7 August 2017
Our Head of Legal, Leon Daniel, has written some useful information on General Data Protection Regulation (GDPR) and what it might mean for your organisation. This is the first of a series of articles on the new Regulation and will cover the steps we are taking at SD Worx to ensure GDPR compliance.
GDPR is a new piece of European legislation that was finally adopted on 27th April 2017 after several false starts. It will come into force on 25th May
2018 across Europe, and it will apply not only to any organisation situated in the EU, but also to any organisation that processes the personal data
of EU citizens regardless of where they are located.
The key difference of the GDPR compared to the existing data privacy laws is that it also applies to data processors who will be directly liable with data
controllers (owners of data) for GDPR breaches.
GDPR will apply in the UK regardless of Brexit. The Queen’s stated the Goverrnment's plans during the opening of parliament where her majesty said:
A new law will ensure that the United Kingdom retains its world-class regime protecting personal data…
and we expect that the Repeal Bill will be used to bring GDPR into law for the UK.
GDPR takes many of the concepts under existing privacy laws and enhances and extends them. Existing data subject rights, such as the right to receive a
copy of the data and the right to rectification are extended for example with shorter time limits for compliance.
There are also a set of new data subject rights such as the right to erasure (not quite as broad as the much-discussed right to be forgotten), and data
Other big changes include a right to self-report any breaches, special rules for processing children’s data, new categories of sensitive data and the requirement
to give specific information to individual data subjects about what will happen to their data.
The supervisory authorities have powers under GDPR to order organisations to pay compensation to data subjects.
They also have the power to administer substantial fines against both data controllers and data processors. The numbers are high (maximum being the higher
of 4% of global turnover or €20m) and so have grabbed attention. However, whilst the size of fines is intended to be “dissuasive”, the authorities
are also required to take into account the behaviour of the organisation and to fine accordingly.
Therefore it is right and proper that our reaction to the legislation should be to take a broad risk-management approach and to invest in our security.
As you start looking into GDPR, you will find that it will impact more of your organisation than you originally thought. It will also take you longer to
get compliant than you can imagine. This article will undoubtedly raise more questions than it has answered, but what is clear is that you will have
to make investments in your security systems and processes and it is key to ensure that these investments are made in the right areas.
In this series of articles, I will share with you the journey that we are taking here at SD Worx to ensure GDPR compliance.
There have been many publications about the Good Work Plan over the past 18 months and it can be confusing to work through complex, legislative documentation to understand how you stay compliant. While the good work plan covers many topics, this blog aims to take you through one aspect of this, Holiday Pay, and asks the simple question – are you ready for the changes?29 October 2019
If you want to learn best practice in handling data in light of the General Data Protection Regulations (GDPR), you can do no better than to look at DuPont. Now part of science giant DowDuPont following a merger last year, data is part of the DNA of the organisation and it has a long history of embedding data protection into its culture.8 March 2018
Here are the top five lessons on implementing GDPR from the session with Gert Beeckmans, Chief Risk and Security Officer at SD Worx, and Frank Rudolf, Director of Payroll at PAREXEL from the SD Worx European Conference 2018, held in London on 6th February.2 March 2018
With just three months to go until the General Data Protection Regulation (GDPR) comes into force, the clock is ticking for HR and payroll managers to get the systems and processes in place to ensure compliance. The regulation, coming into effect on 25 May 2018, updates data rights for today’s networked world, and organisations ignore it at their peril.1 March 2018
Clark Hoy, Business Development Manager at SD Worx UK & Ireland shares his top tips for all the new dads and dads to be (D2B) regarding all things paternity!26 February 2018
Retention of the personal data is ‘lawful basis’ where it is necessary, for compliance with a legal obligation, for the exercise or defence of legal claims. For Payroll and HR reasons, employers must hold and retain personal information about their employees and former employees to meet these legal requirements.4 December 2017
GDPR is set to see the biggest shake-up in the way we handle data since the Data Protection Act of 1998. Over the last few years, the processing and control of data has seen many systematic changes. Updated legal obligations set out in the Regulation such as the ‘lawful basis’ of the processing of data is sure to see more changes to data handling.27 November 2017
Read Simon Parson's latest blog where he answers the frequently asked question: 'Do you know if HMRC are likely to want us to include more options for employees that may be transitioning or don’t identify themselves with either gender?'23 November 2017
Increasingly within global organisations we see that individuals have increasing international activity throughout a business’ empire with differing national fiscal obligations. Impact on employees and compliance with a variety of national fiscal government obligations brings into play significant complexities. Some will be available within Payroll Software or service, whereas others, a little more obscure, may require special handling. For UK Payroll, there are a variety of variants (to the normal) Pay As You Earn (PAYE) obligations.6 November 2017
The EU’s General Data Protection Regulation (GDPR) comes into effect on 25 May 2018. It applies to any organisation that processes the personal data of
EU citizens regardless of where they are situated. Brexit won’t let UK companies off the hook as the government has announced that the legislation
will be brought into UK law.
