GDPR is approaching. What does it mean for HR?

On 25th May 2018, Regulation 2016/679 of the European Parliament and EU Council, also known as the General Data Protection Regulation (GDPR), will come into effect.

It is a fundamental regulation that will in some way affect all organisations: if they do not put in place adequate procedures or violate their obligations under the regulation, they will face severe sanctions. Regardless of their size, organisations can be given a fine of 4% of their turnover up to as much as €20 million.

GDPR will have a particular impact on online businesses. However, it will be reflected in the legal, IT, security and HR processes of all companies that process personal data.

Illustration

Data protection is not just an IT issue

From the point of view of HR, changes will impact everything from employee selection to the end of their employment. Employee monitoring or the transfer of employee data abroad, for example, will become important issues. HR specialists should begin their training in GDPR today so that they might prepare not only themselves but primarily their organisations in good time.

Preparing HR people for the GDPR regulation was the topic of a recent article on the HR Zone website by Katherine Jones, a Mercer partner. In her view, the role of HR should not be underestimated because, from the data protection point of view, employees are a company's weakest link.

Corporate education strategy

A Mercer survey revealed that less than half of the leaders in charge of corporate security cooperate with HR on developing risk management strategies and contingency plans for employee data violations. There is, therefore, large scope for improving this cooperation.

Human resources can make a significant contribution to strengthening corporate cyber security by participating in the development of risk management strategies and related education strategies. Regular training and testing of employees at all levels in the field of security risks will become the most important corporate strategy in terms of cyber defence within the next five years.

How are you preparing for GDPR in your company?

-kk-

Article source HR Zone - British website focused on HR
Read more articles from HR Zone