Archive RSS
Blog  »  Employee Records
1
Jul 21

Posted by
Jennifer Patton

Your GDPR Questions Have Been Answered!

GDPR/ the General Data Protection Regulation has been around since May 2018 but the stipulations surrounding GDPR can still be confusing at times which is why we decided to cover this topic as FAQ's but firstly to explain what GDPR is, it is the toughest privacy and security law in the world. Even though it was drafted and passed by the European Union (EU), it imposes obligations onto organizations anywhere, so long as they target or collect data related to people in the EU. Under GDPR you have a fundamental right of access to your personal data from data controllers.

What is personal data?

Personal data is information that relates to you, or can identify you, either by itself or together with other available information. Personal data can include your name, address, contact details, an identification number, IP address, CCTV footage, access cards, audio-visual or audio recordings of you, and location data.

What personal data can employers lawfully process?
GDPR states that to be able to ‘Lawfully Process’ personal data you must be able to fall into at least 1 of the 6 processing classifications, the first one being Consent. Consent must be:

  • Specific, informed, unambiguous, and freely given – there must be evidence that clear affirmative action has been given.
  • Must be for a specified purpose
  • Where consent is obtained as part of a larger document covering other things, consent text must be clearly distinguished from everything else
  • Evidence needs to be retained as to how the consent was obtained. For example; forms, brochures signage, website screenshots.
  • Language must be accessible and easily understood.
  • Have a clear and seamless opt-Out process in place.
  • If you have mailing lists that you’ve used pre GDPR you will not be able to continue using them if you haven’t got specific approval or consent from the individuals.

Do we need to ask for consent from our employees to process their data?

No, as the reliance for processing and retaining their data will be down to lawful processing because of the employer’s legal obligation to deduct taxes etc. and also down to the contractual agreement in place to pay them and pay forward the taxes owed on their behalf. And also to the nature of the relationship between the employer and the employee, the status quo is in the employer’s favour so consent would not be unambiguous or freely given.

Is the emailing of pay slips permissible under GDPR?
There is nothing in the GDPR that states it is no longer permissible to email payslips, this practice is still very much acceptable. The thing to keep in mind in relation to emailing payslips is to ensure that all appropriate security measures are in place. The payslips that are emailed from BrightPay are encrypted and deleted from our servers once sent, however it may also be prudent of a processor of the payroll to password protect the payslips also. It will be the responsibility of the Data controllers (employers) to be vigilant that correct email addresses are inputted.

Do I need to provide my employees with training about GDPR?

It is advised that employers provide training to all individuals about their data protection responsibilities as part of the induction process. Additional training should be provided at regular intervals thereafter or whenever there is a substantial change in the law or The Company’s policy and procedures.

If data protection is breached, what are the consequences?

It is important that you comply with the GDPR legislation and put adequate policies and procedures in place. Your organisation can be inspected and could face significant penalties if your practices are in breach of GDPR. The GDPR allows the EU's Data Protection Authorities to issue fines of up to €20 million or 4% of annual global turnover (whichever is higher).

Bright Contracts contains a 'Data Protection' section of the Company Handbook which can be viewed under the 'Introduction' tab. Download a trial of our software to see a sample of this content.

 Related Articles:

 - How BrightPay Connect is helping with GDPR

Online Payslips: Their benefits and why you should use them

GDPR and Thesaurus Software

Posted in Company Handbook, Contract of employment, Employee Contracts, Employee Handbook, Employee Records, GDPR, General Data Protection Regulation

24
Jul 18

Posted by
Jennie Hussey

Back to Basics - New Employees

We often get calls into the helpline requesting basic information on HR/Employment Law queries like how to deal with new starters or when should an employer invoke the disciplinary procedures, so we will look at some basic HR topics in a series of blogs starting today with new employees.


New Employees
• A new employee is required by law, under the Unfair Dismissal Act, to receive a copy of the company’s ‘Dismissal Procedures’, which are usually contained in the ‘Disciplinary/Grievance Procedures’ of the Staff or Company Handbook, within 28 days of starting work with the company.
• Under the Terms of Employment (Information) Act 1994 the employer is obliged to furnish new employees within 2 months of starting, with a ‘Written Statement of ‘certain’ terms and conditions’ of their employment, also known as an ‘Employment Contract’.
• The new GDPR regulations specify that employers must provide their employees with information about what personal data they hold on them, for what purpose and how it was collected, who it may be shared with, what security measures are in place to keep it safe and what the employee’s rights are as well as other specific requirements. This is called an ‘Employee Privacy Policy’ or ‘Employee Privacy Notice’ and should be given to the employee as an addendum to their Employment Contract.

Based on these 3 pieces of legislation it would be best practice to provide your new starter with their Employment Contract, Privacy Policy and Staff/Company Handbook on their first day of work, if not before it. An employer can be fined up to 4 weeks pay for not providing the employee with their ‘Written Statement of Terms and Conditions of Employment’ within the 2 month timeframe, so it is best to get into the habit of furnishing the documents as soon as possible.

