Ten things you need to know as an employer about new General Data Protection Regulation (GDPR)

4 May 2016

Employers process personal data of their staff on a large scale.

"Personal data” is an umbrella term for any information by which one can identify a person, directly or indirectly, such as the name, the address, the national registry number, the salary data, the online profile, or the log-in details.

The concept of “processing” is defined so broadly that almost any operation performed on personal data is considered as processing, such as collection, recording, storage, adaptation, alteration, consultation, use, disclosure by transmission, dissemination, or erasure. However, one condition is that the processing is at least partially carried out by automated means or, if not, that the personal data are intended to be contained in a filing system.

Employers often do not realise how many processing operations are carried out within their company. Some examples:

  • the payroll and personnel administration;
  • a database with personal data of individual applicants or employees;  
  • specific HR software to follow up evaluations or training programmes; 
  • the publication of a photo book of staff members on the intranet;
  • uploading or transmitting data by e-mail to the social secretariat, the group insurer; 
  • presence registration using a badge, through the fingerprint, the iris;
  • monitoring employees’ use of e-mail and the internet, as well as their use of social media;
  • camera surveillance at work;
  • the storage of data relating to telephony and video files;
  • tracking the movements of employees using track and trace systems;
  • etc.

 Today, 4 May 2016, the long-awaited General Data Protection Regulation has been published.
 
This Regulation will mark the beginning of a new era with respect to the protection of everyone’s personal data within the European Union.
  
Almost every employer will be impacted by the new rules and will have to adjust the way personal data of staff members are processed. 
 
Below, we summarise 10 things you should know as an employer about these new European rules.
 
We hope you enjoy the read.

Click here to read the newsletter in pdf