· Features

Hot topic: data protection regulation, part two

Updated EU data protection regulation may impose restrictions on the use of employee data. This could mean businesses have to pay fines and sanctions of up to 5% of annual turnover if they misuse employee information.

Does this regulation prove using employee data is an intrusion of staff privacy? How can HR strike the balance between making the most of data and protecting employees’ privacy?

Today Hayley Fisher, people director at Thomsons Online Benefits, has her say.

An employee’s right to know how their data is processed lies at the heart of these reforms. With the correct system in place, employee data can be used to help recruit, retain and reward staff, without invading employee privacy.

Cookies are used online to tailor the adverts we see based on our search history. In a similar way, an integrated benefits management platform is more intuitive to an employee’s needs, suggesting relevant partner benefits when they add their family’s details to a system, for example.

Data storage need not be an intrusion of privacy if it is done in the correct way. Some businesses may need to amend their current policies and practices to comply with the changes in legislation. With the new fine structure being much larger for failing to comply, it’s vital that both internal and external controls exist.

Ensuring the correct data controls are in place via a third party platform results in the best outcome for both employers and employees. Employers are protected against possible breaches, while employees see that their company cares about their data and privacy. Furthermore, the platform can integrate tasks to minimise the chances of the same data being sent to multiple sources, or insecure spreadsheets being sent around manually.

Large sets of data can be used more efficiently to target communications to groups of staff too, making workplace benefits and information more relevant and engaging.

Perhaps the most important thing for employers to remember is to be transparent in how they use and store employee data.  It is crucial that this is communicated clearly from the outset.

Read part one of the Hot Topic here