There is no requirement for a signature from the employee on any of these documents; however it would be prudent of an employer to request a signature from the employee or at least some form of acknowledgement or proof of the employee receiving the documents.

The new Employment Bill 2017, yet to be introduced, stipulates that a new employee should receive some details of their terms of employment within 5 days of starting with a company but it is yet to be seen whether this aspect of the Bill will get the go ahead.

Bright Contracts offers employers a simple and user-friendly system which enables them to easily create and customize all of these documents and keep an electronic record on file. To download a Free Trial click here or book an online Demo of the Bright Contracts software.

 

Bright Contracts | Thesaurus Payroll Software | BrightPay Payroll Software

Posted in Company Handbook, Contract of employment, Dismissals, Employee Contracts, Employee Handbook, Employee Records, Employment Contract, GDPR, Staff Handbook

22
Jun 18

Posted by
Jennie Hussey

Privacy Policies - a GDPR requirement

One of the main principles of GDPR is that Data shall be processed lawfully, fairly and in a transparent manner, these three elements overlap and all three must be satisfied in order to demonstrate compliance.
Employers, as both Data Controllers and Processors, must be able to show how they comply with the new data protection principles and be clear and open with their employees about the processing of data and their rights. The GDPR stipulates that anywhere personal data is being collected, either directly or indirectly, Privacy Notices should be in place, these policies are critical to complying with the transparency obligations in the GDPR. So the introduction of an Employee Privacy Policy will cover the required elements and ensure demonstratable compliance in this regard.


The Privacy Policy should be written in a clear and easily-understandable format and must include;


• What data is processed – name, address, PPS no., bank details, etc.
• How it was obtained – employee detail request form, CV, ROS, etc.
• The ‘legal basis’ for processing the data – contractual necessity, legal obligation, etc.
• Who has access to it and any third parties– HR dept., payroll clerk, pension company
• How it is stored and security – HR system, Thesaurus software, encryptions, etc.
• How long it is kept for –set in company policies or statutory requirements
• The rights of the employee – right to access, rectification, erasure, etc.
• If data is transferred outside the EEA
• Contact details of Data Controller


We have recently upgraded our Bright Contracts software to include a new Employee Privacy Policy feature, so now employers can facilitate the main GDPR principle of lawful, fair and transparent processing of the employee data. We have also updated the Data Protection Policy within the Handbook and the Data Protection Clause within the contracts.


To download a free trial of Bright Contracts, click here.
To request a free online Demo of Bright Contracts, click here.

 

Bright Contracts | Thesaurus Payroll Software | BrightPay Payroll Software

Posted in Bright Contracts News, Contract of employment, Employee Contracts, Employee Records, GDPR, General Data Protection Regulation, New Features, Software Upgrade

12
Apr 18

Posted by
Laura Murphy

How GDPR will affect your employee processing

The General Data Protection Regulation (GDPR) will come into force on 25th May 2018 changing the way we process data forever. The aim of the GDPR is to put greater protection on the way personal data is being processed for all EU citizens. Personal data can be anything from a name, an email address, PPS number, bank details etc so as you can imagine employers process a huge amount of personal data on a daily basis. So how will the GDPR affect employers in terms of processing employee data?

Consent

Data in the employment context, will include information obtained from an employee during the recruitment process (regardless of whether or not they eventually got the job), it will also include the information you hold on current employees and previous employees. All this information may be saved in hard copy personnel files, held on HR systems or it could be information contained in emails or information obtained through employee monitoring.

Under GDPR your employee’s will have increased rights around their data.

These rights will include:

  • The Right to Access. It’s not a new concept that employees will be able to request access to the data you hold on them. However, there is a new recommendation that where possible employers should provide their employees with access to a secure self-service login where they can view data stored on them. This backs-up the whole concept of transparency and ease of access to data, which underpins the new Regulations.
  • The Right to Rectification. Individuals are entitled to have personal data rectified if it is inaccurate or incomplete. This is an existing right and the onus is on the employer to ensure that your employee records are kept up-to-date. To help ensure you maintain up-to-date records, employers should make it easier for employees to update their data.
  • The Right to be informed. Employers must be very transparent with employees about what data you hold, why and how long it is held for. Up until now it has been the common practice for many employers to include a standard clause in the employment contract regarding the processing of HR Data, under GDPR that will no longer be sufficient. Employers need to be reviewing their Employee Data Protection Policies and possibly writing new Employee Privacy Policies that go into detail on the processing of employee data.

Employee self service

Under the GDPR legislation, where possible employers should be able to provide self-service remote access to a secure system which would allow employees view and manage their personal data online 24/7. Furthermore, the cloud functionality will improve your payroll processing with simple email distribution, safe document upload, easy leave management and improved communication with your employees. By introducing a self-service option, you will be taking steps to be GDPR ready.

