GDPR Webinar Roundup: Implementing an appropriate retention of employees’ data
On Wednesday 25th January, SD Worx and DLA Piper hosted the second webinar in our General Data Protection Regulation (GDPR) series focused on implementing an appropriate retention of employees’ data.
On 25th May this year, GDPR takes force and will impact any business that handles the data of EU individuals—regardless the location of the company. With the deadline rapidly approaching, it’s essential that HR and payroll professionals understand exactly how the regulation will impact data rights—and how to prepare before it’s too late.
For the first webinar on 30th November, we explored ‘Dealing with the data rights of your employees’. In the January installment, Gert Beeckmans, Chief Risk & Security Officer at SD Worx, and Laurent De Surgeloose, Lead Lawyer at global law firm DLA Piper, focused on how GDPR will impact data retention in terms of policy changes, including:
- Key changes to the employee retention policy
- Advice on how to develop a GDPR-compliant retention policy
- Staff retention challenges for employers
- Best practice examples of staff data retention
Why should you care about data retention?
In this webinar, Gert and Laurent stress that:
- Storage limitation principle is simple, employers should not retain personal data for longer than the processing period of this data. Not easy to apply in practice, but simple in concept.
- GDPR will make the storage limitation principle stricter in application by adding requirements to abide by.
- GDPR required explicit and transparent retention time constraints, and demands that any processing of data should not be excessive in relation to purpose: the period of processing personal data must be limited to strict minimum.
- If you’re not clear on data retention, you’re at risk of sanction in the case of a data breach.
Summary
This webinar addressed in detail the scope and implementation of HR record retention. Gert and Laurent shared their view on the most effective way to comply with this aspect of GDPR, and offered advice on how to use GDPR to help your customers and deal with the processes required for different areas of complexity.
Next month, we’ll go into more detail around the data register and what you need to do to become GDPR compliant. Don’t forget to join the conversation on Twitter by using #GDPRcountdown.
For more information please visit our GDPR page or, please email WeAreGlobal@sdworx.com.