Door 17 of our #TRN Advent Calendar. Paul Lloyd, Sales Director at Brookson, talks us through what recruitment agencies need to take into account regarding the GDPR changes.
Merry Christmas from Brookson One!
Here’s what recruitment agencies need to take into account regarding the GDPR changes
It should be relatively easy for recruitment agencies and payroll providers to adapt to the changes if they are already compliant. This is because GDPR is a replacement and enhancement of the existing Data Protection Act and most of the personal protection information remain, fundamentally, as they are now.
When businesses take time to understand the legislation they will realise that they already have many of the necessary processes and policies in place. However, it is still vitally important that customers, suppliers and service providers communicate effectively with each other so that one is not exposed by the failings of another.
The lack of guidance from the ICO on GDPR has resulted in many businesses not understanding the practical implications of failing to comply with the new legislation and therefore not taking any corrective actions or making significant costs engaging with an external advisor.
When working with agencies, I found that a key issue is based around consent and ensuring that they (usually the data controllers) have the consents to move the data through the supply chain. Most of the other changes can be managed in-house without getting the customers or other service providers involved. Many businesses now will be working out what the changes mean for them, however I think that over the next few months, more guidance and advice will be published by the ICO and therefore more businesses will implement their plans to ensure compliance.
Our Advice when trying to Become Compliant with GDPR
My advice for businesses is to undertake a risk assessment to determine the proportionality of the response. This legislation is of particular importance for recruitment agencies as where data is used simply to perform a contract, businesses need to ensure that the individual, the data subject knows exactly how the data will be used and has consented to that use. This cannot be viewed as a quick fix for May 2018, this is an on-going obligation and agencies need to work towards long-term, robust and manageable policies and processes so as not to get caught out in the future.
Ultimately, this legislation is a positive one as it has been introduced to protect contractor’s data, however they could potentially get irritated when service providers go to them for stronger, more positive, consents. We are always on hand to assist If you have any questions regarding GDPR or you would like to understand more about your candidate’s working options, speak to one of our agency team for advice, information, or to get a bespoke illustration tailored to your contractors’ needs. call 01925 694 521 or email firstname.lastname@example.org
Written by Paul Lloyd