June 28, 2018 | Research Report
Although the European Union’s (EU) General Data Protection Regulation (GDPR) went into effect on May 25, 2018, many companies have only begun taking steps to comply, and most still have a long way to go. Human capital data, much of which qualifies as “sensitive,” must be protected more vigorously than other kinds of data. At the same time, both the volume and business value of HC data have dramatically increased. It’s not always clear what the impact of the regulation will be on data processing, especially on HC analytics. What’s HR’s role in protecting the personal data of employees, applicants, and contingent workers under GDPR?
ARTICLE
The European Union’s General Data Protection Regulation (GDPR), which went into effect on May 25, 2018, guarantees the right of individuals to be in charge of their own data and how it is used. It holds those who collect and use personal data—including employers—accountable for abiding by specific principles and practices. Companies must document their ongoing efforts to comply with GDPR and can be fined up to €20 million ($US 23.9 million) or 4 percent of their annual revenues, whichever is greater, for failing to meet the new standards. GDPR applies not only to EU companies but to any company outside the EU that stores or processes any personal data about individuals in the EU.
Our research investigates GDPR’s implications for human capital data—including personal data about employees, contingent workers, and external talent. It provides insights about how multinational companies are responding to GDPR, the obstacles they encounter, and actions they can take to comply with the new regulation, which is likely to become the global model for similar regulation elsewhere.
This publication is exclusive to members of The Conference Board.
For information about membership click here.