Employment Law NetherlandsBy Marieke Agatha Stoop

GDPR HR Data: One Year Later How Is It Working?

The EU’s General Data Protection Regulation went into effect on May 25, 2018. How is this working, more than one year after the GDPR [AVG – Algemene Verordening Gegevensbescherming] was introduced in the Netherlands and what is the impact on GDPR HR data?

Transition Phase 

Prior to the GDPR, the EU’s 1995 Data Protection Directive allowed member nations to have their own breach-notification laws. Some countries had mandated breach notification, but their approaches differed. While the first year of the implementation of the GDPR should be considered a transition year, it is shown that many European countries and organisations are still in the transition phase. Making adjustments in enormous amounts of personal data and systems is a time-consuming process.

There have been a massive increase in reports of data breaches since the implementation, but, there has not been any fines handed out to non-compliance to companies for mishandling personal data.

While the implementation in the Netherlands was subject to negativity at the start, due to more regulations and the huge fines, the shift in mindset on handling of personal data is positive. It has led to more awareness of HR departments to continuously validate how to collect and store data. As a result, many companies have appointed a GDPR specialist to monitor compliance accordingly.

GDPR HR Data

The compliance is the company’s responsibility, therefore it is essential to still educate employees and raise awareness. The policies and procedures for data privacy are important as well as training to ensure employees understand their rights and obligations when handling the company’s data.

The impact on recruitment is also important to make sure the company is asking only for necessary information in recruitment processes and in benefit forms.

Furthermore, HR should have a document in place on the retention periods for data in employee files. For offer letters and resumes of candidates not hired, a retention period of no later than 4 weeks is applicable after the recruitment processes ended. Make sure you delete the file after that period!

In case you want to know more about the data in the employee file, please download the checklist. What to include in Employee File and how long to keep the record.

While HR departments still record employee’s personal data with globalised HR systems, the impact on HR will remain to continue to think about the reasons for data storage in each of the HR processes and take into account the rights of employees.

 

Share this article

By Marieke Agatha Stoop

Marieke Agatha Stoop, founder of Human in Progress, is a seasoned expert in HR advisory, with over 15 years of expertise in employment law, international people strategy and process management.

Renowned for her HR services, efficiency, and practical approach, she excels in resolving complex human capital matters. Marieke actively keeps track of the latest international HR strategies, labour law relations and Works Councils matters.

She actively contributes to the HRM Netherlands network community with an eye for People & Culture in today’s workplace.

Related Articles

Workplace Health and Safety Netherlands Regulations.

Mandatory Risk Inventory and Evaluation (RI&E) Netherlands.

Mandatory Confidential Counsellor in the Netherlands.