GDPR Update - 25th May 2018

by Lee Porter 24. May 2018 11:50

Our software is designed to assist the recording and management of information both during the time of the individual's employment with your Company and after it has ended for the benefit of the Company.  Your employer is required by law to keep this information and the employee is obliged to provide it ,usually contractually.

A number of updates have been made to the system to meet the new GDPR legislation that is coming into effect on the 25th May 2018.  A summary of the major changes are:

  1. If your company DOES NOT use its own GDPR system and records your staff's consent - then you may enable the GDPR consent feature in this system by going to Admin > System Functionality > Set Functionality Required. It is turned OFF by default.
     
  2. A new functionality role of GDPR Admin/DPO has been added. At least one employee should be given this role in order to manage the new data processing features listed below.
     
  3. A new GDPR menu can be found in the top menu of the Dashboard.
     
  4. Each member of staff has the option to Accept or Withdraw their consent to have their data recorded in this software.  Consent is initially set as given for all existing employees and employees added in the future to minimise disruption.  The withdrawal of consent will send an email to the GDPR Admin/DPO informing them of the decision and remove the employee's access to the software.  Future access can be regained by accepting the use of your data in this software. Withdrawing your consent will severely limit your ability to use the software but other staff such as your manager and your Human Resource team will still be able to use the software on your behalf.
     
  5. The GDPR Admín can withdraw and accept your data to be used on your behalf and can upload documents to show acceptance has been given outside of this software.
     
  6. A history of the employee and the DPO's choices are kept and the latest decision from either party takes effect.
     
  7. Personal information for the employee can be Removed upon request by the GDPR Admin.  This includes data such as personal addresses, bank details, birth date, personal email addresses and medical information etc.  This does not include company information such as training records, expenses, leave, sickness and injury records etc.
     
  8. An individual employee's data or your entire recorded history can be exported from the software by the use of the reports.
     
  9. An officially written request can be made to delete your site completely.  This will destroy ALL of your data FOREVER.

Powered by BlogEngine.NET 1.4.5.0
Theme by Mads Kristensen