GDPR Webinar Summary: Dealing with the data rights of your employees

11 December 2017 - Reading time: 3 Minutes


GDPR takes affect from 25th May next year, and will impact any organisation holding the personal data of EU individual – regardless of location. With the deadline creeping up, it’s vital that HR and payroll managers understand how data rights will change under GDPR, and how to prepare.
In the webinar, Gert Beeckmans, Chief Risk & Security Officer at SD Worx, and Laurent De Surgeloose, Lead Lawyer at global law firm DLA Piper, helped to answer the following questions:

What are the data rights of your employees?
GDPR is an attempt to put back control in the hands of the individual, allowing us to exert control over and place limits on the collection, use and disclosure of our personal data. As an employer, you are required to process this data compliantly for HR purposes.

Employees have extensive rights on the personal data that you hold, including right of access, right of correction and right of erasure (amongst several others).
Non-compliant businesses risk fines of up to 4% of total annual revenue, not to mention damaged reputation – that’s a significant price to pay for a lack of preparation. However, by becoming educated about the necessary industry changes, HR departments are far more likely to be ready for the impending deadline.

What are the most important changes with GDPR for HR?
As discussed in this webinar, key changes include:
Increased transparency
GDPR places more emphasis on transparent information, thus, HR and payroll professionals need to make sure they can explain the rights in plain language to workers.
Expanded right of access
Additional information to be provided includes:

  • Period for which the data will be stored
  • Source of data if data was not collected from the data subject
  • Information about the existence of the rights to erasure, to rectification, to restriction of processing and to object to processing
  • Information about the existence of the right to complain to the DPA

The right to restrict the processing of personal data
This refers to the request to stop all or specific processing operations (consult, transfer, update, delete, etc.) on personal data.

Gert and Laurent then discussed actions you can take as a HR manager, including how to explain the rights to your workers in plain language; how to enforce obligations of workers; and how to prepare yourself to demonstrate compliance. Alongside this, HR use cases were explored based on request for erasure after dismissal; request for access or correction with bad performance evaluation; and employee objects to processing.

More information about the presenters:

Gert Beeckmans, Chief Risk & Security Officer at SD Worx
Gert has led the Risk & Security team since January 2015, providing advice and guidance on information security and data privacy to all business units in the SD Worx Group. Gert is also responsible for the enterprise-wide security and data privacy programs for protecting customer information and personal data.
Laurent De Surgeloose, Lead Lawyer at DLA Piper
With more than 110 lawyers based in Brussels and Antwerp, DLA Piper is one of the largest global law firms in Belgium. At DLA Piper, Laurent deals with all aspects of employment and social security law regarding both individual and collective labour relations. He also handles litigation before employment tribunals and courts in Belgium and advises international companies on employee related data privacy issues.

Missed the webinar and want to find out more? No problem, you can download it here! Don’t forget to join in the conversation on Twitter by using #GDPRcountdown.
For more information please visit our GDPR Page or, please email

Related articles

refresh More articles