Integrating GDPR policy into onboarding processes


Inkedsecurity process LI

How do you keep new hires fully informed of your Data Protection policies during the onboarding process?

This was a key question that was posed to a panel of legal, HR and onboarding experts during the Q&A session of the recent ‘The data risks of new hires’ webinar, by PM Insight and webonboarding.

Creating an open and transparent onboarding process which keeps new hires fully informed of the data that is being collected and why, is a core requirement for GDPR compliance. This means providing onboardees with privacy notices setting out your organisation’s policy and approach for the use of their personal data. This should be carried out  as close to the point of initial data collection as possible.

The advice from panellist, Katherine Gibson, Legal Director at DLA Piper UK LLP, was for organisations to have a separate privacy notice for recruitment and onboarding. It is important to distinguish between data collected and used for external and internal hires. There is a requirement to reflect the different data sets associated with successful candidates as contracts are completed and references checked.

Inefficiency of manual onboarding

If you collect and store personal data before a successful candidate has received the appropriate privacy policy information and provided their consent - you risk breaching GDPR compliance. This creates a particular issue for hiring teams that are using manual methods to manage their onboarding process - with calls, posted paperwork and emails.

Making sure that privacy notices are received and accepted prior to data collection can become a slow and frustrating process for HR. The potential compliance risks increase with the volume and frequency of new hires being processed as policy notices are managed prior to any data collection and storage.

The ability to manage and control data privacy is a significant benefit that’s delivered by automated systems such as webonboarding. The software is designed to give HR a level of data control that’s simply not possible when using traditional onboarding approaches.

Smarter data management controls with webonboarding

All of the communications are handled via an online portal with real-time data allowing HR to monitor and track each stage of the process. It allows privacy notices to be integrated into the onboarding workflow with new hires being given instant access to data privacy policy documents.

Webonboarding is able to monitor when these documents are received, read and approved, keeping a close eye on the onboarding process and also spotting potential drop-outs..Completion of this task can be a prerequisite for further onboarding processes. The system creates a digital timestamp of when documents are received, creating an audit trail that demonstrates each step taken to ensure GDPR compliance.

It provides a robust, flexible and fully scalable process - one that’s just as effective handling 50 or 5,000 new hires. It’s a task that can quickly become unmanageable when hiring teams are attempting to handle it manually. Privacy policy information must be relevant and detail what is being collected,for which purpose and for how long. A one size privacy policy does not cover all and consideration should be given to the different data sets associated with internal and external onboardees.

You can watch the full presentation, with an overview of the benefits of an automated solution provided by webonboarding CEO Adam Reynolds, here.


Pin It