Ensuring GDPR compliance from a human resources perspective

12 July 2017 Consultancy.uk

GDPR has in recent months taken the headlines across media outlets, from technology and risk to compliance and human resources. With the new regulations now less than 12 months away, Julie Lock, Service Development Director at human capital consultancy MHR, looks at what GDPR is and what organisations should be doing from a HR perspective to ensure compliance. 

For those organisations who are not planning to become GDPR ready and for those who had started GDPR readiness then stopped when the Brexit results were announced let’s de-bunk the myth that because we are exiting the EU we do not need to be GDPR compliant because we do. The Queen referred to GDPR in her speech on 21 June 2017 stating: “To implement the General Data Protection Regulation and the new Directive which applies to law enforcement data processing, meeting our obligations while we remain an EU member state and helping to put the UK in the best position to maintain our ability to share data with other EU member states and internationally after we leave the EU.”

On 25 May 2018 GDPR will apply to any company based in the EU and/or processing the personal data of EU citizens, leaving very few companies exempt from the obligations of this new regulation.

What questions should you and your HR team be asking?

HR hold and manage endless amounts of employee information; personal data. For GDPR readiness, organisations firstly need to assess if all the information held is necessary. There are a few questions to consider. 

Ensuring GDPR compliance from a human resources perspectiveWhat are your legal grounds for processing the data? How is it secured? How long do you keep it for? What happens if an employee wants to evoke their right to be forgotten, what is your plan? How do you inform employees why you need specific information and what you are going to do with it? Can you prove that you have not breached an individual’s information? And more importantly, do you know what personal data you process? Is it sensitive?

If you are not asking yourself these questions yet, now is the time to start.

Do you need a Data Privacy Officer?

Public authorities and private companies involved in regular monitoring or large-scale processing of sensitive data are required to appoint a Data Privacy Officer, whose task it is to inform and advise employees handling data on GDPR obligations, monitor compliance and co-operate with the data protection authority (ICO in the UK). Data privacy experts are predicting a Europe-wide shortage of suitably skilled Data Privacy Officers (DPO) by the time the regulations come into force in May 2018.

If you feel your organisation will benefit from employing a DPO and you have yet to recruit one, you need to act fast.

What about the data itself?

Finally, you need to understand what personal data you process, why you process it, how and who processes it and importantly the legal basis used to qualify the processing. You must provide adequate GDPR training to staff handling or managing personal data so they can recognise and address data breaches, carry out a maturity audit and implement recommendations. 

There is still a fair amount of work to be done by organisations to ensure they are GDPR compliant

You also need to assess if you have:

  • Clear, concise and adequate use of privacy notices
  • A breach management strategy which meets the new compulsory reporting conditions
  • Ability to fulfil data subject rights; including access and management of the withdrawal of consent
  • Data processing maps to demonstrate and manage privacy risk

Business readiness

With so many conflicting reports in the media about GDPR, MHR recently carried out a survey of Heads of HR, Payroll Managers, IT and Financial Directors to determine GDPR readiness. The findings revealed that 68% of respondents had not yet received any GDPR awareness training. A further 53% have yet to access and appoint a Data Privacy Officer. Given the predicted shortage of suitable candidates for the role of Data Privacy Officers, the longer organisations leave it to recruit, the harder the challenge will become for HR. 

So to summarise, there is still a fair amount of work to be done by organisations to ensure they are GDPR compliant. A maturity audit in the first instance will help to identify areas of concern and define process changes. Organisations also need to equip staff on GDPR through adequate training – understanding that the highest percentage of breaches reported tend to be caused by human error

Related: Five critical challenges related to becoming GDPR compliant.

×

Why leaders must balance technical expertise with soft skills

17 April 2019 Consultancy.uk

Soft skills matter in the workplace just as much as technical expertise, writes Samantha Caine, Managing Director of Business Linked Teams.

For too long technical expertise has been seen as the marker of a strong candidate for development into a sales or leadership position. Sales and leadership candidates are tasked with demonstrating a diverse and wide-ranging set of technical skills, yet their aptitude in these technical skills or ‘hard skills’ cannot signify great leadership potential. This is why a healthy balance of soft skills and technical ability is required. 

So what exactly is the difference between technical skills and soft skills? In engineering, it’s crucial to demonstrate knowledge of physics as well as a strong grasp on mathematical equations. Yet, in any industry, it’s important for leaders to be able to interact with other people effectively with soft skills like communication, empathy and adaptability. 

Business Linked Team’s 2018 study into internal leadership development revealed that 69% of large organisations are prioritising the identification and development of future leaders from within the workforce. As more and more organisations begin to invest in sales or leadership development within their existing workforces, more focus needs to be placed on ensuring the right soft skills are in place. 

With those soft skills in place throughout the workforce, the business will benefit from a wider pool of potential leaders developing under their noses, and it should be the same where sales candidates are concerned. 

It’s not just about easier access to ideal candidates for these positions without the rigmarole of recruiting from outside of the organisation. The leadership development study also found that 89% of HR decision makers say succession planning has become a top priority. Those currently serving in leadership positions can’t lead forever and the same goes for those generating sales for the business.

Why leaders must balance technical expertise with soft skills

From people leaving for new opportunities or retirement, to people simply stepping aside to focus on other areas of the business, successful leaders and salespeople require experienced and capable successors that will be ready and able to confidently step into their shoes and pick up the mantle without the business experiencing any lapse in performance.

Soft skills make stronger candidates

When it comes to the soft skills required, a strong leader must be able to manage through clear communication and effective time management, coaching and goal setting. They must be able to demonstrate empathy and empower their teams to be successful, productive and fully engaged. And beyond simply giving direction, they must also be able to take direction from those above them and cascade the business strategy down through their teams. 

A strong sales candidate must possess the ability to communicate value to the customer, negotiate well and protect margin or the ability to increase the scope of a particular sales opportunity. 

With the relevant soft skills in place, the business will benefit from increased productivity, greater agility against changing market conditions and greater transparency. In turn, this will provide visibility on issues and inefficiencies while removing opportunity for miscommunication. All of this can transform the culture of a department, improving employee satisfaction and reducing staff turnover. 

Ultimately, developing leadership or sales candidates will require the business to strike the right balance between technical skills and soft skills, and this requires an effective and sustained learning journey.

A balanced learning journey

Facilitating and supporting the development of leadership and sales is best achieved by establishing training groups. By cultivating training groups, businesses are creating talent pools that will inspire and support each other on the learning journey. However, personal goals and learning objectives must be defined for each individual based on their own existing skillsets and the skills that each individual needs to develop. 

With the emergence of e-learning, businesses recognise the value of online-based learning activities, yet many make the mistake of opting for one-size-fits-all solutions which are solely focused on self-study. A development solution will only deliver true return on investment if it combines e-learning activities with group learning activities that provide opportunity for shared experiences and support.

A blended learning solution that combines self-study and face-to-face group learning activities will aid strong development of the talent pool through shared experiences. Through these shared experiences, those undergoing the training will organically develop a support network that supports the development of the group as much as it supports the development of each individual. 

The blended learning approach is supported by one of the seven principles of human learning that socially supported interactions aid the individual development of expertise, metacognitive skills, and formation of the learner’s sense of self. The strongest opportunities for development can be unlocked by blending workshops with online activities such as virtual sessions, peer coaching, self-study, online games and business simulations. But it’s crucial to provide a blend of one-to-one and group sessions too.

Beyond delivering a better learning outcome for the employee, the blended learning approach allows organisations to adapt their training quickly and easily to shifting business demands in an ever-changing landscape.