Since 2007, the 28th of January has been Data Privacy Day, an international holiday that aims to raise awareness and promote privacy and data protection.
There has been a lot of buzz today on social media regarding Data Privacy Day, so we quickly grabbed José Alberto Rodríguez Ruiz, Global Data Protection Officer here at Cornerstone and fired a few questions over to him to find out a bit more about Data Privacy Day and what it means for HR.
So, José tell us a bit about Data Protection Day
The world has changed. As technology advances and people, organisations and companies alike see the impact of data in their life, raising awareness and promoting privacy is becoming increasingly important – with the Data Privacy Day being a great example of bringing privacy to the forefront. Initially launched in Europe 12 years ago, it is now celebrated around the world including USA and Canada.
In fact, General Data Protection Regulation (GDPR) and the UK Data Protection Act of 2018 have gone a long way into informing both businesses and people about data best practices. In May, GDPR will have been in effect for a year and we’re just starting to see businesses held accountable. Last week, Google was fined £44m by the French data regulator, CNIL, for a breach of the EU’s data protection rules and the United Kingdom’s ICO has been consistently issuing six figure fines for example to Facebook, Uber and Equifax since May 2018 .
Ok, so it’s been around for a while now but what is important about Data Privacy Day in 2019?
For many organisations, bringing the topic of data privacy has encouraged a sense of trust and control of data between organisations and consumers. It’s about treating people with respect – a key principle of Data Privacy Day.
What’s the importance of data protection for HR professionals?
While a lot of the conversation around data privacy involves consumer data, organisations must not forget that they hold and treat a lot of data on their employees and candidates. From the moment that the legislation came into effect, we saw a higher focus on HR data and privacy, particularly with recruitment and candidate data. The HR market has matured substantially to the principles of GDPR and in protecting the privacy of individuals and employees. Organisations are moving from only focusing on consumer and client data, to acknowledging the risk posed internally by the employees, whose personal and sensitive data they manage every day. A greater understanding has developed, via common and best practices, on how organisations can achieve both, a compliant and proportional level of data protection which is respectful to the processing of employee and candidate private data by HR.
HR departments are starting to become “experts” in data protection and implementing data protection principles within HR processes, the same way they would be experts and implement labour code.
But while GDPR has prompted organisations to be compliant, days like Data Privacy Day will elevate the discussion. Being compliant is a process but data protection, which in reality is people’s protection, needs to be a culture. And that’s altogether much more powerful.
About the AuthorFollow on Twitter Follow on Linkedin More Content by Susan Hilliar