I am sure you will have heard of GDPR by now, it seems everybody in business is talking about it – and worrying about it! It is a piece of legislation coming into force on 25 May, which will update our existing Data Protection laws and which is designed to provide better protection of our personal data. It gives individuals greater rights and puts more responsibilities on businesses who collect, store and use personal data. It should help to reduce the risk of data theft, identity fraud and cyber-crime, so its intentions are all very laudable.
Like all businesses, YourRecruit IT is currently busy getting ready for the implementation date, and we would like to reassure all our candidates and clients that we are well on track for full compliance.
Recruitment businesses are essentially data businesses; day in, day out, we handle personal data as part of our daily activities.
We are conducting a comprehensive data audit to map out how candidates provide their information to us and how we process it once it has been collected. This includes where we store it, who we pass it to and why, how we ensure it is accurate and up to date, how long we keep it for, and how we keep it secure. We are putting systems in place to enable us to comply speedily and efficiently with all requests from any individual to delete their information if they no longer wish us to hold it, or to pass it to another third party in a readily accessible format.
Data Protection Officer
We have appointed Nicola Sales to be our Data Protection Officer. She will be the go-to person for any queries or issues relating to our handling of personal data and will be responsible for handling any subject access requests, requests for data deletion, and reports to the Information Commissioner’s Office in the event of any data breach.
I am not going to pretend all this is easy; it is hard work! But we are on the case, and you can rest assured that, whether you are a client or a candidate, your personal data is safe with YourRecruit IT.
All of our staff will have training to ensure they are individually compliant with GDPR and this training will be carried out by Mara Thorne of M Thorne Consulting Ltd.
Author: Mara Thorne