on GDPR for communicating with and training your employees
Guidance on the regulations and implementation, including updating current Employment Contracts
Consultancy to audit your current HR data practices (processes and systems) to ensure compliance
See our GDPR for HR FAQ for more details
What our clients say…
Get In Touch
GDPR for HR FAQ
The pack contains the following documents, policies and templates:
. GDPR Overview
. Guidance and advice on the regulations and implementation
. GDPR Policies
— Data Subject Access Request Procedure
— Data Breach Notification Procedure
— Record Retention and Protection Policy
. Data Audit Template
. Data Breach Register
. Data Subject Access Request Register
. Templates for communications to employees, updating current policies and employment contracts
The first step will be to undertake a data audit to make sure that you know exactly what personal data you hold about your employees, how you obtain it, how you use it, how you protect it, who it’s shared with and how long you keep it for. We can guide you through this process or we can provide you with a template that you can complete yourself.
From there, you need to establish a set of policies, which again we can do for you (as long as we have the output of your data audit) or we have templates that you can purchase and populate yourself.
You then need to communicate with your employees, send them the relevant policies and train them so that they understand their obligations under GDPR. We have training slides that we can come and deliver for you.
Then, there’s the real work! You’ll need to clean-up the data that you hold to ensure that you are complying with your own policies. This probably won’t need to be all in one go; that will depend on the policies that you have in place for data retention.
Transparency is a key requirement of GDPR so you need to be entirely open with your employees about the data that you hold on them, how you obtain it, how you use it, how you protect it, who has access to it and how long you keep it for. You also need to inform them of their various rights under GDPR legislation.
By sharing the relevant policies with them you should achieve this.
Absolutely not and in fact, you can’t.
There is some information that you hold on current and ex-employees that you’re legally obliged to keep for a certain length of time so don’t be too eager to delete what you have.
When you complete your data audit, you’ll also start to set out the approach that you want to take to data. You’ll clarify what the legal requirements are in relation to data retention and then you can delete the data that you no longer have any legitimate reason to retain.