Don’t let GDPR stop you keeping your workers safe

GDPR-WIDE.png

If you’re not aware of the new General Data Protection Regulation (GDPR), effective from 25 May 2018, you need to get up to speed now. If you were already complying with the original Data Protection Act, most of your digital communication processes should already be compliant. However, Health & Safety Managers need to be particularly careful when using online tools and apps to monitor remote workers. 

GDPR, in short, lays down the law on how to store, transfer, and process Personally Identifiable Information (PII). You need explicit, unambiguous consent from people to continue using their data in specific ways. If you didn’t get that consent when you originally collected the data, you will not be able to use it now and you will probably have to delete it (check the ‘storage limitation’ rules to be sure).

An increasing number of HR and H&S professionals are using digital technology to monitor employees, particularly remote workers. The monitoring software may link to mobile phones, laptops, body-worn video cameras or other personal technology. It can help prevent employee accidents, reduce stress and save lives – but you must remember that the data you are gathering always belongs to the individual.

Workers who use your systems, whether apps or browser-enabled tools, have the right to request a report showing all the PII that you have stored on them. They also have the ‘right to be forgotten’ – they can request you delete all their personal data (and that means ‘hard’ delete, not just hide). You must also ensure you handle all PII in a secure and responsible manner, particularly when using cloud storage.

hold-phones.png

Five ways Safepoint helps you protect remote workers

We take the protection of personal data as seriously as we take the protection of people. The people who use our app must have confidence in both the effectiveness of our service and our respect for their privacy. Here are five ways we ensure that Safepoint complies with GDPR. 

  1. We only store minimal data on individual workers, and we’ll make you aware of any details we intend to store.

  2. We do not collect or store (or have access to) anyone’s home address, bank details or unnecessary sensitive personal information.

  3. The Safepoint app comes complete with an easy to use, GDPR compliant PII request tool.

  4. If a user stops using our app, they can delete their data (retention rules may apply in some circumstances). Employers using our Guardian portal can also delete any data they have collected when an employee leaves the company.

  5. We use the latest secure cloud technology to store and transfer the data. If your development team would like to discuss this in more detail, please contact us.

To find out more about how Safepoint can protect your lone workers, see our how it works page.