A Team Software Inc company


London – January 2018

The GDPR comes into force in May 2018. In summary, it requires that data must be: (a) processed lawfully, fairly and transparently; (b) collected for specified, explicit and legitimate purposes, including data obtained by tracking and recording an individual, such as time and attendance records; (c) limited to what is necessary in relation to the purposes for which it is processed; (d) held accurately and kept up to date; (e) kept for no longer than is necessary; (f) processed in a manner that guarantees its security.

This means that data held in respect of payroll, training, vetting, time and attendance and internal communications – to name but a few areas - will need to be handled more rigorously, with consent obtained from all staff and recorded securely.

What you should do

It’s important your organisation looks ahead to GDPR and lays the foundations to ensure compliance. Your approach should include:

  • Reviewing the GDPR guidance.
  • An assessment of your data processing activities.
  • Highlighting the systems and processes using data, and for what purpose.
  • Identifying current compliance measures and procedure.
  • Implementation of internal procedures.
  • Creating a GDPR compliance gap analysis.
  • Designing and implementing a set of compliance guidelines, or building on guidelines already in place. This may include the development of a Privacy Policy for staff, just as you currently have a Health and Safety or Equal Opportunities Policy.
  • Executing any technical or procedural changes needed.
  • Designing and implementing training programmes.
  • Monitoring compliance.
How can Templa help?

Clients who use TemplaCMS will be able to take advantage of new functionality that will assist companies with their own GDPR conformance. Managing personal data access and erasure will be included in this functionality. We will also be helping clients manage data security when using TemplaCMS Mobile and TemplaCMS Portal.