It is important to be careful with employee data and to treat it as sensitively as you would your own. If data gets into the wrong hands or has been misused in anyway then this equates to an employee’s rights as a citizen being trampled on.
GDPR (the General Data Protection Regulation) is set to ensure that everyone’s data is as secure and private as possible. For HR who deal with almost everyone’s personal data, being aware of data privacy rights is a priority.
This Episode: GDPR made simple with Kim Bradford
In this episode of The HR Uprising Podcast, Lucinda talks to Kim Bradford, the principal owner and managing consultant at Sphere HR Ltd. Kim helps organisations implement the GDPR. They discuss how the data privacy law will greatly affect organisations for the better. It isn’t just about compliance but about bringing forth consent when any personal data is involved. Tune in to this week’s episode to find out more.
- GDPR is the EU’s data privacy regulation, which took effect in May 2018. All EU companies must adhere to the new regulation, so every individual’s personal data can be collected, stored, and handled correctly.
- Consent is vital when dealing with personal information of our employees, volunteers, freelancers, etc. Plainly issuing notices to individuals that their data will be used for certain things isn’t enough. They have to be informed and agree before any process regarding their data takes place.
- HR should be mindful about retaining employees personal data. Technology enables us to store large amounts of data for a lengthy period; however, the law only allows the storing of data for a certain period of time.
- HR should have mechanisms in place just in case data breaches happen. Since HR deals with employees’ personal data most of the time, it’s their responsibility to protect them and make the people aware when breaches happen.
- “You would process far more data about your 50 employees than you would about your 10,000 clients.”
- “Using your in-box as a second database is always risky.”
- “Because you can, it doesn’t mean you should.”
- “HR should map and account for whatever data they process for an organisation.”
- EU General Data Protection Regulation (GDPR) – https://eugdpr.org
- Information Commissioner’s Office (ICO) – https://ico.org.uk
- Chartered Institute of Personnel and Development (CIPD) – https://www.cipd.co.uk
About The Guest
Kim Bradford is a professional CIPD qualified Consultant and GDPR Practitioner. She is currently the Managing Director of Equidistant Consulting Limited, and consults under both the Sphere HR brand and Sphere Data Protection brand. Her consulting firm helps businesses and organisations with their HR and data protection issues, and Kim’s skills and knowledge have helped businesses of all sizes better understand and align their business operations with the GDPR.
- Kim’s LinkedIn: https://www.linkedin.com/in/spherehr-spheredp
- Sphere Data Protection: https://www.spheredataprotection.com
- Sphere HR: https://www.spherehr.co.uk/
About The Host
Lucinda Carney is a Business Psychologist with 15 years in Senior Corporate L&D roles and a further 10 as CEO of Actus Software where she worked closely with HR colleagues helping them to solve the same challenges across a huge range of industries. It was this breadth of experience that inspired Lucinda to set up the HR Uprising community to facilitate greater collaboration across HR professionals in different sectors, helping them to ‘rise up’ together.
“When we look up we rise up”
- Join the HR Uprising LinkedIn community – https://www.linkedin.com/groups/13714397/
- Email: Lucinda@advancechange.co.uk
- LinkedIn: https://www.linkedin.com/in/lucindacarney/
- Twitter: @lucindacarney
- Instagram: @hruprising
- Facebook: @hruprising