After more than 2 years, the changes to the General Data Protection Regulation have finally arrived. Beginning May 25, a range of new data protection and privacy regulations will go into effect and will be enforceable. By now your company has probably sent out consent emails, opt-out and privacy notices, and made changes to your website and marketing materials. But have you thought about your company payroll provider?
Many organisations find that utilising an outside payroll provider to manage their employee payroll is easier and less expensive. But how do you know if your payroll provider is compliant with GDPR? Employee payroll data includes sensitive personal information including name, address, salary, and bank account data. If your payroll provider is not in compliance with the new GDPR regulations, you could face significant penalties in the event of a breach.
There are many unanswered questions within the new GDPR guidelines related to payroll. The employee’s right to be forgotten, and how data is transferred from one third party payroll provider to another, are just two of the issues that have been unanswered by the new GDPR regulations.
Utilising a payroll provider who is certified by the Chartered Institute of Payroll Professionals (CIPP) can help ensure your payroll processes are compliant with GDPR-related payroll regulations. CIPP is the industry leader providing global training and certification for data privacy and protection, and partners with the top privacy lawyers and practitioners in the world.
If you are not sure if your payroll provider is GDPR-compliant, don’t wait until there is a problem – start looking for a partner who can provide secure, compliant employee payroll for your business