10 thing you NEED to know about GDPR
1) What is GDPR?
GDPR stands for General Data Protection Regulation and will come into force on the 25th of May 2018. GDPR is a European privacy regulation replacing all existing Data Protection legislation. The aim of the GDPR is to protect all EU citizens from privacy and data breaches in an increasingly data-driven world. The current data protection legislation dates back to 1998 – a time when internet usage and cloud technology was vastly different.
2) Who does GDPR apply to?
The GDPR applies to all businesses including sole traders, located in the EU that process personal data. It also applies to non EU organisations if they offer goods or services to, or monitor the behaviour of, EU citizens. It applies to all organisations processing and holding the personal data of EU citizens, irrespective of the organisations location.
3) What is personal data?
Personal data is defined as “any information related on a natural person or ‘Data Subject’ that can be used to directly or indirectly identify a person.” Personal data can be a:
• A name
• A photo
• An email address
• Bank details
• Posts on social networking websites
• Medical information
• CCTV images
• Records of websites visited
• A computer IP address
4) What are the 6 principles of GDPR?
Personal data should be:
• Processed lawfully, fairly and in a transparent manner
• Collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes
• Adequate, relevant and limited to what is necessary
• Accurate and kept up-to-date
• Kept for no longer than necessary
• Processed in a confidential and secure manner
5) Where is a good place to start preparing?
A good starting point for preparing for GDPR is to create an inventory of all personal data held and answer the following questions:
• Why are you holding the data?
• What is the legal basis for holding the data?
• How is the data obtained?
• Why the data was originally gathered?
• How long is the data held for?
• How is the data saved? Is it saved securely?
• Is the data shared with anyone else and with whom?
As the GDPR requires organisations to be in a position to demonstrate compliance with its requirements, documenting the above will enable employers to:
• Identify and gaps in compliance
• Put in place processes to rectify gaps
• Produce evidence of its compliance on the new GDPR
In preparation for GDPR you must be aware of your data protection responsibilities and ensure that all employees are aware of their responsibilities when processing data. Ensure that you have an up to date data protection/privacy policies addressing the six principles of GDPR and apply it to your organisation.
For more information see: “12 steps to take for GDPR”
6) How do I report a breach?
A breach is defined as a breach of security leading to the destruction, loss, alteration, unauthorised disclosure of or access to personal data. Breaches must be reported to the ICO within 72 hours, but only if the breach is likely to result in a high risk to the rights and freedoms of individuals for e.g. result in discrimination, damage to reputation, financial loss, loss of confidentiality or any other significant economic or social disadvantage. Breaches likely to result in a high risk to the rights and freedoms of individuals must also be reported to the individuals concerned.
7) What are the consequences of a GDPR breach?
Organisations in breach of GDPR can be fined up to 4% of annual global turnover or €20 Million (whichever is greater). This is the maximum fine that can be imposed for the most serious infringements. There is a tiered approach to fines e.g. a company can be fined 2% of annual global turnover or €10 Million (whichever is greater) in some situations for lesser breaches.
8) Do I need a Data Protection Officer (DPO)?
The main role of the DPO will be to monitor internal compliance and it is mandatory to appoint a DPO for:
• Public Bodies
• Organisations engaged in large scale regular/systematic monitoring
• Organisations whose core activities consist of processing “special categories” of data or data relating to criminal convictions
• May be mandatory in other contexts as defined by Member State Law
9) What is Bright Contracts doing to ensure compliance with GDPR?
Data Protection has always been a priority for Bright Contracts and we’ve always aimed to act with complete integrity in this regard. We are committed to being GDPR compliant and are putting a number of security measures in place including:
• We are reviewing our privacy policy and making necessary changes where needed to ensure we are communicating accurately with our customers.
• In terms of the Bright Contracts content, we will be amending the appropriate data protection clauses in the contract and handbook. These will be completed well in advance of 25th May 2018.
10) How secure is my data in Bright Contracts?
Your Bright Contracts data files are encrypted so if someone gets a copy of your data they cannot read it. Whilst we have security measures in place to protect your data, it remains your responsibility to keep your sign in details secret and to sign out of Bright Contracts when you are not using it and to ensure there is no unauthorised access to your computer.
For further information register now for our GDPR webinars here
And read our GDPR blogs here
To book a free online demo of Bright Contracts click here
To download your free trial of Bright Contracts click here
The countdown to the GDPR is on!
With less than 5 month to go before the new General Data Protection Regulation (GDPR) comes into force employers are urged to start preparing immediately if they haven’t already done so.
What is it?
The GDPR is a European privacy regulation replacing all existing data protection regulations and will come into play on 25 May 2018. The aim of the GDPR is to protect all EU citizens from privacy and data breaches in an increasingly data-driven world.
