GDPR for HR – Audit
Why is GDPR for HR important?
Any organisation that employs people will need to consider GDPR (General Data Protection Regulation) for HR. Your employees are ‘data subjects’ and therefore their personal data must be managed in line with GDPR (in order to avoid potential fines, claims and reputational damage). GDPR is also about good housekeeping and this is an opportunity to put your house in order!
GDPR requires you to identify the legal basis for keeping employee details. You cannot do this until you know what data you keep. Therefore creating a Data Register is a key element towards compliance.
You also need to consider who has access to data, general security, how long you keep data and whether it is sent to any third parties etc.
Our GDPR for HR Audit provides you with a template Data Register which is pre-populated with the typical data you may keep. It also recommends the legal basis for keeping data.
Our Audit pack also has assessment tools and registers so you can record the steps you are taking.
See below for a full list of what’s included.
- GDPR Overview, Principles, Legal Basis & Working Towards Compliance
- A ‘Getting Started’ Guide
- HR Data Register
- Gap Analysis
- Recommended Retention Periods for HR Data
- Data Breach & Subject Access Request Registers
- Impact Assessment & Third Parties Checklists
- Legitimate Interest Assessment Template
Includes the following documents:
- Getting Started
- GDPR Overview
- GDPR Principles
- Legal Basis
- Working towards compliance
- Data Register and Recommended HR Data Retention Periods
- Accountability and Gap Analysis
- Data Breach and Subject Access Request Registers
- Checklists and Assessments – Legitimate Interest, DPIA, Third Parties
- Data Protection Impact Assessment (DPIA) Policy