Nearly 5 months since the General data Protection Regulation (GDPR) was introduced across all of the European Union, complaints around Data Protection have nearly doubled in the UK according to the Information Commissioner’s Office (ICO)
GDPR was designed to give Data Subjects more control over their personal data, with more transparency and the threat of larger fines to those in breach of the new rules. The GDPR requires any company that suffers a data breach to notify its users/data subjects within 72 hours of the breach being discovered.
• Data protection complaints to the UK’s ICO rose to 4214 in July compared to just 2310 complaints received in May before the GDPR came into force. A spokes person for the ICO said the increase was expected, as more users became aware of data protection because of publicity around the new rules and following a series of high-profile data scandals involving some well-known household names, like Morrison’s and Dixons Carphone.
• In July the ICO reported that since May 25th, it had seen a four-fold increase in the number of breaches that organizations were self-reporting.
Experts note, however that the increase’s do not mean that the number of data breaches has suddenly gone up, but rather reflects the full scale of the data breach problem becoming better known.
Organisations that fail to comply with GDPR can face fines of up to 4% of annual global revenue or €20 million, whichever is greater. So far none of the EU’s Data Protection Agency’s have levied any fines. Multiple DPA’s told the International Association of Privacy Professionals Advisor Newsletter that it is simply too soon.
We will be hosting a free online webinar on ‘GDPR 5 Months On’ on Tuesday October 16th at 11am, where we will look at the implications of GDPR on payroll processing and how employer’s can be demonstrate compliance by following a few, simple steps.
To register for this webinar please click here.
Is the emailing of payslips permissible under GDPR?
There is nothing in the GDPR that states it is no longer permissible to email payslips, this practice is still very much acceptable. The thing to keep in mind in relation to emailing payslips is to ensure that all appropriate security measures are in place. The payslips that are emailed from BrightPay are encrypted and deleted from our servers once sent, however it may also be prudent of a processor of the payroll to password protect the payslips also. It will be the responsibility of the Data controllers (employers) to be vigilant that correct email addresses are inputted.
Can I still use my hard-earned mailing lists after May 25th?
Not automatically - the GDPR states that to be able to ‘Lawfully Process’ personal data you must be able to fall into at least 1 of the 6 processing classifications, the first one being Consent. Consent must be:
• Specific, informed, unambiguous, and freely given – there must be evidence that clear affirmative action has been given.
• Must be for a specified purpose
• Where consent is obtained as part of a larger document covering other things, consent text must be clearly distinguished from everything else
• Evidence needs to be retained as to how the consent was obtained. For example; forms, brochures signage, website screenshots.
• Language must be accessible and easily understood.
• Have a clear and seamless opt-Out process in place.
If you have mailing lists that you’ve used pre GDPR you will not be able to continue using them if you haven’t got specific approval or consent from the individuals.
Do we need to ask for consent from our employees to process their data?
No, as the reliance for processing and retaining their data will be down to lawful processing because of the employer’s legal obligation to deduct taxes etc. and also down to the contractual agreement in place to pay them and pay forward the taxes owed on their behalf. And also to the nature of the relationship between the employer and the employee, the status quo is in the employer’s favour so consent would not be unambiguous or freely given.
More information can be found in the GDPR section of our online support documentation on our website - Bright Contracts UK - GDPR
As one of the largest payroll software providers in the UK and Ireland, we have a lot of customers using our payroll software, but did you know that we have a number of other useful HR software packages available?
BrightPay is a payroll software which is future-proof, having been programmed using modern technology, it allows the user to process and run payroll effortlessly no matter how large or complicated it may be. Having a feature-rich interface allowing the user to customise reports, set up unlimited pay rates, additions and deductions, the options are endless making the weekly/monthly pay-run a breeze!
As with the Windows version, BrightPay for MAC has no unnecessary limitations or pointless restrictions on what you can do. It has proven to be a breath of fresh air for many customers who have switched from competing products. Features like seamless RTI and automatic enrolment functionality have been elegantly integrated into the software along with other key features such as CIS and HMRC payments – including the Employment Allowance and Apprenticeship Levy.
BrightPay Connect is a powerful add-on to the payroll software which enables secure automatic backups of your payroll data to the cloud. The web based self-service dashboard for employers and their employees is an invaluable tool for those employers looking to put their best foot forward in terms of GDPR readiness and compliance.
The tax office helpline has been branded a 'lottery' with almost a third of callers cut off before they even get to speak to an adviser, according to new research, the DailyMail wrote.
The average waiting time to speak to a real person was 18 minutes - with one person left hanging on the line for 41 minutes.
Consumer champions Which? tested Her Majesty's Revenue and Customs (HMRC) helplines ahead of the self-assessment tax return deadline on January 31st.
Which? researchers made 100 calls to HMRC's self-assessment and general enquiries helplines to see how easy it is to get through to an adviser.
Nearly a third of the calls (29 per cent) were cut off by the automated system before the caller could speak to anyone, with callers being told it was because the helpline was 'very busy'. In the 71 calls where researchers did manage to get past the automated system, they were then put on hold. On average it took 18 minutes to speak to a real person, but one caller was left waiting for 41 minutes.
The Which? researchers found the later in the day they called, the longer the wait and the more likely they were to be cut off.
The automated system also struggled with certain words and phrases. A query about 'my tax code' was fine but when asked 'Do I need to pay tax on premium bond winnings?' it asked if the caller was changing a name, or asking about a VAT surcharge notice.
In a separate survey of more than 1,000 Which? members, one in five (20 per cent) who had contacted HMRC in the last year said they found contacting them difficult, compared with 15 per cent of those who contacted the Department of Work and Pensions, 12 per cent who contacted their local authority and eight per cent who contacted the DVLA.
Richard Lloyd, Which? executive director, said: 'We've found people could face lengthy waits or even be cut off when trying to get assistance from HMRC's helplines. 'With large numbers of people soon to be seeking help with their self-assessment tax return, we want to see HMRC doing more to monitor and improve their call-waiting times.'
Which? said it had shared its findings with the Treasury and HMRC and have also briefed the Public Accounts Committee.
Hopefully this might help them to improve their automated and phone systems in time for the Tax Deadline on the 31st of January.
The ongoing issue of Zero Hours Contracts raised its head again recently.
At a Labour Party conference in Coventry, Ed Miliband hit out at the UK sports giant, “Sports Direct” for its high use of Zero Hours Contracts by stating "Zero-hours contracts are the way Sports Direct employs the vast majority of its workforce - 17,000 out of its 20,000 workers. “He added: "These Victorian practices, the epidemic of zero-hours contracts that we see at Sports Direct, have no place in the 21st Century."
Miliband has promised that the next Labour Government will bring in new laws giving workers a regular contract if they are working regular hours, the right to refuse demands will be available outside their contracted hours and compensation when shifts are cancelled at short notice.
Miliband’s decision to address this issue and in particular to name a specific company is a brave one after Chris Bryant, a shadow minister, had to backtrack on claims he made about Next and Tesco employing cheap foreign labour last year. It may also fuel criticism from his opponents that the party is too anti-business.
There has been recent concern that zero hours contracts do no offer enough financial stability and security. However following a recent review the Government has ruled out banning zero hours contracts completely,although it is banning the use of exclusivity clauses, where employees on zero hours contracts are only permitted to work for one employer.
This is a hot topic at the moment and one to watch in the future.
For more information on zero hours contracts please see our website;