Recent Posts

 

GDPR & Payroll

1. What is GDPR?

 

GDPR is the new General Data Protection Regulation that applies to any company or company’s affiliate operating in the EU or any company that processes personal data of EU resident individuals. It stipulates more stringent requirements personal data of individuals with whom it conducts business (i.e. its customers, employees, partners, etc.), imposing the biggest changes in data privacy regulation in the last 20 years.  It goes into effect on May 25, 2018. Companies who are non-compliant with GDPR run the risk of hefty fines, up to 4% of revenues or €20 M, whichever is larger. You can learn more about the new regulation here.

GDPR-Payzaar

2. What is GDPR’s Impact on Payroll?

Payroll deals with personal information all of the time (e.g. names, addresses, social security numbers, employee contact information, bank data, social security data). So treating payroll information with privacy and confidentiality is critical. The new GDPR requirements therefore are particularly applicable to the Payroll function and places a great burden on every Payroll team to be compliant. For many companies this means reviewing their payroll processes and controls and implementing changes to communications and data handling processes, platforms and tools to reach the new GDPR compliance standards. For example, emailing payroll data between the customer organization and the local payroll provider or storing it on local FTP servers or Sharepoints will no longer be acceptable to demonstrate stringent data protection. At a high level, every company – small or large – needs to be able to demonstrate strong controls in place around:

End-to-end Data Security Measures

Data Access Controls

Data Retention & Purging Capabilities

Employee Data Request Procedures

Data Correction Capabilities

To read more about the impact of GDPR on the Payroll function, download our GDPR white paper.

3. How can Payzaar help

Payzaar has been designed to give multi-country organizations better controls and transparency to manage their payroll operations, data flows and communication via one consistent, central platform. By using Payzaar as a central platform to manage your local payroll operations you automatically apply strong data controls that help you to ensure compliance with GDPR. Payzaar gives you GDPR compliance in a box:

Data Security:

All data is hosted in data centers within the EU. Our world-class data hosting partner follows stringent data security protocols and is ISO 27001:2013 certified. All data – both at rest and in transit – is fully encrypted.

Data Access:

Data access is carefully managed via a centrally administered access permission matrix, allowing you to control exactly who has access to which information across the entire organization. Data access is also fully auditable globally so you can always trace back who accessed which data where and when anywhere in your organization.

Data Retention & Purging:

All payroll data is communicated through and stored in Payzaar and therefore it is easy to purge data from a single platform following clearly defined data retention rules rather than a range of tools and email inboxes. No need to worry about data copies floating around on decentralized file servers, email or laptops.

Data Requests:

In case an employee invokes their right to review all the data that the employer holds on them, any employee’s data can be readily pulled from our single global database where the data is consistently stored and searchable.

Data Corrections:

In case an employee invokes their right to review all the data that the employer holds on them, any employee’s data can be readily pulled from our single global database where the data is consistently stored and searchable.

Best of all, we can implement Payzaar within a matter of a few weeks across your entire organization, giving you strong, GDPR-compliant data protection controls for all your country operations without having to go through the time-consuming and difficult exercise of assessing and adjusting processes and procedures at the local level. With our central platform we automatically put in place the required data controls to make your organization GDPR compliant. Payzaar – GDPR compliance in a box!

 

To learn more, schedule an appointment.