David Jones
Managing Director
With the introduction of GDPR and the forthcoming ePrivacy regulations, companies are naturally becoming cautious about their use of HR technology as they are required to place their trust in the vendor.
However, at Webrecruit, we feel that technology is a big help when it comes to new data protection regulations. Many types of HR software can assist with your GDPR compliance by automating data deletion processes to relieve manual efforts and ensure that your business is fully compliant.
Technology also allows you to take greater control of your data by centralising its collection, rather than relying on more cluttered, widespread methods of storage, potentially causing problems when it comes to deletion, keeping it up-to-date and sharing with the data subject, if requested.
For example, companies that still use spreadsheets and emails to manage their recruitment process leave themselves at risk of misplacing data or sharing it when they have no centralised way of logging consent. Technology also allows you to monitor the history of the data, make note of any changes and ensure that it is fully up-to-date.
To mitigate any risk of non-compliance, it’s important to make sure you have robust agreements in place with suppliers and each party is aware of their role as data controller or data processor. You must also ensure that all staff operating technology are trained in data protection and this training is regularly refreshed.
John Vickerman
I’d say technology will predominantly be a help to HR when it comes to new data protection regulations. It will, for instance, be easier for managers to have all the information they need to hand which can be found more efficiently if an organisation’s systems are live and up-to-date.
The hindrance will come from where people hold informal records. For example, you may have managers who hold informal copies of a person’s data such as previous candidate’s CVs or informal notes on an employee’s performance data that hasn’t been logged on the system.
With new regulations such as GDPR fast approaching, it will be vital for HR Directors to educate managers on simple practices such as the information they can legally hold and what they’re not allowed to.
More broadly, organisations should look at minimising the places they hold data by implementing systems which can host all information in one unified place. In today’s digital work, these are both just generally good practices, and instead of being afraid of the problem, more should be embracing it to ensure they remain on the front foot.
Stephen Pierce
In my view, technology is essential, it’s here to stay and HR needs to be an advocate for digital in their organisations; be the ‘digital disruptors’. We have to embrace it and data protection regulations are part of that. Our challenge is to enable technology to help us become better at building a positive employee experience around engagement, culture and performance management – and do that in a compliant way under GDPR.
But, how can we ensure we’re using technology in a compliant way? Typically, HR departments like to keep data. We’re seen as the guarantors of the company history, keeping records of who worked here, what happened in the past etc. The revolution of GDPR means that we can’t save data in the same way we used to, which is a bit of a culture shock.
It’s also throwing up several questions, for example, in recruitment: How do we get consent from potential employees? How long can we keep their data for? What does this mean for our talent pools? Who can access that data? Ultimately, we need to ensure the systems we have are compliant. It’s a huge burden, but also a huge opportunity to bring ourselves up to date and do things in the right way.
Tako Zoutman
Human Resources and Technology have always been a challenging combination. Expectations were set high when technology entered the arena to support processes, especially when it was introduced with the objective to improve efficiency and save money. Data was never an element in the design of technology except for the storage setup.
Now, the questions are:
* Have all these technologies delivered as expected?
* Will this technology now support HR as well in the journey towards compliance from a data protection perspective?
Whilst we might hear comments about technology, such as ‘GDPR will make it impossible to gain benefits from the data that our tools save’ and ‘do we really have to ask all employees permission to use their personal data in our systems,’, implanting GDPR in technology is an opportunity to into the next maturity level as HR.
Data protection regulations will force HR professionals and managers to change the way of working with data. It will enforce organisations to rethink its (HR) technology strategy. Data Driven HR strategy needs better data management and also, better thinking about the reasons of storing and using data. These will firm the conditions to start working on using data for People Analytics.
