HR Data Protection: 4 Key Things Employers Need to Know
Cloud based software applications have transformed the HR process from a paper based, laborious manual process to a dynamic, highly automated, technologically empowered web based process.
HR teams are now managing more and more personal data, and storing it and sharing across networks and the internet on an unprecedented scale. Of course, all this is happening at a time when cyber-crime is on the rise and organized gangs have turning stealing personal data into a global industry.
This means that HR professionals have a duty of care to look after personal data in a way which keeps it safe from theft and misuse. But, there is nothing to be alarmed about, HR professionals should simply comply with data protection requirements under the Data Protection Act. And to help with this, below we have set out 4 key things that HR professionals need to know about Data Protection.
- You can’t just store any personal data about employees. You need to ensure that the data that you hold about employees is, ‘adequate, relevant and not excessive in relation to the purpose that you are storing it for‘. For example, if you paid your staff in cash, you would not have a legitimate requirement to store bank details and should not store them.
- You are also required by law to take steps to ensure the data is protected from, ‘theft and/or unlawful use and accidental loss and destruction‘. Talk to your technical team or HR software vendor and make sure there are industry standard security and backup systems protecting all your data.
- You can send personal data to other offices in the UK or EU, but you can only send personal data to offices in countries outside of the EU if you can be sure the country has an adequate level of protection, meaning they have signed up to the ‘Safe Harbour Scheme’ or have a Commission ‘positive finding of adequacy’. So, if you have workers in countries outside the EU or you plan to use cloud based HR software with servers based outside the EU you need to consider this third point closely.
- An employee can request to see personal information that you are holding about them and for you to provide them with a copy of that information. This is known as a subject access request and you are required to respond within 40 days of receiving the request. Our tip is to try and choose a HR system which has ‘self service’ enabled so the employee can view their personal data when they wish. This should reduce or eliminate the need for Subject Access Requests.
For more information on this subject, visit the Information Commissioners Office
Stay ahead with HR
Get free HR insights, expert tips and exclusive interviews, and start making more impact at work
HR Software Optimised for Beaches or Sofas
What would you do with the unrestricted freedom to work from anywhere? Would you stay in the office, work from your sofa or kick back and work from the comfort of sandy paradise? This 1min video is all about HR software optimised for beaches and sofas. Enjoy!
Will Your HR Software Survive the Mobile Revolution
Why HR Super Heroes Need ‘Responsive Design’
Embark on your most ambitious HR journey to date
This short video takes you through the different ways people helps you work smarter, challenge your abilities and get yourself noticed – all using one simple, stunning cloud-based platform.
What is the Bradford Factor?
Ever wondered how the Bradford Factor formula calculates your employees' absence scores? Check out this graphic to have the Bradford Factor calculation explained to you clearly.
So… Who Exactly ARE You?!
If you like the sound of People, but you’re not familiar with the name… then it’s only natural that you’ll have questions.
6 Reasons People’s HR System Delivers Something Different
So many HR systems claim to be different. But when you actually look at what they offer, it’s easy to see that they’re all selling the same old thing...
See People HR in action
View our short video demo
Get started absolutely free
No credit card required