Data protection for payroll (GDPR)
GDPR or data protection laws starting 25th May 2018 for payroll will change communication between employers and employees. This will apply to all businesses – no matter how big or small as follows;
You can’t do this anymore;
– Send/receive emails to/from staff about matters to do with them personally
– Staff to email you a P45, sickness note from the doctor, or something else which is confidential
– If you pay someone else to run your payroll, emailing them regarding changes to staff pay, details of new staff, etc
– Email is not deemed to be sufficiently robust to protect this sensitive data.
We have already given employees of our clients passcodes so they can open their payslips in “.pdf” format. So, we send them a payslip. When they click on the file, it immediately asks for a password. The only way they can access that payslip is by entering the system generated password. We advise them of that password.
A secure way of collecting data from staff
You could set up a Dropbox account or Google shared file for all employees to use when they want to send you something payroll related or otherwise sensitive. You could also download data for them to the same place.
Some insurers are checking to find out what efforts their clients are making to comply with GDPR.
Take some time now to work out what you’re going to do and get your systems sorted out asap. Let us know if we can help!