GDPR Headaches? We Can Help.

Claire Vane
March 15, 2018

Are you GDPR ready and GDPR compliant, and have you plans in place to make sure you are?

At Integrated Resources we are hard at work with GDPR and supporting our clients through their preparation. Many feel they are well on track, but I have noticed some concerning gaps - there are those that think that because they don’t transfer business out of the UK, they are exempt.

The Bottom Line

GDPR, whether we like it or not, affects all of us: customers, workers, employers, suppliers, website users; the list is long.
 There are seven principles that need to be adhered to. 

GDPR affects the processing of personal data and is designed to protect individuals and their fundamental rights and freedom. Personal data is defined as information relating to any identified or identifiable living individual. 
The seven data protection principles are as follows:
 

‍NB: YOU MUST BE ABLE TO DEMONSTRATE THAT YOU ARE COMPLYING WITH THESE PRINCIPLES.  NOT ONLY MUST YOU COMPLY, BUT YOU MUST ALSO DOCUMENT WHAT YOU HAVE DONE, INCLUDING ERASURE.

Things To Consider

In the field of employment, there are four lawful conditions for processing data. The principles for GDPR around employment are echoed in relation to other stakeholder groups.

There are some important issues about consent, of which you need to be aware. You can’t have a wide blanket consent, as has been the case within current data protection legislation. The onus is very much on the employer to show that an employee has given lawful consent.

The sad fact is that energy and time, and therefore cost (hidden or overt), is going to have to be spent on GDPR, as the fines are eye-wateringly high.

The Solution?

In essence, there are 10 robust and practical steps to be taken. We will be releasing a video in the week following this, to recap on some key features that are necessary for you to be aware of, with actions that require implementation.

We have spoken to so many clients who have their external GDPR principles in place, but not their internal staff -related GDPR activities. Some employers are thinking it’s a job for HR and therefore management don’t need to take notice. Some feel that they have plenty of time to do what is necessary, but the clock is ticking. 

We will publish 10 practical steps and release a short film snapshot in our next bulletins. In the meantime, please don't hesitate to get in touch if you would like to discuss GDPR with one of our consultants or to learn how Integrated Resources can guide you through the upcoming changes.

Get free HR updates

Receive expert advice and free HR resources from our team by subscribing to our newsletter today.

Start a project today

contact us

Trusted for HR outsourcing across sectors

Show more clients