With just six months to go until the General Data Protection Regulation (GDPR) takes force, payroll departments need to ensure they know what’s coming, or risk paying for it later. The stakes are high, as businesses that fail to comply with GDPR could face fines of up to 4% of their total annual revenue.
In this blog post, we’ll explore what exactly the regulation entails and why it is important to payroll departments.
GDPR is a new legislation that affects how businesses deal with data protection. Replacing the 1998 Data Protection Act, the regulation will take effect from 25th May next year. Following this date, individuals will have a higher level of control over how their data is handled, and businesses will face stricter penalties for data misuse. For example, if businesses do not report a breach to the relevant authorities, and any potentially affected customers, within 72 hours of the incident they will face a penalty.
GDPR is not exclusive to organisations in the European Union (EU): it will also affect any business that holds the personal data of EU individuals, wherever they are based in the world.
What does it mean for payroll departments?
Payroll departments hold a lot of data, including sensitive financial information. Therefore, they are certainly not exempt from preparing for GDPR compliance. With GDPR, employees have extensive rights on the personal data that payroll departments hold, for example, right of access and right of erasure (right to be forgotten).
The GDPR legislation states that organisations need to keep a record of all activities surrounding data processing activities, including what personal data they process, who is responsible for it and how it is processed, or risk non-compliance.
In addition, with GDPR in play, payroll teams will need to become explicit on data retention. According to existing privacy laws, businesses can only retain personal data for a period that is necessary for processing purposes: GDPR builds on this. For example, non-compliance will meet stricter consequences, and the right to erasure is introduced.
Businesses (including payroll departments) are responsible for ensuring their own data is in check – and protected. Third-party relationships also need to be considered: GDPR makes you liable as a data controller if you cannot sufficiently state that all third parties are compliant.
A Note on Security
Although GDPR does not enforce specific measures in terms of security, it does introduce more risk management principles in terms of privacy. Therefore, payroll teams will need to assess their risks and adopt the relevant approach in response.
It’s crucial to note that organisations need to build privacy and security not just into their payroll departments, but across their entire workforces, and set an example from a top level in terms of ensure total data compliance and ongoing data protection, in line with GDPR.
By doing so, organisations can ensure all departments are GDPR ready, preventing a harsh blow to revenue in the form of large fines, or damage to their business reputation.
SD Worx aims to give guidance and provide news on this historic legislation from an HR and Payroll stand point which will impact businesses across the globe. For more information please visit our GDPR Page or, please email WeAreGlobal@sdworx.com.
The HR and payroll industry is in constant change, with digitalisation, GDPR, and the gig economy effecting the HR and payroll department in organisations around the world. So, how can you ensure that both your HR department and employees are able to keep up with the pace of change? It’s time to unleash the flexibility of your HR.
26 April 2018
Payroll is a vital part of any organisation, whether it’s a local business or a multinational corporation. A simple payroll error can cause a large amount of damage, so getting it right is essential.
30 March 2018
With more and more employees relying on technology and flexible working than ever before, the world is becoming increasingly connected and globalised. However, with this new reliance on global working, what do HR and payroll teams need to consider when implementing payroll for multinational companies?
7 March 2018
The end of the payroll year is typically a very stressful time for payroll teams. With an extensive amount of tasks to be completed within tight deadlines, any mistakes can be costly.
However, the end of year process can be drastically simplified by engaging with tailored payroll software. This technology can be utilised to assist payroll professionals throughout the year, but how can it help payroll teams in April each year?
27 February 2018
12 January 2018
13 November 2017
8 November 2017
19 October 2017
10 October 2017
4 September 2017
6 August 2017
24 January 2017
30 October 2016