HR can play an important part in ensuring compliance with the GDPR, helping to avoid thousands of pounds in fines for data breaches. Agata Nowakowska reminds employers of the day-to-day changes that need to be made, if they have not already done so.
Since the General Data Protection Regulation (GDPR) was introduced on 25 May there has been a sharp increase in complaints to regulators. According to law firm EMW, the Information Commissioner’s Office received 6,281 breach notifications between 25 May and 3 July – an increase of 160% on those received in the same period in 2017.
For organisations that are not yet compliant, a GDPR fine is a significant risk. Unfortunately for HR departments, many of the changes that need to be made fall on their shoulders.
One of the biggest challenges for HR professionals, especially those who deal with job applicant data, is assuring an organisation has clear consent from the data subject. Consent must be an active and affirmative action by the individual, not a passive or tacit acceptance. Consent can be removed by the individual as they see fit, further complicating matters.