GDPR is a Europe-wide set of data protection laws designed to harmonise data privacy practice across Europe. The emphasis is on protecting citizens and their data, and giving users more information about control over how it’s used. The States of Jersey and States of Guernsey are implementing an equivalent law and it is likely that these local laws will be similar to GDPR with the aim to be ready for implementation in May 2018, in line with the EU legislative timetable. These draft laws were unanimously agreed by the States Assembly on the 18th January.
GDPR will drastically change the way businesses of all sizes collect, store and protect personal information, bringing significant changes to existing data protection regulations, introducing new requirements for businesses to adhere to.
Key changes/new rules
The main purpose of GDPR is to ensure that individuals have more control over their data and that clients are more accountable. Employers will need to be very clear on what data they are keeping, for how long and ensure they remove it when it is no longer needed. Ensuring they have a lawful basis for using personal data, which could include consent by the individual for storing and processing data or for the fulfilment of a contractual obligation.
Although most HR Professionals and Recruitment Consultants will be working their way through the exact requirements and changes to current processes, we have provided a brief summary of some of the rules that will apply, click here to access the full article.