HR And Auditing
Keeping HR Simple have teamed up with Data Protection Specialist Simon Hinks. Simon works closely with businesses and charities on data protection, compliance and data auditing and helping them to understand their GDPR/DPA gaps. His hot topics include GDPR compliance and data audits, Communication audits and Customer journey audits.
We asked Simon to talk to us about the big picture of GDPR and what that means from a HR point of view, in particular to focus on Personal Data and it’s definition.
25th May 2018 arrives and you’ve put all your policies in place for GDPR and you feel very compliant but how do you ensure you remain compliant? If you have a DPO or data protection officer it is their responsibility to test the compliance framework within a business on an ongoing basis. What this means is there are methods or techniques to check if staff and the business are being compliant.
One of these techniques is to do the after work hours office desk trawl to check if any pieces of personal data are left out in public view. This would also include locked offices if external cleaners have access to them. Any personal data, records, computers left running would be collected and locked away in preparation for the guilty parties to collect them in the morning!
Other techniques would be to generate a SAR or a Subject Access Request to see how long it takes, understand whether the process is followed to confirm your identity, that the information provided is correct and for the right person.
Keep a record of all complaints from customers as a result of a marketing campaign to ensure responses are provided and that their details are excluded from future marketing activity.
You might also want to consider reviewing the training to ensure it contains any changes to the regulations or to provide further clarification to the rules as a result of feedback.
More information coming soon but in the meantime if you have any questions, don’t hesitate to contact us!