Current Issues

Regular Industry Development Updates, Opinions and Talking Points relating to Manufacturing, the Supply Chain and Logistics.

Guidance for Employers on the General Data Protection Regulation coming into force in May

17-Jan-2018
Guidance for Employers on the General Data Protection Regulation coming into force in May
With four months to go until the new General Data Protection Regulation (GDPR) comes into force, Jo Stubbs, Head of Content at XpertHR, offers guidance on ten things employers need to know to ensure they are compliant.

The way that organisations manage personal data will change when the General Protection Regulation comes into force on 25 May 2018. This new legislation will introduce changes to how data is processed across the EU and mean employers need to rethink how personal data is collected, used and kept.

However according to research by Veritas Technology many companies are unprepared for this deadline. The research suggests almost half (47 per cent) of companies are concerned they won’t meet the requirements of the legislation and 86 per cent are concerned that the GDPR could have a major negative impact on their business if they fail to comply.

Other research with business leaders across Europe from accounting and consulting firm, RSM , found that more than a quarter (28 per cent) are completely unaware of the regulation they will have to adhere to.

GDPR means employers are likely to have to find an alternative to consent to process personal data and the regulators will be able to impose significantly higher fines than under existing provisions - up to €20 million or 4% of an organisation's annual worldwide turnover, whichever is greater.

With the deadline imminent it is crucial employers take a realistic, risk-based approach to compliance and focus on the most important and riskiest areas first. Here are ten things employers need to know about GDPR:

GDPR affects small employers too - The GDPR will apply to organisations of all sizes, but not all organisations will be treated the same. Those that are not processing large amounts of data and are not involved in high risk processing won’t be expected to commit as many resources to GDPR compliance.

Employees have the right of access to data - The Data Protection Act 1998 already gives employees the right to make a subject access request in relation to their personal data, but under the GDPR these rights will be extended.

Organisations need good reason to process personal data - The GDPR specifies the conditions under which it is ok to process data and organisations need to be sure that at least one applies. While having “consent” is one, the employer/employee relationship means it could be tricky to prove that consent has been freely given, so it is advisable to have at least one other.

The GDPR will impact on the recruitment process - The GDPR will bring new protections for potential employees and, with it, new responsibilities for recruiters. For example, employers will need to formalise the reasons why data is processed and the period for which it will be retained, and provide this information to applicants.

Individuals have the right to be forgotten - The GDPR sets down the rights of individuals to ask that their personal data be erased.

Criminal records checks - Under the GDPR, employers would be allowed to carry out criminal records checks on prospective employees only if this is specifically authorised by law, for example where a Disclosure and Barring Service check is required for a role involving work with vulnerable adults or children. However, this is an area where the GDPR allows governments to set their own rules to some extent – and, under the proposed new UK data protection law, employers will be able to carry out criminal records checks in more circumstances, so this is an area to watch for developments.

Organisations may need to appoint a data protection officer – Where an organisation is a public body, its core activities involve large-scale data processing requiring regular monitoring of individuals, or it carries out large-scale processing of sensitive personal data or data relating to criminal convictions, it will need to appoint a data protection officer.

Data transfer outside the EEA will be controlled - If an organisation transfers personal data outside the European Economic Area (EEA), it will need to ensure that adequate protection is provided.

Organisations will need to provide an “information notice” - A key requirement of the GDPR is that employees are informed about the processing of personal data and this must be formalised in an information notice (aka a “privacy” or “fair processing” notice). The information provided needs to be significantly more detailed than that provided under the Data Protection Act 1998.

Non-compliance could be very, very costly - Compliance with the GDPR is not something to be taken lightly, with fines as high as €20 million or 4% of the organisation’s global turnover – whichever is greater – for breaches.

The 2017 Veritas GDPR report calls the EU regulation “some of the most stringent data privacy regulations the world has ever seen”. With the deadline just around the corner employers can’t afford to wait any longer to prepare.

