0800 0482 737

Top 5 lessons on GDPR from the SD Worx European Conference

Top 5 lessons on GDPR from the SD Worx European Conference


Here are the top five lessons on implementing GDPR from the session with Gert Beeckmans, Chief Risk and Security Officer at SD Worx, and Frank Rudolf, Director of Payroll at PAREXEL. 

1. It is not just about IT

Don’t dive too deep into technicalities. Take a dual approach:

  • IT and systems 
  • Organisation

HR and payroll managers should take a lead on creating awareness of GDPR within the organisation, providing employee training on data privacy, helping to create corporate policies and standard operational procedures and giving guidance. GDPR is all about the rights of individuals and their data and the way organisations manage and protect that data.

2. C-level buy-in is essential

Senior management should publicly acknowledge the fact GDPR is coming into force and drive through the organisation the idea of getting ready for it. The CEO should own this, while delegating down tasks and responsibilities.

3. GDPR rights are balanced with the rights of the organisation

While there are heavier penalties for non-compliance, new rights to data portability and erasure (the right to be forgotten) and the need to specify a data retention period, this must be balanced with other legislative requirements, such as employment law. Make sure you check with relevant colleagues before making data changes.

4. You are not alone

HR and payroll is part of a data ecosystem and your third-party systems and software providers need to demonstrate that they are compliant. Ask questions and challenge your providers. 

5. You will not get it perfect first time

This is a new framework and, in the absence of any case law, you can only interpret GDPR. It is likely you will have to correct it. This is a milestone – regulators will want to see that you have a demonstrable process and evidence that you are serious about this. Have a clear action plan and check on a country by country basis.

Download our GDPR whitepaper

Related articles:

  • 2 March 2018

  • by Siân Harrington - Guest Blogger

  • Back to list

About the author

Siân Harrington - Guest Blogger
Editorial Director and Co-Founder, ThePeopleSpace

Siân's passion is connecting people to quality content that matters to them and she is particularly enthusiastic about the positive change leaders and managers can make to business and society. 

Follow on Twitter
Connect on LinkedIn