As this month marks the one-year anniversary of GDPR, 75% of HR professionals have revealed that the regulation has imposed a significant burden on HR departments, while 64% believe that data protection will get harder once the UK exits the EU.
This news comes following a survey launched by Cezanne HR, a supplier of global Cloud-native HR software, of 250 UK HR professionals, which found that the vast majority of HR practitioners (88%) are confident in their understanding of GDPR legislation relating to the retention and deletion of data.
92% claimed that they know where their people data is stored, while 86% say they have confidence in security systems that their HR departments have in place.
Despite HR professionals reporting to be on top of GDPR compliance, it has come at a cost as three-quarters of respondents (76%) said they have witnessed an increase in subject access requests (SARs) since the regulation came into effect a year ago.
“HR teams process huge amounts of personal data and are in the frontline when it comes to deciding what data to collect, how to manage and secure it, who should have access and how long they need to keep it for,” said Sue Lingard, Director of Cezanne HR.
“It was inevitable that they would have to bear the brunt of compliance activities. The problem is that these activities are ongoing, so the overhead is never going to go away.”
In addition, 52% of those surveyed claimed they also had to manage data deletion and anonymisation using manual or semi-manual processes.
Lingard added: “In my view, HR teams should be asking more of their HR suppliers – and extending access to their systems to their complete workforce, including gig workers and contractors.
“For example, most HR systems are sophisticated enough to incorporate tools that let HR teams set up rules that automatically remove or anonymise data in line with different legislative requirements. That would remove a lot of the administrative burden from HR and ensure that important compliance steps don’t get overlooked.”