The GDPR applies to all businesses including sole traders that process personal data (a name, photo, email address, bank details etc.) so it is safe to say that it will affect all businesses in some way. Employers are advised to be prepared otherwise they will face fines of up to €20M or 4% of annual global revenue, whichever is greater, for non-compliance. So how can you start preparing to ensure your business is fully compliant?
Preparation
A good starting point for preparing for GDPR is to create an inventory of all personal data held and answer the following questions:
• Why are you holding the data?
• What is the legal basis for holding the data?
• How is the data obtained?
• Why the data was originally gathered?
• How long is the data held for?
• How is the data saved? Is it saved securely?
• Is the data shared with anyone else and with whom?
As the GDPR requires organisations to be in a position to demonstrate compliance with its requirements, documenting the above will enable employers to:
• Identify and gaps in compliance
• Put in place processes to rectify gaps
• Produce evidence of its compliance on the new GDPR
In preparation for GDPR you must be aware of your data protection responsibilities and ensure that all employees are aware of their responsibilities when processing data. Ensure that you have an up to date data protection/privacy policies addressing the six principles of GDPR and apply it to your organisation.
For further information register now for our GDPR webinars here
And read our GDPR blog here
To book a free online demo of Bright Contracts click here
To download your free trial of Bright Contracts click here
What lies ahead for employers in 2018?
2018 looks set to be another busy year. We take a look at some of what’s coming down the pipeline.
April 2018 - Gender Pay Reporting
Private and voluntary sector employers in England, Wales and Scotland with at least 250 employees will be required to publish information about the differences in pay between men and women in their workforce, based on a pay bill ‘snapshot’ date of 5 April 2017, under the Equality Act 2010 (Gender Pay Gap Information) Regulations 2017. The first reports must be published by 4 April 2018.
Legislation in Northern Ireland mirror the above, except they also include fines of up to £5,000 for non-compliance, and a requirement to report on ethnicity and disability pay gaps, as well as gender.
April 2018: Termination Payments
The government plans to make changes to the taxation of termination payments from April 2018. The proposals include:
• removing the distinction between contractual and non-contractual PILONs (payments in lieu of notice) so that all PILONs are taxable and subject to Class 1 NICs]
• ensuring that the first £30,000 of a termination payment remains exempt from income tax and that any payment paid to any employee that relates solely to the termination of the employment continues to have an unlimited employee NICs exemption
• aligning the rules for income tax and employer NICs so that employer NICs will be payable on payments above £30,000 (which are currently only subject to income tax)
A government consultation on the issue closed in October 2016.
April 2018 – Restricting Employment Allowance for Illegal Workers
The government plans to introduce a further deterrent to the employment of illegal workers. From April 2018, employers will not be able to claim the Employment Allowance for one year if they have:
• hired an illegal worker
• been penalised by the Home Office
• exhausted all appeal rights against that penalty.
A consultation containing draft regulations closed in January 2017.
25 May 2018 – General Data Protection Regulations
The much anticipated General Data Protection Regulation will come into force from 25th May 2018. For those who haven’t already started preparing, now is the time. The GDPR will apply to ALL companies and sole traders that process personal data, the definition of personal data is broad and can include anything from a name, an email address or an IP address.
With possible fines of €20 million or 4% of annual turnover – which ever is higher, businesses need to sit up and take heed.
For further information of GDPR sign up to our employers webinar here or read our blog here.
To book a free online demo of Bright Contracts click here
To download your free trial of Bright Contracts click here
To subscribe to our newsletter click here
National minimum wage to increase on 1st April 2018
The Low Pay Commission’s Autumn 2017 report has been published and on the 1st April 2018, the minimum wage will increase again.
The National Minimum Wage (NMW) is the minimum pay per hour most employees are entitled to by law. An employee's age and if they are an apprentice will determine the rate they will receive.
| Rates from 1 April 2017 are: | Rates from 1 April 2018 will be: | |
| 25 yrs old and over | £7.50 per hour | £7.83 per hour |
| 21-24 yrs old | £7.05 per hour | £7.38 per hour |
| 18-20 yrs old | £5.60 per hour | £5.90 per hour |
| 16-17 yrs old | £4.05 per hour | £4.20 per hour |
| Apprentices under 19 or 19 or over who are in the first year of apprenticeship | £3.50 per hour | £3.70 per hour |
To book a free online demo of Bright Contracts click here
To download your free trial of Bright Contracts click here
Christmas Bank Holiday Entitlements
There are three public holidays coming over the festive season – Christmas Day, Boxing Day and New Year’s Day. Although many offices across the country will close during this period it can be one of the busiest times of the year for industries including retail, hospitality, and hair and beauty. So what public holiday entitlement are employees entitled to over this time?
