GDPR2018-11-26T09:29:04+00:00

GDPR compliance

Struggling to manage employee data securely to comply with the GDPR? CIPHR is here to help

GDPR compliance

Struggling to manage employee data securely to comply with the GDPR? CIPHR is here to help

What is the GDPR?
The General Data Protection Regulation, which came into effect on 25 May 2018, made significant changes to how organisations across the EU collect, store and process data.

What are HR’s responsibilities?
HR is the keeper of significant portions of employee personal data. Employers must put in place policies and procedures to ensure employee data is collected, stored and processed in line with the GDPR’s requirements.

How can HR software help?
HR software is particularly valuable for organisations that collect and store employee data via insecure paper or Excel-based filing systems, which can often be out of date or at risk of security breaches. Specialist recruitment software can also help employers better manage data belonging to job applicants – which can often be held insecurely, and disjointedly, in email mailboxes or paper records.

Contact us now

Call us on 01628 814 242 or contact your account manager to find out more

GDPR – infographic

View headline findings from our recent GDPR survey

How is CIPHR securing customers’ data?

As a trusted processor of our customers’ data, CIPHR has always taken steps to ensure that the appropriate technical measures are in place to deliver a secure environment for our solutions. We are always looking to enhance our security measures and have incorporated multiple layers of encryption technologies, protective monitoring and auditing solutions.

Our applications and infrastructure are regularly assessed by both internal and external vulnerability and penetration-testing programs using our internal Certified Ethical Hacker (CEH) resources, as well as through a partnership with several external CREST-accredited penetration testing organisations.

CIPHR’s internal security forum, led by our head of information security, meets regularly to review all the security measures we have in place – including associated policies and procedures – to ensure they are maintained appropriately. The forum also creates and delivers regular training and awareness sessions relating to all areas of information security for all CIPHR employees. All CIPHR employees are also background checked to a minimum of the BS7858 standard.

All our technical measures, policies and procedures are externally audited by the British Standards Institute (BSI) each year to validate our ongoing compliance with the Information Security Management System (ISO27001:2013) framework, which we have maintained since 2014.

To ensure we are fully compliant with the GDPR we have invested in external training to ensure we have certified GDPR practitioners within the security forum. We have also conducted specific audits to confirm our data and documents, including policies and procedures, are compliant with both the ISO27001:2013 framework and the GDPR.

How CIPHR’s HR and recruitment solutions can help HR teams comply with the GDPR

Use our data retention dashboard
Easily delete or anonymise records when their data retention periods expire

Request applicant consent
CIPHR iRecruit makes it simple to request consent from job applicants where you have determined that consent is required

Create GDPR users
Restrict access to relevant fields for users with responsibility for GDPR

Record consent
Document consent against employee records where you have determined that consent is required

Anonymise records
Choose to anonymise leavers’ records instead of deleting them, so you retain access to useful metrics while remaining GDPR compliant

Create automatic notifications
Set up auto reminders to re-validate consent where consent is required

Enable self-service access
Comply with subject access requests (SARs) more easily by granting access to data for leavers and current staff, or through a data protection report

Define data retention periods
Decide when records of leavers will be flagged for deletion or anonymisation

Manage applicants’ data more effectively
Download data, request consent extension, anonymise records and delete data via the dashboard

Implement policy acceptance
Confirm staff have read your GDPR-related policies

Latest GDPR resources

webinar

How CIPHR’s products can assist with GDPR compliance

Watch an overview of tools in our HR and recruitment solutions that will assist your compliance with the GDPR

guide

GDPR – What’s changing?

Discover how CIPHR’s systems can help you comply with the GDPR

webinar

How to prepare your HR team for the GDPR

An overview of the changes to data protection legislation from 25 May 2018

blog

Quarter of workers will ask employers for personal data under GDPR, survey finds

Subject access requests will place an additional admin burden onto busy HR teams, warns CIPHR expert

blog

Why the GDPR will change how HR treats employee data

New regulations will prompt cultural changes in HR’s attitudes towards collecting and protecting sensitive employee data, experts argue

Disclaimer

We would strongly recommend that you seek your own legal advice if you are unsure about the implications of data protection laws on your business.

The information contained on this website is for general guidance purposes only. It should not be taken for, nor is it intended as, legal advice. While we have made every effort to ensure that the information provided on this document is correct and up to date, CIPHR makes no promises as to completeness or accuracy and the information is delivered on an “as is” basis without any warranties, express or implied. CIPHR will not accept any liability for errors or omissions and will not be liable for any damage (including, without limitation, damage for loss of business or loss of profits) arising in contract, tort or otherwise from the use of or reliance on this information, or from any action or decisions taken as a result of using this information.

CIPHR

Free guide

How to choose the right HR software: a buyer's guide

HR software white paper





By submitting this enquiry form you accept the terms of our Privacy Notice

close-link