What GDPR will mean for HR in Tech companies

It is widely accepted that the incoming General Data Protection Regulation (GDPR) is the biggest change to data privacy law in the last two decades. Negotiations have taken years, but now the GDPR is set to unify the different laws of 28 EU member states with one uniform framework which is intended to provide greater harmonisation for data protection.

It has also set out three other objectives:

– to increase individual rights

– to strengthen the obligations of companies

– to increase sanctions in instances of non-compliance

This means tech companies of all shapes and sizes will have to play by the GDPR’s rules unless they want to risk fines of up to €20,000,000 or 4% of their global annual turnover. There is also the possibility that EU regulators could impose data transfer suspensions on companies – with legal and reputational implications that most organisations will be very keen to avoid.

How will GDPR affect HR?

HR departments will be facing up to the challenge of GDPR implications in a number of areas, from email and internet use to CCTV surveillance and geolocation.

When it comes to the processing of private data by HR departments, there are local rules which HR professionals should take heed of, along with the new harmonised regulations. In many cases the HR functions of corporates may welcome GDPR as a massive time saver – the uniform laws can be expected to apply to the many multinationals with a presence in more than one EU member state. For obvious reasons, this can be seen as much simpler than complying with 28 different sets of rules.

‘Unambiguous consent’

Another major GDPR feature as far as HR is concerned are the stipulations made on consent relating to private employee information being processed. It has been observed that previous laws left a lot to be desired in terms of their ambiguity, and even though in theory employees previously should be asked for their consent when their information is processed, there is a perception that they did not have a choice. Now we can expect a more explicit declaration of consent to be required by employees, more signatures and forms can be expected!

To summarise, we are heading towards a more transparent and secure future when it comes to employee information, and while this might mean legwork initially for HR, in the long run, the uniform laws which GDPR provides should make things easier. If you’re concerned about how these changes might affect your company, contact us at Mango HR.