An HR and employment health and safety expert from Eastourne is urging businesses to make sure they are ready for radical changes to the data protection law coming in later this month.
General Data Protection Regulation is a landmark update applying across the EU to consolidate data laws and recognise how personal data is being used in the modern age. The regulation creates new rights for individuals who have their personal data collected and enforces greater obligations on those organisations who use data.
Clare Walker at the Peninsula Group said, “Businesses need to be carrying out practical steps now to review their data processes. The first step to prepare for GDPR is to carry out an HR data audit to understand the lifecycle of data through the business, from collection through to deletion. The audit can then be used to identify gaps where current data protection processes do not meet the new obligations. It is vital businesses can identify a lawful basis for data processing under GDPR, e.g. ‘consent’ to process will now have to be freely given, informed and unambiguous. As well as updating internal processes, internal policies may need refreshing to ensure these have the correct information and rights outlined, for example data protection policies in the employee handbook are likely to need an update. In some cases, a data protection officer may need to be appointed where large scale data processing takes place.”
For details call call 07966 112030.