GDPR has arrived and it affects every business in the UK. North Time Pro sees the introduction of the GDPR control which will assist companies to work within the data protection rules.
The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a regulation by which the European Parliament, the Council of the European Union and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU).
What does this mean for a company using an NTD workforce management system?
Before your upgrade, an NTD technician will discuss your company’s GDPR policy with your GDPR data controller.
This meeting will cover two main areas:
- The way in which NTD Ltd handles your company data which in turn will impact on the way our support team provides certain types of service.
For example, your business may require that North Time Pro never removes personal data from site. This information must be recorded against your SLA notes to ensure we do not create an environment where a personal data breach could occur
- The processing of personal data stored within the North Time Pro application. We will identify any personal information fields within North Time Pro that do not need to be recorded and take steps to ensure that they are made invisible. We will also discuss how long certain information needs to be kept by the company for people classed as employed or as a leaver. We will then create a series of GDPR housekeeping scripts that will ensure these rules are upheld.
Please note that North Time Pro will never delete any personal data. We think it is much safer that North Time Pro operates within your data controller’s policies and highlights data that requires deletion. This will always be completed by your data controller and is fully audited.
Some example GDPR housekeeping scripts:
- If North Time Pro is not being using as the primary HR system do not allow address information to be recorded.
- If North Time Pro is not being using as the primary HR system do not allow National Insurance data to be recorded.
- When an employee leaves the company, remove their biometric data within 24 hours.
- When an employee leaves the company, remove all records of their future holidays and medical appointments within 24 hours.
- When an employee leaves the company, delete all passwords to the North Time Pro app’, the TWC and the ESS within 24 hours.
- When an employee has left the company and after the statutory period, remove all attendance and absence information and personal data.