Bank holiday entitlement
Employers do not have to give employees paid leave on bank holidays. Any right to time off, payment for time off or extra pay for bank holidays worked depends on the terms of the employee's contract of employment. Therefore employees may be required to work on bank holidays. Employers may choose to include bank holidays as part of a worker’s statutory annual leave.
Holiday leave entitlement
Employees’ holiday rights start on the first day of their employment.
Under the Working Time Regulations 1998, workers (including most agency and freelance workers) have the right to:
• 5.6 Weeks’ paid leave each year, this equates to 28 days for full-time employees
Part-time employees
Part-time employees are entitled to the same holidays as full-time workers, calculated on a pro-rata basis. For example:
• 5.6 x 5 working days = 28 days
• 5.6 x 4 working days = 22.4 days
• 5.6 x 3 working days = 16.8 days
Irregular hours
Annual leave for irregular workers is best calculated as a percentage using 12.07% of days worked.
Limits on statutory leave
Statutory leave is capped at 28 days per year. If an employee works 6 days per week their statutory entitlement is 28 days, not 33.6 (6 multiply by 5.6)
To book a free online demo of Bright Contracts click here
To download your free trial of Bright Contracts click here
Does my employee need a written statement of employment?
The main purpose of the written statement of employment, often referred to as the contract of employment, is to clarify the terms of a person’s employment and avoid uncertainty or misunderstandings, where employee expectations might not be the same as employer intentions.
All employers must provide an employee with a written statement of their terms of employment within 2 months of commencement of employment, including full-time staff, part-time staff, fixed-term and casual workers.
The written statement must include the following information:
- The full name of employer and employee
- The address of the employer
- Place of work
- Job title or nature of work
- The date the employment started
- Type of contract
- Rate of pay
- Pay intervals
- Hours of work
- Paid leave
- Incapacity for work, sick pay
- Any terms relating to a pension scheme
- Period of notice to be given by employer or employee
- Details of any collective agreements
- Pay reference period
Additional clauses can be recommended to further clarify the relationship. These might include:
- Probation clause
- Pay in lieu of notice clause
- Confidentiality clause
- Right to search
- The calculation of holiday pay
Failure to to provide contracts of employment could leave you wide open to a claim from their employees. Employers found not to have written terms of employment in place will be fined a maximum of 4 weeks’ remuneration per employee. Clearly worded contracts of employment are key to the success of any business. They will ensure your business is on the right side of employment law as well as help prevent disputes with employees.
To book a free online demo of Bright Contracts click here
To download your free trial of Bright Contracts click here
BrightPay - Payroll and Auto Enrolment Software
Bright Contracts - Employment Contracts and Handbooks
Trivial Benefit In Kind
Christmas is a time for giving so why not give your employees a seasonal gift like a turkey or a nice bottle of wine?
In order to provide these gifts – it must be ensured that the gift falls under trivial benefits in kind.
Trivial benefits apply where the benefit:
- Is not cash or a cash voucher
- Costs £50 or less
- Is not provided as part of a salary sacrifice or other contractual arrangement
- Is not provided in recognition of services performed by the employee as part of the employment, or in anticipation of such services
Accordingly, gifts that cost under the £50 limit would qualify. It is also possible to provide employees with a gift voucher (not a cash voucher) where the limit is £50 or less. They can only be provided as a gesture of goodwill be it at Christmas or other such seasonal occasions.
Employers no longer need to report such trivial benefits on P11ds or PAYE Settlement Agreements (PSA). However, if the gifts have a value in excess of £50 or cannot be counted as trivial benefit, then the gift must be reported on the form P11d and Class 1A NICS may be payable on the value of the gift.
£300 Annual Cap
There is an annual trivial benefits cap of £300 that is applied to directors or other office-holders of “close companies” (close company is a limited company that’s run by 5 or fewer shareholders) and to members of their families or households. The £300 annual cap does not apply to other employees.
BrightPay - Payroll and Auto Enrolment Software
Bright Contracts - Employment Contracts and Handbooks
Be careful of discrimination in job interviews
Having a wide range of interview questions is vital to find out as much information about a candidate as possible to assess whether they have the right skills and attributes for the role. When conducting an interview you may veer off your pre-set questions when building rapport with a candidate and to do a little digging in some areas, however asking the wrong question could leave you at risk of a hefty discrimination claim.
Marital and family status, sexual orientation
Although it may seem friendly asking if a candidate has a family or children it is not suitable for an interview. Asking such questions may leave you appearing more favorable to someone who may seem more stable or someone who might not have family commitments.
