How implementing a HR system can help towards GDPR
As many people are now aware, GDPR is due to come into effect on 25th May 2018 and will impact any business that holds personal data whether it be about their employees, customers or prospects.
In our previous article GDPR and HR [Read here] we compiled a list of some of the things that seem to be key towards GDPR compliance. Following on from this we thought we would give our insights on where we think having a HR system such as People Inc. to manage your HR data can help keep you on the right side of GDPR.
For customers who currently use People Inc. some of the benefits are obvious but for those who are still reliant on spreadsheets to manage their employee data, here are some of the ways in which People Inc. can help you with GDPR.
What data is stored?
People Inc. is a comprehensive HR system for managing all aspects of your employee’s time with the company.
Virtually any information can be stored within People Inc. within one of the many existing screens or by creating your own using the built in Screen Designer.
By keeping all relevant employee data in one central system means it is easier to manager and track what information is recorded against each employee to ensure it is kept up to date.
It is also possible to securely store any electronic documentation within People Inc. by attaching documents to an employee’s record. This removes the need for shared drives that are much harder to manage who has access to what.
Where is the employee data kept?
People Inc. is implemented on your companies own internal network rather than on an external ‘cloud’ server. This means your organisations IT department has full control over who can access it.
The data is stored securely on a database called Microsoft SQL Server that is only accessible from the People Inc. Client software installed on each user’s PC.
Who has access to the data?
Each People Inc. User has their own unique username and password which lets them log into the system (but only from the People Inc. client software). Individual security profiles can be created that allow different users to have different levels of access to the data, down to individual field level.
This means is a user can be set up, so they only see the specific information they need to perform their role. For example, Recruitment, Training and Development or Fleet etc.
How is the data kept up to date/maintained?
There are a wide range of tools that People Inc. provides that can help manage the data that is recorded within People Inc. The Employee Self Service for example, not only provides employees with the facility to easily notify you of changes to their personal contact details but also provides a level of transparency, so employees can easily see if their personal information is up to date.
All data held in the People Inc system can be analysed using the existing reports or by designing your own Reports. These will be very useful for interrogating your data to make sure it is accurate and up-to-date.
Additionally, People Inc. has a utility that allows users to delete records that are no longer required. For example, if you wish to delete any Employees or Applicant records that are older than 6 years.
How do I manage Consent?
Getting consent from employees will be very important towards compliance. People Inc. can help with this in several ways. We can use the existing mail merge tools within People Inc. generate consent forms that can be sent to employees for them to complete.
Additionally, for companies with the Employee Self Service functionality we can develop a screen that allows employees to update their consent status electronically saving a great deal of time and effort for everyone.
How do we communicate GDPR to our employees?
GDPR will likely mean policies and procedures will need to be updated for employees. Information such as Fact sheets may also be needed to increase awareness of GDPR and the impact on the business.
People Inc. has an area for storing HR Documents to make it easier to store and maintain the latest versions of your policies, procedures, forms and other HR related information. Again, this information can be accessible via the Employee Self Service Module so that employees can access this information at any point saving the need to distribute the information to everyone manually.
What about our contracts of employment?
You may well be required to issue updated contracts of employment to all your employees to include something about GDPR.
This can be made much quicker and easier to manage by setting up your Contract of Employment templates within People Inc. and then using the built-in mail merge tool to generate the updated contracts. A tracking screen can be used to monitor who has not yet returned their signed contract.
Implementing People Inc.
It is likely that for GDPR your organisation will need to carry out a review of what data is recorded about your employees, where it is stored and who has access to it. Inevitably this data will need to be updated and cleansed to ensure it meets GDPR requirements.
This is the perfect opportunity to implement People Inc. as the cleansed data can be quickly imported straight into the system and security profiles can be configured so it’s ready to be used in the right way.
agathonhr have been working on Human Resource Information Systems for over 20 years and with People Inc. since 2009. Our experience means we can provide a common-sense approach to providing you with a comprehensive HR system to help you record and maintain your employee data to help you with your GDPR compliance.
More in-depth information about GDPR compliance can be found on the Information Commissioner’s Office (ICO) Website.
If you would like to learn more on People Inc. or how People Inc. can help your organisation please contact agathonhr on 01242 663974 or via email email@example.com.