9 October 2017
In order to get to understand Alabaster, we recommend that you know a little about the case precedent behind it.2 October 2017
Our Head of Legal, Leon Daniel, has written some useful information on GDPR and what it might mean for your organisation. This is the second of a series of articles on the steps we are taking at SD Worx to ensure GDPR compliance.14 August 2017
Part two of our blog, our Commercial Director John Cusack and Business Development Manager Steve Knapman, built upon the information outlined by Mercer in part 1 – and discuss how SD Worx’s analysis tools can provide you with in-depth statistics on the gender pay gap. Read more on some of the useful points that we took away from the webinar...10 July 2017
Minimum pay is governed by employment law, and breach is criminal; HM Revenue & Customs are charged with policing its application based on a number of significant factors and structures. In this blog, our Director of Payment, Benefits & Compliance Strategies, Simon Parsons, discusses critical touch points for compliance and recent payroll error examples regarding this legal requirment.3 July 2017
The gender pay gap has been a hot topic for years, dominating discussion in the media and in boardrooms. Seemingly refusing to close, the gap stood at 9.4% in 2016, down from 17.4% in 1997. While the UK is getting nearer and nearer to gender parity in pay, figures suggest it still has a long way to go...19 June 2017
2017 is going to be both interesting & challenging. With Brexit and changing government leadership much is to be done and quickly. Now is the time for the business to come together and plan for change...2 March 2017
In August 2016, HMRC launched a ‘Consultation on salary sacrifice for the provision of benefits in kind’. The indication is to bring in law changes from April 2017.11 October 2016
Often once the deal is done you can’t see the lawyers for dust, so if you receive notice from a supplier or customer that they have been acquired, or if you have been acquired yourself, what do you need to do to keep your current contracts in order?3 October 2016
The way the government funds apprenticeships in England is changing. The 6th April 2017 sees the introduction of a new employment tax on United Kingdom employers. Scotland Wales and Northern Ireland, each having their share of the levy, will have to decide how apprenticeship spending will take place. In this blog I cover some key points that employers should be considering in order to prepare for the upcoming changes...5 September 2016
As a union, the UK has voted to leave the European Union with some Scottish politicians hinting of a further independence referendum, and some in Northern Ireland wanting a joint Irish nation! At the same time, Job Centre Plus has run out of National Insurance numbers and in June 2016, decided in to start issuing NINOs with prefix ‘KC’ - but there is an issue with this...15 August 2016
With the result of the UK referendum to leave the European Union and indication by Scotland's first minister to run a further Devolution referendum, Simon Parsons considers the potential implications for the next few years for Scotland and Payroll services...8 August 2016
So the nation has chosen to progress leaving the EU with a popular vote of 52%. So what's changed, apart from volatility in currency and stock markets? And what major action do we see impacting payroll?26 July 2016
The National Living Wage (NLW) became compulsory for employees aged 25 and above, at a new minimum rate... Have you considered the implications and reviewed your maternity leave payments and made top-ups of SMP?27 June 2016
April 2016 saw some of the most significant legal changes to impact payroll operations and software. I would venture that this year’s new changes have been some of the most impactful yet, more so than the introduction of Real Time Information (RTI). New requirements for Scotland including the Scottish Rate of Income Tax and changes to Earnings and Maintenance Arrestments. A revolution in national insurance with the removal of Contracting out and Under 25 Apprentice NICs being introduced. The list can go on.13 June 2016
Following the judgement of the Employment Appeal Tribunal (9th March 2016), the question of salary sacrifice and maternity rights has been thrown into question! Was HMRC errant in providing guidance? Are employers now off the hook with provision of non-cash benefits in kind during maternity?16 May 2016
In the 2015 Queens speech, the Government set out to create 3 million new apprenticeships by 2020. As part of the Enterprise Bill, apprenticeships would gain the same legal treatment of degrees. ‘The Richard Review’ brings new standards being developed by ‘trailblazers’ and new funding trialled giving employers greater control over spend on training delivery.11 April 2016
We thought 2013 was busy with the introduction of Real Time Information, but looking back it now seems a doddle! 2016 is proving to be one of the most substantial change years ever for payroll, software and service providers and especially payroll managers. Never before have I seen such a wide, heavy plethora of change. Now seems a good time to start the preparations in earnest and put the brain in gear...25 January 2016