Employment Consulting & Expert Services

London | Miami

  

Employment Aviation News

Articles & News

GMR consultants are experts in their fields, providing consulting and
expert witness testimony to leading companies worldwide.

General Data Protection Regulation comes into force soon

Published: Wednesday, 16 May 2018 10:26 | Written by GMR Consulting

On 25 May 2018, the UK will implement the General Data Protection Regulation (GDPR) and there will be significant changes of which employers will need to be aware.  GDPR replaces the Data Protection Act 1998 in the UK and marks the start of a radical new data protection - with significant penalties for non-compliance.

The new regulation brings into line data protection laws across the EU and it will apply not only to EU companies, but to any company processing the personal data of individuals in the EU. This can be in regard to offering goods or services - or to monitoring the behaviour of individuals.

Under the GDPR, employers will need to provide detailed information, such as how long data will be stored for; if data will be transferred to other countries; information on the right to make a subject access request and information on the right to have personal data deleted or rectified in certain instances.

Public authorities and private companies involved in regular monitoring - or large-scale processing of sensitive data - will need to appoint a data protection officer to give advice on GDPR obligations, monitor compliance and liaise with the data protection authority.

Head of content at XpertHR, Jo Stubbs stated:

“The clock is ticking to the introduction of the new GDPR. However, businesses that haven’t yet started their compliance journey shouldn’t panic. There is still time to start the process, and employers should focus on the most important elements first. The GDPR is an opportunity for organisations to embed a cultural change. By championing privacy ‘by design and default’, HR can seize the positive aspects of the new Regulation.”

It is suggested that as HR teams are used to handling data and data requests, they can help their business to identify and help solve any existing problems and anticipate any that may arise later.  As HR teams write policies to secure workplace compliance, they can use their knowledge to draft GDPR policies.

As it will be vital that it is documented that their business has complied with the GDPR obligations, HR can use their risk management experience to assist in this.  In addition, HR teams can provide training to employees to operate effectively in a GDPR-compliant situation, ensuring that their organisation understands their obligations. 

Employers that breach the GDPR can be subjected to major penalties which include fines of up to €20 million or 4% of annual worldwide turnover, whichever is the greater. The level of the fine will depend on the sort of breach and if there are any mitigating factors to be taken into account.  

 

Our Services

Employment Services Employment Services
Human Resources Consulting
Employment Expert Witnesses

 

Search

Categories

Archives