There are only 126 days until GDPR comes in to place on 25 May 2018 and already we can feel tension in the air as organisations (including FusionHR) get ready to be compliant.
As you know, we like to work in partnership with our clients and felt it was important for us to share our GDPR journey with you so that you feel reassured that we are all in this together and learning each step of the way.
We have decided to use the introduction of GDPR as a positive for our business and the team. We have invested in staff CPD and upgraded our systems to continue our good practice. We have also set up a staff working group so that each area of the business has a voice and can put forward fresh ideas to comply with data protection.
We actually started our data protection journey back in April 2017 with an initial GDPR audit of our systems and processes. From this point, key actions have been taken and we are reviewing progress with a second audit in April 2018.
The field team are preparing themselves for your queries by sending Kirsty and Jo on a certified GDPR training course so that they can become the GDPR gurus at FusionHR. They have decided to document their personal journey and will be shortly setting off on their GDPR adventure. You will be able to follow their adventures on twitter and see their regular blogs where they will share thoughts, useful tips and interesting Q&As. Their adventure will start on 12 February and already they are studying in advance of their GDPR exam!
Other developments in Fusion are:
- We are recruiting a HR Projects Officer who will specialise in data protection by advising clients, carrying out GDPR audits (as a new service offering for FusionHR clients) and acting as our data protection officer;
- We have hosted several training events for clients on GDPR at a reduced rate to help understanding and reassure our clients;
- We have now made it compulsory that our BIRDIE users log in to the BIRDIE ticket system every time you want to access information, rather than accessing automatically from the link in the email;
- We have also removed attachments from BIRDIE email notifications, so now they are only visible within the system after the password is entered;
- We are moving to a cloud server so no data will be held directly on laptops, PC’s or the office based server. This will then be encrypted and securely backed up to protect information. All laptop’s and PC’s have also been encrypted;
- We have rolled out new data processing procedures to our associates;
- Archives have been located in a more secure storage area; and
- All FusionHR and SAM staff have attended GDPR briefing sessions.
This is just the start of our ‘to do’ list and we have plenty more ideas of how we can meet our data protection obligations.
Don’t be afraid of GDPR. Let’s embrace it and learn together, as we all have some good practice already in place.