No doubt you will be aware of the new GDPR legislation and will have started receiving notifications from all sorts of services and suppliers that you subscribe to and deal with.
This legislation is something that effects all our lives, in and out of the workplace, and applies to all businesses regardless of their size and type.
Our commitment to GDPR is very important to us and we have been extremely busy over the past 6 months reviewing policies and processes to ensure we remain a highly compliant business.
A little background…..
The EU General Data Protection Regulation (GDPR) will become enforceable on 25th May 2018 replacing the Data Protection Directive 95/46/EC and applies to all companies processing personal data of people residing in the EU. Whilst the legislation is clear in some areas, it is open to interpretation in others and we need to use a balanced approach to suit the needs of our services and the individuals whose data we are processing or controlling.
Our 4 key focus areas…..
- We are undertaking a thorough review of our data security using penetration testing and Cyber Security Essentials best practices to safeguard data.
- We are developing systems and investing in technology to ensure that data we process to service our client’s needs is legal, accurate and provides high levels of compliance.
- Using our REC (Recruitment and Employment Confederation) membership guidance we are developing contract amendments to protect all of our business activities and provide the support that our clients have come to expect.
- We have a responsibility to candidates to safeguard their data and ensure that processing is appropriate and legal.
- IT security remains a key focus to ensure that data and sensitive data is secure on systems protected by strong infrastructure and encryption.
- We will shortly be sending our privacy notice to all our candidates, however, if you wish to view this it is available on our website on the link at the bottom of the page.
• We have been talking with our suppliers about their obligations and GDPR compliance and will shortly be issuing new contracts so responsibilities are clearly understood.
- Orion staff have been regularly updated with our GDPR progress and how it effects the way we conduct business operations.
- A training program is being rolled out to all staff to ensure that processes, procedures and responsibilities are fully understood.
- Amendments to contracts are being produced which update our individual responsibilities reflecting the new legislation.
GDPR has become a big part of working lives over the last 6 months and will continue to do so as we develop and improve or processes. If you want to discuss this is any more detail then please get in touch.
For further information on our GDPR policies please view our website – www.orionelectrotech.com If you want to know more about GDPR – ICO Website