Will GDPR apply to employees and the way that they work? The quick answer is that yes, it does. Companies cannot only think about adhering with the General Data Protection Regulation (GDPR) with regard to clients, it applies just as much to the people who are employed by the business.
It is vital that companies ensure that they are complying with all of the legislation when it comes to protecting the personal data of staff – and allowing employees to access this data. If GDPR compliance is not achieved then they (the companies) could be hit with a series of sanctions, including fines.
The Consequence of GDPR for HR
It is important that Human Resources (HR) employees are clear on the implications of GDPR. For example, it is no longer enough to include a paragraph in an employment contract, regarding the mining of personal data, and regard the signing of the contract as the given permission. GDPR states that the giving of permission must involve an informed action by a person.
There is nothing to prevent businesses from using other legal requirements as a reason for processing personal data, as opposed to consent. However, they have to be mindful of the fact that they only process data that directly relates to this requirement.
Companies should also remember that employees will have access to the personal data that is being processed, and should be aware of what the data is being used whenever it is downloaded. This means that businesses will need to review the personal data they store, ascertain that it is being held legally, ensure that it is up to date, ensure that any necessary consent is present and ensure that data is kept safely, and can be easily supplied to an individual, when required. All of this work will need to becompleted so a business to comply with the GDPR legislation.