Risky business: HR data under GDPR

Risky business: HR data under GDPR

Any company that extrapolates data – whether it’s from their customers, partners or employees –will need to identify legal grounds for processing that data, under the incoming General Data Protection Regulation (GDPR). HR departments - which are often flagged as a high risk to the business in GDPR audits, according to Matthew Holman, Principal at EMW LAW - must consider all avenues when processing employee data.

Holman explains that “due to the sensitive nature of the data and the volume of sensitive data captured by HR teams,” and “processes that are potentially not compliant due to the use of procedural short-cuts and a lack of training,” employers must pay close attention to the various legal grounds, set out by the Information Commissioner’s Office (ICO).

Upgrade to access

This content is only available to members of myGrapevine+.

myGrapevine+ is the latest way we are supporting a growing community of forward-thinking business leaders. Members can access a host of specially developed content and tools that aren't available anywhere else, helping you set new standards in business and people leadership every day.

  • Access to exclusive member-only content including:
    • The 'Leaders Series', a set of video interviews with leading business and HR voices
    • Strategic deep dives and expert tips for professional development and innovative practise
  • Access to the entire archive of news, features and insights from HR Grapevine and our other sites.
  • Unlimited access to the full back catalogue of our award-winning Magazine and other publications.

First month just £1! *

* Billed via Credit/Debit card at £1 for first month, then £22.99 per month. One time use only.

Welcome Back