HR and the GDPR: keeping your HR technology compliant
What you need to know
If you are unfamiliar with the GDPR, it’s time to get acquainted! The GDPR, or General Data Protection Regulation, increases the rights of individuals to decide what you do with their data. These rights will be granted to any European citizen, so businesses that acquire any of their information will have to adhere to certain rules and regulations put forth by the GDPR.
Your HR software and tools used to process this sensitive information have to comply, as well. This includes anything used to compile or analyze personal data. For example, your ATS tracks and organizes applicant and potential candidate information like resumes/CVs. With this abundance of useful information for HR, the GDPR puts forth that you and your data processors must be transparent, secure, and accountable. Are you prepared?
Six rights granted by the GDPR (and how this impacts your HR tools)
1. Right of access by the data subject
What this means: Individuals can request to be informed of what you’re going to do with their data or even request a record of their personal data you collect. For instance, if you are using an assessment tool, like HackerRank, during the hiring process, the candidates in the EU you are assessing will be able to ask where their data is headed or ask for a record of what you do with it.
GET HRMS RESEARCH & KNOWLEDGE RIGHT TO YOUR INBOX
Covering the key issues faced by businesses selecting, implementing and managing HRMS
What to do: Make sure that any HR tech you use clearly states how data privacy is handled. If there is a request for information, you should be able to gather that info quickly and easily, as well as explain to them how it has been handled. The data processing should be responsible and secure.
2. Right to rectification
What this means: Candidates can request you to correct or update their data in your database.
What to do: Ensure that your database is private and updated frequently. For instance, human error can lead to incorrect information being entered into your payroll and benefits system. In this case, employees can request for it to be corrected, and you should be prepared/able to do so on short notice.
3. Right to erasure (“right to be forgotten”)
What this means: Individuals can request you to delete their data from your database.
4. Right to restriction of processing
What this means: Individuals can request you to suspend their data from being processed in your database.
What to do: If you have talent pools with potential candidate information, make sure that you have someone on the team updating the information periodically, or at least give them the ability to do so. This way, candidates are able to pause their candidacy for a period of time without opting out completely.
5. Right to data portability
What this means: Individuals can request you to export all their data from your database.
What to do: For example, you may use a feedback tool like Impraise. It should keep track of all the recorded feedback in order for it to be exported when requested.
6. Right to object
What this means: Individuals can request you to stop processing their data indefinitely.
What to do: Make sure that all of the HR tools you use have a feature that allows you to block certain individuals from being processed through their system. You don’t want to slip up here, or you may be hit with fines.
Where to start
Review your tools and adjust accordingly.
Bookmark it, and refer to it often.
Make sure your whole hiring team is on the same page and understands the new regulations.
Most importantly, don’t let the GDPR scare you! Your HR processes will be just fine as long as you are prepared. You may also consider using the GDPR to your advantage by touting data security that is compliant with the new rules on your careers site! This way, potential candidates will see that you care about their information and get insight into your values as an employer. Prepare, reference, and adhere to the GDPR regulations, and you will be in the clear.
Four types of HRMS consultant and what they can do for you
Understanding the type of HRMS consultant you need is essential to ensure a good ROI on their ser...
When should SMEs invest in HRMS?
When does upgrading from paper spreadsheets pay off for small businesses?
Three HRMS resolutions for your company to adopt this year
It’s never a bad time to update your HRMS best practices...