How Will IRIS FMP Keep Your Data GDPR Compliant?
The General Data Protection Regulation (GDPR) is about to drop! Is your business ready? If you’re one of the thousands of people using IRIS FMP’s products and services, you can trust that your payroll is compliant.
GDPR is a challenge in many ways, and needs to be taken seriously by all organisations who operate within the EU.
Here at IRIS FMP, we deal with complex changes to legislation all the time. Payroll gets subject to all kinds of changes and we’ve gotten good at being agile to respond to them. We’ve applied those skills to our GDPR compliance to ensure that our data and the data we are responsible for is safe, secure and compliant.
What is GDPR?
In case you’ve been hiding under your desk for the last year, here’s the gist.
- The regulation comes into force on 25th May 2018
- GDPR is all about how you handle people’s data and being transparent about it
- Every UK company is affected.
- Businesses needs to designate someone as a Data Protection Officer – make sure you liaise with them as needed regarding payroll data
- Ensure the way payroll data is handled, transmitted and retained meets the requirements of the legislation. Ensure there are robust documented procedures and processes around data. For payroll, that includes employee payslips!
- Carry out “Data Protection Impact Assessments” (DPIAs) to ensure compliance with data protection obligations and employee expectations of privacy.
Be aware that any payroll data breaches could cost your business dearly. Fail to comply and you will be to 4% of your annual global turnover.
Make sure you have reviewed GDPR within your organisation, and get in touch with your outsourced service providers to ensure they are compliant too.
As a leading outsourced payroll company, here’s how we are ensuring compliance.
IRIS FMP has a number of HR & Payroll products, all of which can be used to assist you in meeting your statutory GDPR requirements.
IRIS FMP (incorporating Eurowage Ltd, IRIS FMP Payroll Services Ltd, IRIS FMP HR & Payroll Software Ltd, MCN Associates Ltd) are registered with the Data Protection Register (ZA290393/ZA290366/Z1115288/ZA024069), and also are ISO certified (9001/27001/14001/22301).
We have a dedicated Data Protection Officer, who is available to assist you with any GDPR queries you may have, as well as ensuring our compliance. We have also made changes to our flagship payroll and HR software products.
Our payroll products currently maintain an audit trail of data changes. These will be made more visible and have additional GDPR friendly queries to allow you to assess and track changes. Special exposure will also be given to sensitive data .
Sensitive Data & Personal Identifiable Information
The GDPR states that so called sensitive data and Personal Identifiable Information should be handled differently to normal data. To that end, these special data items will be tagged in our HR and payroll products to make them easily identifiable. Furthermore, this field grouping would be able to have special processing and security rules attached to them
Under GDPR, employees will have the right to request details of what data you are holding about them. You will not be able to charge for this request, so being able to service this request quickly and effectively will be paramount.
To help you, we will be adding an Employee GDPR Information request export/report to our products. You will just need to provide the employee code and the data will be presented in a form that can be immediately passed onto the employee.
With the new focus on data security and traceability, we will no longer be accepting data via email or any non-secure method. New Data Portals will be created where we will be able to exchange data safely and securely. This portal will detail who has access and will have automatic rules that will enforce a data retention policy.
If you’re looking for a payroll company that takes GDPR and data protection seriously, get in touch. Download our brochure today for more information.