GDPR is due to come into force on 5th May 2018. It is already causing ripples with recruiters.
There are a number of essential requirements to the new GDPR legislation, which is designed to safeguard personal data. Recruitment agencies will need to consider these when handling and processing personal information provided by their candidates and workers.
Of course, recruitment businesses currently fall under the existing Data Protection Act 1998. The GDPR replaces this and is much stricter so it is imperative that recruiters understand the implications of the new legislation, and act now to ensure appropriate procedures are in place in preparation for May 2018. With fines up to €20 million for non-compliance, on a two-tiered system, the cost of not adhering to the new rules could be disastrous.
Our Top Tips for preparing are:
- Start early – the regulations come into force in 2018. You should be getting your systems and processes in place now to avoid a panic next year.
- Use official guidance documents. The ICO (Information Commissioners Office) has already published a handy guidance document to help businesses prepare for the changes, which you can find. Follow the steps carefully.
- Communicate. It’s important to communicate changes to your employees and peers to ensure that everyone understands the changes and their role in ensuring the business is compliant. Be sure to communicate who is responsible for data processing and protection.
- Review existing processes, procedures and systems. Don’t just assume that what you do already will cover you under the new regulations, or that your CRM or database provider will make any necessary changes to their software without you taking action. Review processes, procedures and systems, with an expert if required. Formulate a plan of action to make any necessary changes.
- Talk to the experts – if you don’t understand GDPR, don’t know what systems you need in place, or just simply want someone to take away the worry of GDPR from you, then talk to the experts.