Editorial & Advertiser Disclosure Global Banking And Finance Review is an independent publisher which offers News, information, Analysis, Opinion, Press Releases, Reviews, Research reports covering various economies, industries, products, services and companies. The content available on globalbankingandfinance.com is sourced by a mixture of different methods which is not limited to content produced and supplied by various staff writers, journalists, freelancers, individuals, organizations, companies, PR agencies etc. The information available on this website is purely for educational and informational purposes only. We cannot guarantee the accuracy or applicability of any of the information provided at globalbankingandfinance.com with respect to your individual or personal circumstances. Please seek professional advice from a qualified professional before making any financial decisions. Globalbankingandfinance.com also links to various third party websites and we cannot guarantee the accuracy or applicability of the information provided by third party websites.
Links from various articles on our site to third party websites are a mixture of non-sponsored links and sponsored links. Only a very small fraction of the links which point to external websites are affiliate links. Some of the links which you may click on our website may link to various products and services from our partners who may compensate us if you buy a service or product or fill a form or install an app. This will not incur additional cost to you. For avoidance of any doubts and to make it easier, you may consider any links to external websites as sponsored links. Please note that some of the services or products which we talk about carry a high level of risk and may not be suitable for everyone. These may be complex services or products and we request the readers to consider this purely from an educational standpoint. The information provided on this website is general in nature. Global Banking & Finance Review expressly disclaims any liability without any limitation which may arise directly or indirectly from the use of such information.

Missed the GDPR deadline? – don’t panic!

HR and Payroll specialist MHR is reassuring organisations not to panic if they failed to meet last Friday’s deadline to be fully compliant with new General Data Protection Regulations (GDPR).

GDPR is the biggest change to data protection since the Data Protection Act 1998, providing people with greater control and choice over the personal data companies hold on them while imposing new greater obligations on organisations to be more transparent about the data they store and manage, with heavy fines in place for serious violations.

Despite months of scaremongering in the news and weeks of “privacy” emails flooding our inboxes, it is anticipated that most organisations will have failed to hit the GDPR deadline.

Lesley Holmes, Data Protection Officer at leading HR and Payroll specialist MHR advises businesses not to panic. She says: “If you failed to meet the GDPR deadline it is not too late to start your compliance journey.

“From an employer point of view the biggest priority is to tell individuals what you’re doing with their personal data and get your privacy notice done as soon as possible.

“As a first point of call you must identify what data you hold, why you collect it, what you do with it, the legal basis for doing so, how long you keep it for and who you share it with. By identifying the what, where, when, why and how, you can take your first steps towards compliance.

“If you can demonstrate high standards of data management, then you are well placed to improve your operations and build customer confidence and loyalty, not to mention the peace of mind that comes from knowing that you’re minimising the risk of a potential breach and the damage this can cause to your business.”

Top Tips for HR and business leaders to get GDPR compliant

  1. Tell your employees what you are going to do with their data.
  2. Provide proper, regular GDPR training for all employees. All departments must be armed with knowledge if they are to successfully navigate the road ahead – and avoid those eye-watering fines.
  3. Know the extent of the personal data your company processes and how it is used. A data audit will provide a clear picture of where you stand and what you need to do in order to achieve compliance.

Revise, rewrite, update

  1. Review your current business data processes. Consent clauses, where used, need to be looked at and possibly rewritten, with consent being re-obtained if you can’t use the soft opt-in. Contracts with third parties need to go through the same process, and systems need to be in place to cover the range of new employee rights.
  2. Update and simplify your privacy policy to bring it in line with the GDPR’s expectations.

Act now

  1. Review and update your data processing system, checking for gaps in compliance.