Do you have or plan on having children? What childcare arrangements do you have?
The job may require some overtime at short notice. What days/hours are you available to work? Can you travel?
Place of birth, race, religious beliefs
Again, employers may think they are being friendly asking questions like: where are you from originally? Or do you get to visit home often? But be warned that any questions surrounding birthplace, background or religious beliefs can lead to discrimination.
Where were you born? What religion do you practice?
Are you eligible to work in Ireland? What languages do you speak or write fluently?
Gender, age
Asking a candidate questions about their gender or age in relation to their ability to do a particular role is discrimination. If there are certain challenges to a role you may certainly ask about their ability to handle those situations but never imply that their gender or age may affect this.
We’ve always had a man/woman in this role. Do you think you can handle it? How many years do you think you’ll have left until you retire?
What can you bring to this role? What are your long term goals?
Location, disability, illness
You may think asking questions regarding where a candidate lives and how far/long it will take to commute to work is innocent but asking these questions could cause discrimination relating to a neighborhood heavily populated by an ethnic group or social class. Also asking questions around gaps in a candidate’s employment is acceptable, but asking questions around a disability and how it may affect their capabilities to do a job is not.
How far would your commute be? Do you smoke/drink?
Are you able to start at 9 am? Have you ever been disciplined due to alcohol/drugs?
To book a free online demo of Bright Contracts click here
To download your free trial of Bright Contracts click here
How to Avoid Harassment in the Workplace
The recent allegations against Harvey Weinstein in the US have created somewhat of a snowball effect worldwide with thousands of women and men speaking out about their accounts of sexual harassment and assault, many of them being work related. Allegations involving high profile individuals and people in authority have demonstrated just how widespread a problem this has become across all industries and professions and has exposed a sinister culture of silence, fear and acceptance which we must now turn on its head.
In the UK, the Equality Act 2010 prohibits sexual harassment, defined as conduct of a sexual nature which has the purpose or effect of violating the victim’s dignity, or of creating an intimidating, hostile, degrading, humiliating or offensive environment. Examples might include unwelcome sexual advances, displaying pornographic images, or sending emails containing material of a sexual nature.
Employers in the UK are responsible for their employees’ actions in the course of their employment, even if such actions are taken without the employer’s knowledge or approval. Employers should be able to demonstrate that all reasonable steps to prevent the employee from taking discriminatory action were taken, in order to build a successful defense.
Employers are therefore compelled to take steps to ensure a harassment-free work environment. Effectively organisations must set down clearly defined procedures to deal with all forms of harassment including sexual harassment.
There are a number of steps an employer can take to help prevent this type of behavior from occurring in the workplace:
A Bullying and Harassment policy
- to protect the dignity of employees and to encourage respect in the workplace
An Equal Opportunities policy
- to create a workplace which provides for Equal Opportunities for all staff
A Whistleblowing policy
- to enable staff to voice concerns in a responsible and effective manner.
Transparent and fair procedures throughout
Disciplinary action
- A sanction that is appropriate for the level of alleged harassment – to help try and change the culture of silence that has allowed harassment to become normal and protected.
Provision of on-going training
- At all levels within organisation
Bright Contracts has a fully customisable Staff Handbook, which includes a Bullying and Harassment Policy and also an Equality Policy and Whistleblowing Policy.
To book a free online demo of Bright Contracts click here
To download your free Bright Contracts trial click here
Government have launched Employment Tribunal fee refund scheme
Following the ruling in July this year which saw the Supreme Court rule employment tribunal fees as unlawful, the Government is now ready to start repaying the thousands of people that were charged.
The ruling, which was heralded as possibly the biggest employment law decision ever in the UK, saw the Supreme Court unanimously ruling that the Government was acting unlawfully when they introduced the fees back in 2013. Fees of up to £1,200 were introduced resulting in a dramatic fall from 5,847 employment tribunal cases the year before the fees were introduced, to 1,740 the following year.
The first steps
The first stage of the refund process will see up to around 1,000 people contacted individually and invited to complete their forms before the full scheme is opened up in the coming weeks. The Government is also working with Trade Unions who have supported large multiple claims, potentially involving hundreds of claimants.
People who were ordered by the Tribunal to reimburse their opponent their fee and who can show that they have paid it are also eligible to apply for a refund under the scheme.
Successful applicants to the scheme will be refunded their full fee and will also be paid interest of 0.5% calculated from the date of the payment right up to the date of the refund.
The opening phase of the refund scheme will last for around 4 weeks. Further details of the scheme will be made available once the scheme is rolled out fully.
For further details please see gov.uk
To book a free online demo of Bright Contracts click here
To download your free Bright Contracts trial click here
