GDPR & What It Means For HRLocker Users
The new General Data Protection Regulation (GDPR) is the most significant change to the European Union (EU) privacy law in two decades.
This is set to replace the Data Protection Directive (DPD) that came into force in 1995 when web technology was in its infancy, before the arrival of cloud services and proliferation of mobile devices.
In the UK the 1998 Data Protection Act (DPA) is in similar need of replacement as technology has evolved.
Many aspects of the DPD (and DPA) are now obsolete so new legislation is being passed to protect EU citizens and their data from being exploited.
GDPR requires organizations to respect and protect personal data – no matter where it is sent, processed, or stored.
It imposes new rules on companies, non-profits, government agencies, and other organizations that offer goods and services to people in the EU.
This is set to be an important step forward for individual privacy rights by giving EU residents greater control over their personal data and removing ambiguity about the definition of personal data.
How GDPR will impact an organization is less certain as each industry will face its own unique challenges with regards to data protection.
Another of the complexities of GDPR is that the regulation will vary across EU member states because each is an autonomous entity with its own laws and legislation.
The costs of non-compliance are set to prove significant in terms of reputation damage and financial penalties that could be as much as 4% of annual turnover or €20m.
While there is currently uncertainty surrounding some of the detail and the implications of GDPR, this much we do know:
GDPR was first adopted in May 2016 with a 2 year transition period to give organizations time to bring themselves into compliance.
This applies to all organizations handling the data of EU citizens and GDPR regulation will apply from 25 May 2018.
Given the ramifications of this directive, organizations are urged to begin reviewing their privacy and data management practices now.
Controlling who has access to personal data has always been crucial and now even more of a priority in the context of GDPR compliance.
HRLocker controls include granting users access permissions making it easy to control who has access to information.
HRLocker prevents unauthorized access by controlling the permissions and also the ease of revoking privileges.
Using HRLocker is a significant step towards being GDPR compliant. Each organization is responsible for managing its own data, but more will depend on the capability of organizations to manage their own information and which systems they use to do this.