The month of May will soon be upon us and that is the time when the new GDPR (EU General Data Protection Regulation) will come into force. All businesses, no matter their size, will have to comply if they deal with employee personal data so, understandably, many of them are already worried about how it will impact upon their HR function.
HR responsibilities will increase
Whether companies have a fully-fledged HR Department or just one person dealing with that side of things, their obligations are going to be increased. As far as staff personal data is concerned, they will now have a right to access it or ask for it to be amended or deleted. HR departments will also need to overhaul their processes and systems as they will need to make staff aware of how long their data will be stored for and whether or not it will be shared with any other third party. At the same time, HR service providers that deal with employee data on behalf of employers will also need to pull their socks up if GDPR is not to catch them out.
At the moment, HR Departments can hold reams of data, relevant to current and former employees, as well as those looking for employment. If this is stored on paper or on computers that are openly accessed by others, this will no longer be compliant, particularly if medical or trade union records are included.
HR departments needs to 'up the ante'
GDPR will take no prisoners and those that fall foul of the rules will suffer, being hit with severe penalties and fines. The only way that this can be avoided is by HR Departments doing the following:
- Obtaining employee consent
- Being fully accountable
- Respecting employee rights
The main thing is that all HR functions will need to be taken care of with total security and privacy of personal data being considered. Whether information is stored on paper, on a computer database or within a specialise CRM system, all of the following are essential functions that will need to be attended to:
- Secure retention of data
- Easily accessible targeted information
- Displaying full transparency and accountability
- Using data for only the purpose for which permission was given
HR departments need to be proactive
So in addition to all of the above, as a UK business that deals with confidential employee data, what else should you do to get your HR Department in good running order as far as GDPR is concerned? Depending upon how many staff you have, you may wish to consider appointing a ‘GDPR Manager’ who will be fully responsible for taking care of all things related to the new regulation. It goes without saying that they will need to understand the new regulations inside-out and that ensuring your company complies will be on their head. Failure to do so will damage your reputation as well as your bank balance so the person assuming this role will need to be dedicated, detailed in their approach and proactive. Whilst this may result in you paying an additional wage, when compared to the fines that could be levied against you for breaking the rules, it is an expense worth having.
GDPR fines will fall into two categories:
- Up to 10 million Euros or 2% of the company’s global annual turnover of the previous financial year.
- Up to 20 million Euros or 4% of the company’s global annual turnover of the previous financial year.
How can document scanning help ensure GDPR compliance?
The Pearl Scan's document scanning service offers the perfect solution for security and manipulation of paper files. By scanning them in, we make it possible for companies to be sure that they are not breaking any rules. All personal data currently on paper should be converted to digital thus ensuring compliance, avoiding fines and providing a good ROI. Outsourcing this task will save a great deal of time and money as speed and efficiency will be ensured and your staff will not have to be removed from other tasks. For this reason, many companies are relying on Pearl Scan to assist them.
How does document scanning help with GDPR compliance?
Scanned documents can help your business to guarantee GDPR compliance due to the following:
- Data retention – Data retention is taken care of much more easily, particularly if software is used to set rules and processes. Once guidelines are in place, the software will do the rest. Even if a breach occurs you can show that you did all possible to comply and may avoid huge fines.
- Security and privacy – Why take the risk of leaving sensitive data on paper files? Easier to copy, steal, lose or destroy, it is only when digitised that they can be password protected when stored. You can even add digitally encryption for a belt-and-braces approach.
- Data Search and retrieval – Compare the time taken to access important data in a paper file and then compare it to a computer based data search and you will see why having digitised files is essential. GDPR Article 17 makes it clear that: “The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay.” Fulfilling this task manually with paper files will be a nightmare, wasting time and money. With digital files it takes just seconds. When employees ask for their right of access, right to rectification and right to restriction of processing, digital is king.
- Cost – This is an easy one as the cost taken to process paper files compared to digital is much higher due to time taken and staff deployed on specific tasks. With digital also enabling you to better avoid fines, it makes so much sense to go down this rout
Trust Pearl Scan to take care of your document scanning
When looking for a professional and reputable company to turn your paper files into digital versions, enabling you to comply far easier with GDPR, Pearl Scan are experts. For over 15 years we have been working with organisations across every sector to scan their paper. Even the most sensitive of data is converted to digital in our capable hands.
Trusted by so many businesses, make us your chosen partner to help you to work towards and maintain full GDPR compliance. Get in touch with us today to find out more about our Document Scanning Service.