Click Here to Add Blockchain to Your Order
1 day ago
The Pressure for Perfect Processing: Get in Charge of Chargebacks
2 days ago
Successful Freight Match Takes Intelligence
2 days ago
KFC delivery woes show the value of supply chains in modern business
3 days ago
With an "analog supply chain," the resulting lack of agility will cost you
4 days ago
Are UK shoppers falling out of love with the internet?
1 week ago
How to Prevent Weather Fluctuations from Taking Your Supply Chain by Storm
1 week ago
With Pressure Rising, 3PLs Can Improve Internal Efficiency
1 week ago
Perfecting the illusion of a single, seamless retail experience with Networked Order Management
1 week ago
Efficiencies should begin at the printer
1 week ago
Battle Of The Sexes: Views Divided Between Gender Pay Gap And Career Damage From Having Children
1 week ago
The UK’s Productivity Puzzle: How Updating Technology Can Bolster Manufacturing Output
2 weeks ago
What is on-demand warehousing?
2 weeks ago
Why Change-Hungry Young Generations are the Key to Unlocking Growth
2 weeks ago
A longer view from the inside: Infor GT Nexus Commerce Network customers look beyond 2018
2 weeks ago
Cross-border Logistics: Complex but Inescapable
2 weeks ago
UK manufacturing growing, but starts to slow from price pressures
3 weeks ago
The Future of Consumption: A Question of Trust
3 weeks ago
Three New Year’s Resolutions Retailers should be making for 2018
3 weeks ago
Stronger Sterling suggests UK economy is in better shape than expected
4 weeks ago
Vehicle Shortage Continues To Worsen According To TimoCom’s Transport Barometer
4 weeks ago
Calling all business communications!
4 weeks ago
Gartner Says Self-Service Analytics and BI Users Will Produce More Analysis Than Data Scientists Will by 2019
4 weeks ago
Now Brexit may end 14-day ‘cooling off’ shopping returns
4 weeks ago
In the future, retail is all about embracing "temporary"
4 weeks ago
'Tis the Season for Post-Holiday Product Returns: Are You Prepared?
4 weeks ago
Europa Road Maps Out 2018’s Main Challenges
4 weeks ago
The Stress Factor: What the Online Rhetoric Doesn’t Tell You about Business Growth
1 month ago
Food Safety Belongs in the Supply Chain
1 month ago
Your business already uses e-business – are you using it to your benefit?
1 month ago
Four Predictions for Supply Chain Operations to Kick Off 2018
1 month ago
Supply chain visibility 2018: You can’t hit what you can’t see..
1 month ago
Analysts Support a Single Model for Sales and Operations Planning
1 month ago
Industry 4.0 – Seize the Moment (in small steps)
1 month ago
Kuebix Makes 2018 Transportation Predictions That Will Shake-Up the Supply Chain
1 month ago
Looking Ahead at CRM Trends for 2018
1 month ago
Driver Shortage The Biggest Challenge Facing The Road Transport Sector In 2018 Says Paragon Survey
1 month ago
A View on Blockchain for Business—Transformational Blockbuster for 2018, or ‘Slow Burn’?
1 month ago
The State of Food & Beverage Labeling
1 month ago
2028: What Work Will Look Like a Decade from Now
1 month ago
UK manufacturing sees continued growth
1 month ago
Logistics in 2018 will be an anxiety-inducing war of tech vs. economics, and that’s great
1 month ago
GateHouse Telecom Sees ‘Connectivity’ Dominating Satellite Communications in 2018
1 month ago
Home Depot’s rumoured XPO Logistics take-over ‘bad news for UK brands’ warns ParcelHero
1 month ago
Why inkjet is the printing technology of the future
1 month ago
Is it ALL about the last mile?
2 months ago
Open your presents early urges ParcelHero! Faulty Black Friday purchases must be returned by Christmas Eve
2 months ago
Auto Manufacturers: Be Ready for Recalls
2 months ago
Three Business Rules to Forget in the Digital Era
2 months ago