An often-overlooked aspect of GDPR is that workforce identity records are subject to a similar set of privacy requirements as consumer identity (GDPR/HR). California recently updated CCPA to make this explicit (CPRA). Regulators are bringing in new regulations, not only in EU, UK, or California, but also in other countries/states (e.g., APP, PIPEDA).

The scope of what is collected as employee/HR data is broad. The collection span and use of that data extend beyond just the duration of the employer-employee relationship. Disconnected systems may collect data and lack Privacy Impact Analysis, too. Even though there may be “legitimate basis,” it is recommended to err on the side of caution.

Irrespective of legal requirements, a workplace where privacy is valued and respected enhances mutual trust, protects the Employer from potential legal battles, and makes personal data handling compliant and/or future-ready.

In this session, we will discuss why Privacy Impact considerations should be integral to Workforce Identity Management. Join me to learn how the technologies/tools available today can help companies mature their HR data collection, use, share, and retention processes to deliver a secure, privacy-preserving, and enhanced user experience to their distributed workforce.