Ironically, the influx of these spam emails have been the result of the new anti-spam regulations brought into force from today, 25th May.
Research from IBM has suggested that only 36% of surveyed companies will be fully compliant before today’s deadline.
For the HR, Payroll and Finance departments of any business not in this 36%, this is the day where fear hits. ‘Is our business prepared for the regulation?’, ‘Have we done enough within our department to comply?’ And ‘We still don’t understand what we have to do to comply?’. These are key questions running through the minds of employees and managers within these departments.
While there has been much scaremongering about GDPR, over the last 6 months especially, the most important thing to do is to understand what the principles are and the stage of GDPR readiness your company is currently at.
The classic journey to GDPR readiness:
1)Review HR and payroll data processes – Carry out a complete data audit of all personal data belonging to employee’s past and present; Where is it stored? Who within the organisation has access to it? What data is being stored?
2)Minimise the data you hold – Document all the data you store and the reason for storing it. Are you holding data belonging to past employees? Are you storing data you no longer need?
3) Document the data flow – Clear and detailed documentation of your data flow and process is essential for compliance with the legislation. What personal data do you hold? Do you have permission to hold the data? Who within your department should have access to it?
4) Sharing Data – If you are sharing data with 3rd parties such as global payroll providers or payroll vendors, the contractual bases under which you do so will need to be reviewed and changed to comply with the GDPR. You will need to review their GDPR position to ensure it is in line with yours.
5) Breach Reporting – Under the new legislation a data breach must be reported with 72 hours. Payroll departments need to put in place a process to recognise and report a breach within the timeframe.
6) Protecting the data, you store –Provide actions for the responsible parties to enact the data protection policy, i.e. delete / anonymise / pseudonymise the sensitive data. Failing to comply with GDPR has significant consequences in the form of large fines. Fines reaching as high as 4% of global turnover or €20 million whichever is larger.
To help your business on its way to GDPR compliance, Payslip have dedicated resources and implemented new software within their system, to help you map out your route to GDPR compliance.
1. Payslip GDPR Manager
Payslip has data protection by design. The cloud-based software has been designed with key features and functionalities to help multi-national businesses become compliant. It has been designed to de-risk human activity in payroll and systemise the entire payroll process to reduce any risk.
In addition to this, we have the Payslip GDPR Manager Tool. This tool helps you catalogue your employees’ personal data, simplify how you manage and monitor the personal data of your global workforce and gives you the tools and resources you need to help in your compliance.
Start your Payslip Free trial today by clicking the button below.