Home / Data Protection / GDPR: Employment and Pensions

GDPR: Employment and Pensions

GDPR: Employment and Pensions

HR play a vital role in a GDPR compliance programme. The large volume of personal data processed in an HR team means that specific issues arise in the context of employee’s personal data that are different to the processes applied for customers.

In our view HR teams are essential stakeholders in a GDPR compliance team and should identify the unique aspects of how organisations manage and store their employee’s and job applicants personal and special category data. We recommend that the starting point for an HR team is to conduct a data audit to determine what information they process, and where the gaps in compliance may lie. For further assistance with this process please refer to our guides and publications below.

We recommend that HR teams need to address the following key issues:

Checklist for change?

  • HR data audits
  • Retention policies
  • Privacy notices
  • Contract updates
  • Bespoke consent provisions
  • Data protection policies
  • Data subject access requests
  • New data subject rights
  • Staff training
  • International data transfers and advice
  • HR data breaches

Useful documents

Data privacy shake-up: is HR ready?

GDPR data privacy brochure cover

Preparing for the GDPR: undertaking an HR audit

GDPR preparing for an HR audit brochure cover

GDPR Bitesize: Key issues for HR

GDPR bitesize cover

CMS Pension Scheme GDPR Toolkit

GDPR pension scheme toolkit brochure cover