The General Data Protection Regulation (GDPR) has transformed the theory of accountability from a basic data protection principle to a systematic and proactive approach to personal data collection and handling processes. Factors that constitute the risky behavior that the GDPR seeks to protect include those that may give rise to discrimination, identity theft or fraud; those that may cause reputational damage or any other economic/social disadvantage; and when the data is sensitive and in large quantities. Human resource professionals can prepare by first understanding the impact the GDPR may have on their business. This includes time, resources and financials that may be required to demonstrate compliance, carrying out privacy impact assessments and informing employees about upcoming changes.
Read more