{"id":12199,"date":"2019-04-30T15:40:24","date_gmt":"2019-04-30T10:10:24","guid":{"rendered":"https:\/\/www.allsectech.com\/?p=3225"},"modified":"2024-09-02T10:30:11","modified_gmt":"2024-09-02T10:30:11","slug":"how-payroll-needs-to-change-with-gdpr","status":"publish","type":"post","link":"https:\/\/www.alldigitech.com\/2019\/04\/30\/how-payroll-needs-to-change-with-gdpr\/","title":{"rendered":"How Payroll needs to change with GDPR"},"content":{"rendered":"
The 2018 General Data Protection Regulation seeks to standardize, control, and protect the personal data of EU residents in and outside Europe. Indian companies that handle data of EU residents are affected by this regulation and need to institute frameworks for data protection in order to stay compliant with GDPR. Non-compliance can lead to hefty penalties up to 20 Million Euros (or 4 percent of the global turnover). <\/span><\/p>\n The inherent complexity and data heavy nature of payroll services mean that small slips in compliance can turn into costly mistakes.<\/span><\/p>\n In India, according to the Companies Act, 2013, the Boards and Directors of Indian companies are responsible for signing off legal and GDPR compliance. Every Indian company that handles personal data of individuals is required to employ a Data Controller or Data Protection Officer with clearly defined roles and responsibilities.<\/span><\/p>\n GDPR mandates that data controllers (employers, in the case of payroll services) should obtain consent from the data subject (employees) to process personal data. Employers are required to give employees full visibility of the data held about them. <\/span><\/p>\n When an employer uses a third party data processor, both the employer and the processor are jointly accountable for GDPR compliance. This includes third party partners for data storage, management and marketing. It is therefore important to look for accredited organizations with trusted security credentials when choosing an outsourcing partner.<\/span><\/p>\nWhat it means for your payroll management system<\/span><\/h2>\n
Data Protection Officer<\/span><\/h3>\n
Data controllers and data subjects<\/span><\/h3>\n
Third party data processors<\/span><\/h3>\n
Employee rights<\/span><\/h3>\n