Make no mistake – GDPR is a good thing. It means improved data security, higher levels of consumer confidence and better decision making overall. We’ve probably all got some spreadsheets in the dustiest corners of our USB stick (some people still use them!) collections that we don’t need.
By now we all know what GDPR is about and it’s here to stay. Brexit isn’t a free pass (we are in the EU now and were at the time of ‘enforcement’) so we need to follow the rules going forward.
GDPR boils down to being about the rights of people and how you handle their data. It has two main points that we need to keep in mind:
• Transparency: everyone that has their data processed by you has the right to know if you have their data, what you’re doing with it, why you’re doing it and how it’s going to be used.
• Access: everyone has a right to access their own data – so you’ve got 30 days to deal with their requests to access it.
What this means for your agency
It’s all well and good knowing that you need to be transparent and allow access – but what does that actually mean for your recruitment agency?
Take this considered approach to your data and you can’t go too far wrong, GDPR isn’t about being 100% perfect all of the time, you’re just doing your best to look after people’s data:
• Take a long hard look at how you process people’s data and the risks that it could create for them. It doesn’t just stop at candidates or employers, it includes your own employees too.
• Take action and put in place training programmes, make sure the data is secure and cleanse data that you don’t need any more.
• Keep note of how you’re being responsible with people’s data.
GDPR isn’t there to catch you out – it’s about taking a common sense and responsible approach to dealing with people’s data.
*Top Tip: Make someone in your team a data protection guru: Some people live and breathe data – they’ll love taking the lead on data protection and showing how it’s done.