GDPR not well understood by HR professionals
The vast majority of HR professionals do not have a good understanding of the upcoming General Data Protection Regulation (GDPR) requirements for employers.
According to a poll this week by XpertHR, 51% of respondents described their level of understanding as low, while 45% said they had "some" understanding.
Only 4% of respondents said that they had a good understanding of GDPR requirements for employers.
The poll was conducted during a live XpertHR webinar on preparing for the GDPR on 10 May 2017.
Webinar speakers Ross McKean and Katherine Gibson, privacy and employment law experts at DLA Piper, discussed important elements of GDPR preparation for employers, including obtaining organisational buy-in for compliance efforts, assembling a GDPR compliance team and conducting a risk assessment.
Following the poll results, McKean commented that the success of GDPR compliance efforts would depend on ensuring a higher level of understanding throughout organisations of GDPR requirements in practice.
He emphasised that although fines under the GDPR of up €20 million or 4% of an organisation's annual worldwide turnover have been well-publicised, the ability of individuals and groups to file direct claims for compensation under the GDPR should also make organisations take notice.
In her presentation, Gibson discussed the expansive scope of the HR data captured by the GDPR - that it would cover personal data from multiple sources, including data generated from employees, their managers and third parties, and personal data stored across multiples sites, including on HR drives, managers' laptops and on email.
She noted that the informality with which employee personal data is currently handled in organisations will make GDPR compliance a challenging task.
Asked about the stage their organisations had reached in their GDPR compliance efforts, 52% replied that they had not yet started, 44% that they were currently developing an action plan and 4% that they were implementing their plan.
The GDPR comes into effect in the UK on 25 May 2018.
Presentations by Mr McKean and Ms Gibson were followed by a Q&A portion based on questions submitted to the speakers by registrants.
The live webinar had an audience of 1,974 people, the majority of whom described themselves as HR professionals. The number of respondents to the polls ranged from 1,409 to 1,524. The webinar is now available to view for free on demand.
