GDPR: 5 tasks for recruitment departments

Regulation 2016/679 of the European Parliament and EU Council, also known as the General Data Protection Regulation (GDPR), will come into effect on 25th May 2018. The goal of GDPR is to make businesses protect the personal data of their customers, employees and other people better. Today, we will focus on steps that should be taken by recruitment departments in this context.

Illustration

Companies that don't put adequate procedures in place or violate GDPR obligations can be fined four percent of their turnover, up to as much as €20 million. Recruitment departments must understand the role they play in ensuring their companies operate in accordance with the GDPR.

Theundercoverrecruiter.com highlighted the following five necessary tasks for recruiting departments.

1. Understanding the relationship of GDPR and recruitment

First of all, it's necessary to understand correctly what specifically personal data means for recruitment. This includes names, surnames, contacts, identification numbers, and other personal identity data. In relation to job applicants and employees, this includes CVs, employment history, education history, references, and details regarding rewards.

2. Types of personal data and storage

Once you have clarified what personal data you should protect, you should take practical steps. Start by auditing your current ways of collecting and storing personal data. Next, focus on who can access the data and how, and how long you store personal data. Based on the results, identify risk points. For example, you should permanently delete the personal data of unsuccessful job applicants.

3. Allocating the necessary budget and resources

Most likely, you will have to implement new systems and procedures due to GDPR, which will require a certain amount of money and other resources. Count on the fact that it will require a part of your recruitment department budget.

4. Revising contracts with third parties

If you use the services of personnel agencies and other external partners for the purposes of recruitment, you need to review the existing contracts with them, and focus on how these partners handle your personal data.

5. Training employees

Recruiters commonly work with personal data, so they should be properly trained to handle this sensitive data correctly in accordance with GDPR.

-kk-

Article source The Undercover Recruiter - popular British recruitment and career blog
Read more articles from The Undercover Recruiter