What does GDPR mean for HR professionals?

What is GDPR?

The European Union’s GDPR goes live on 25th May 2018 and in short means that all countries within the EU will need to be compliant with the strict new rules around protecting customer data. The intent is to provide protection for citizens and their confidential information; anything that identifies you privately and /or you wish to have protection over it.

GDPR will change the way companies and business approach data, mostly because of the short timelines put in place and not the rules, as it is simply restating the three basic set of rules relating to personal data which are as follows:


  • Restrictions on international transfers of data


  • Data protection principles


  • Lawful processing of data


What should HR do?


Simply put the only real difference to a business and how they hold data is increased protection of individual’s rights, as well as greater accountability for business and how they therefore manage an individual’s personal data.

Human Resources teams and departments have the biggest part to play as they deal with personal data daily and also the employee throughout their entire employment journey. If you are an HR professional you and/or your wider team will need to ensure the safe, secure and compliant processing of personal data for your businesses workforce. Simply put, in order to ensure compliant GDPR you should follow these 6 steps in the run up to the closing date:


  • Right to ‘opt out’ and not hold an individual’s data


  • A right to access their personal data and alter if necessary


  • Knowing what data you need and how you are processing it


  • Consent management for the data your company is holding


  • Security and safety of data


  • Allowing data to be transferred


What this means for HR?


Human Resources teams will need to (if you haven’t already) thoroughly review how you manage employee data and data requests. The costs of not getting your business up to the GDPR regulations by the 25th May 2018 could be devastating. For serious offences, for example, not meeting the basic principles of processing or not gaining consent could cost your business €20 million. It could also affect your business in other ways other than financially, such us impacting employee trust in the company and therefore losing out on employee retention and engagement.


The very nature of a Human Resources team and HR as a profession is to not only to be the gatekeeper for data management but also to manage employee expectations. Data is captured throughout an employee’s entire lifecycle with the business starting with the initial job search, right through to when they leave an organisation. All of this data now needs to be compliant with GDPR and if it is not it will be detrimental to a business.


So, is your company GDPR ready?



 Blog written by: Amy Noon, HR Recruitment Consultant at Williams Kent Ltd
22nd May 2018


Tags: , , , , , Categories: Uncategorized

Starting at a new place can be scary: Summer Internship Experience

Starting at a new place can be scary, terrifying even, especially when you’ve never had professional work experience, or experience in the field that […]

Continue reading
The First Hurdle

Workplace Equality, Diversity & Inclusion   Arguably the biggest barrier to achieving a diverse, inclusive, and equitable organisation is the first barrier, Recruitment. If […]

Continue reading
Digital HR Recruitment – The Need to Transition

Recruitment at the best of times can be difficult, and this year has highlighted a different type of difficulty that has affected organisations and […]

Continue reading

Copyright © 2022 Williams Kent. Site by Wave