GDPR HR Series Employee Information Notices about Personal Data - Your Key Questions Answered
Failure to comply with the upcoming General Data Protection Regulation (GDPR) could result in significant fines and disruption to business.
The recent blog from Bryan Cave LLP discusses privacy notices aimed at staff. It is not enough for businesses to continue giving staff a privacy notice under existing data protection laws. Businesses should make sure that privacy notices are concise, understandable, accessible and use clear and plain language.
In order to ensure compliance with the requirement that notices be concise, businesses should consider whether it is appropriate to have different, tailored notices for different types of individual. Article 13 of the GDPR requires that various types of information be given to data subjects, including name and contact details, purposes and legal basis of processing, and the right to lodge a complaint with a data protection authority.