What is GDPR?

The General Data Protection Regulation (GDPR) is a regulation intended to strengthen and unify data protection for all individuals within the European Union (EU), and will apply from 25 May 2018, changing the way businesses manage personal data.

GDPR’s main concepts and principles are much the same as the current Data Protection Act, so most of your approach to compliance will remain valid under the GDPR and can be a great point to start from. However, the GDPR does come with some new elements which you will need to change and incorporate into your current processes and practice. Here we highlight the key areas you need to be aware of and act upon:

Awareness:  This may seem simple but you must make key people aware that the law is changing to the GDPR.

Information you holdIt will be necessary to document all the personal data you hold including where it came from and who you share it with.

Communicating privacy information: Review your current privacy notices and put a plan in place for making any necessary changes.

Individuals’ rights: Check your procedures to ensure they cover all the rights individuals have.

Subject access requests: Update procedures and plan how you will handle requests within the new timescales

Lawful basis for processing: Identify the lawful basis for processing activity, document it and update your privacy notice to explain it.

Consent: Review how you seek, record and manage consent. Refresh existing consents if they don’t meet GDPR standards.

Children: Put systems in place to verify individuals’ ages and to obtain parental or guardian consent.

Data breaches: Put procedures in place to detect, report and investigate a personal data breach.

Data Protection by Design and Data Protection Impact Assessments: Familiarise yourself with the ICO’s code of practice on Privacy Impact Assessments and the latest guidance from the Article 29 Working Party. Work out how to implement these.

Data Protection Officers: Designate someone to take responsibility for data protection compliance. You should consider whether you are required to formally designate a Data Protection Officer.

International: If your company operates in more than one EU member state, you must determine your lead data protection supervisory authority.

Although the new law doesn’t come into effect until May 2018 it’s a good idea to start protecting your data as best you can now.

Cyber security is a huge part of GDPR and this week our blogs will help you to understand what you need to know.

Look out for our blog tomorrow “Cyber Security, what is it?”

Get in touch and let HR Revolution run through a GDPR audit to see where and how quickly changes can be implemented.

Call +44 203 538 5311, email: hello@hrrevolution.co.uk or visit: www.hrrevolution.co.uk  where our expert CIPD HR professionals are waiting to help you with any questions you may have.

HR Revolution; supporting you, your employees AND your business.


Suggested 3% increase in NMW by LPC; the largest real-terms increase in NMW since 2007!

The Low Pay Commission (LPC) have begun discussions with The Government about the adult rate of National Minimum Wage (Which applies to anyone aged 21 and over). The LPC would like to raise the minimum rate to £6.70 per hour from October 2015 – A 3% increase  (an addition of 20p per hour). If this plan goes ahead it will be the largest real-terms increase in the national Minimum Wage since 2007! A raise of 20 pence per hour would mean a significant annual pay raise of £416 for a full-time worker on NMW.

The Facts about National Minimum wage:

  • When NVM was first introduced in April 1999, the rate of NMW was £3.60 per hour (£3.00 for 18 to 21-year-olds).
  • The NMW is reviewed annually by the Low Pay Commission with any changes made on the 1st October each year.
  • The NMW is enforced by HM Revenue and Customs, which requires employers to pay at least the NMW and to keep records to show that this is being done. Failure to do either is a criminal offence and can result in a large fine.
  • The rates from 1 October 2014 are: £6.50 per hour for workers aged 21 and over; £5.13 per hour for 18-20 year olds; £3.79 per hour for 16-17 years old.

If the increase is implemented how will this affect everyone?

A big question that has been asked time and time again surrounding the rate of NMW is that wouldn’t raising the minimum wage cause more unemployment and underemployment? How will the small firms that rely on NVM rates cope with the increasing rate?

On the other hand supporters of NMW believe that an increased minimum wage can encourage people to join the workforce and a raise in minimum wage encourages consumption; therefore putting more money back into the economy by allowing low paid workers to spend more.

Until a decision is finalised The Government will study the proposal and make a decision, possibly in next month’s budget, but what are your thoughts about the proposed NMW increase? Good or bad – Let us know.

HRREV Blogger, HR Revolution | HR Outsourcing UK