 

For information on how long to keep on employee files please see our blog: How long should you retain employee records under GDPR?

To book a free online demo of Bright Contracts click here.
To download your free trial of Bright Contracts click here.

Posted in Bright Contracts News, Contract of employment, Employee Handbook, Employee Records, Employee Self Service, GDPR, General Data Protection Regulation

4
Apr 18

Posted by
Lauren Conway

How long should you retain employee data under GDPR?

The General Data Protection Regulation (GDPR) will come into force on 25th May 2018, legislation with new rules and guidelines on how to protect and process personal data. Employee personal data held may include: name, address, phone number, email address, emergency contact details, PPS number, bank account details etc.

The GDPR requires that when retaining and processing personal data there must be lawful reasoning for doing so. In terms of processing employee data employers are likely to rely on a number of lawful reasons, mainly: to fulfill contractual obligations, legal obligations or other legitimate interests. Under data protection legislation employee data should be kept for no longer than is necessary, for the purpose that it was retained. However, when deciding how long to retain personal data employers should be guided by employment legislation.

So how long should I retain employee data?

Written Terms of Employment – 1 year

Employers must retain a copy of this statement throughout the employee’s employment and for one year after termination at a minimum.

Payroll details and Payslips – 6 years

Records, calculations and documents relating to the value of benefits for employees must be kept for 6 years in the event of an audit by Revenue. The WRC may also inspect these in an audit and seek evidence that employees are supplied with payslips.

Hours of Work – 3 years

Details of days and hours worked each week, annual leave and public holidays taken and payment received for same. Rest break records and/or records of notification of employees being fully informed about rest break entitlement and procedures if rest break is unable to be taken.

Maternity and Adoptive Leave Records – none

While there is no set period of the retention of data on maternity leave or adoptive leave records, claims can be made within 6 months of employers being informed of an issue giving rise to a dispute or extended to 12 months in exceptional circumstances.

Parental Leave – 8 years

Records of Parental Leave, including the period of employment of each employee and the dates and times of the leave taken, must be retained for 8 years.

A more detailed list of Employee Record Keeping Requirements can be viewed here.

Where legislation gives no guidance on record keeping requirements, employers should carefully predetermine, and include in any employee privacy notice, how long and the grounds they will use for retaining that data. For example; an employer may decide to retain all performance review records for the entire duration of an employee’s employment to monitor employee performance.

Whatever the reasoning behind retaining employee data – whether it be legal or other business reasons, employers need to ensure they have a clear policy outlining their reasoning, that this is easily accessible to employees and that the policy is consistently applied.

To book a free online demo of Bright Contracts click here.
To download your free trial of Bright Contracts click here.

Posted in Contract of employment, Employee Contracts, Employee Records, Employment Tribunals, GDPR, General Data Protection Regulation, Parental Leave, Workplace Relations Commission, WRC

26
Oct 17

Posted by
Marzena Ignar

Does my employee need a written statement of employment?

The main purpose of the written statement of employment, often referred to as the contract of employment, is to clarify the terms of a person’s employment and avoid uncertainty or misunderstandings, where employee expectations might not be the same as employer intentions.

The Terms of Employment (Information) Acts 1994 require an employer to provide an employee with a written statement of their terms of employment within 2 months of commencement of employment. The above Act covers all employees working under a contract of employment, including full-time staff, part-time staff, fixed-term and casual workers.

The written statement must include the following information:

  • The full name of employer and employee
  • The address of the employer
  • Place of work
  • Job title or nature of work
  • The date the employment started
  • Type of contract
  • Rate of pay
  • Pay intervals
  • Hours of work
  • Paid leave
  • Incapacity for work, sick pay 
  • Any terms relating to a pension scheme
  • Period of notice to be given by employer or employee
  • Details of any collective agreements
  • Pay reference period

Additional clauses can be recommended to further clarify the relationship. These might include:

  • Probation clause
  • Pay in lieu of notice clause
  • Confidentiality clause
  • Right to search 
  • The calculation of holiday pay

Failure to comply with the above Act could leave employers open to a claim from their employees. Employers found not to have written terms of employment in place will be fined a maximum of 4 weeks’ remuneration per employee. Clearly worded contracts of employment are key to the success of any business. They will ensure your business is on the right side of employment law as well as help prevent disputes with employees.

To book a free online demo of Bright Contracts click here
To download your free trial of Bright Contracts click here

Posted in Contract of employment, Employee Contracts, Employee Records, Employment Contract

19
Sep 17

Posted by
Lauren Conway

4 Reasons why contracts of employment are needed

We’ve heard all the excuses before; “I’m too busy and don’t have the time”, “It’s too expensive to implement contracts”, or “I only have four employees, I don’t need to provide employment contracts”. If you are an employer you are obliged to provide your employees with a written statement of terms of employment.

We have compiled the 4 most important reasons why contracts of employment are needed.

It is a legal requirement

Under the Terms of Employment (Information) Acts 1994-2014, as an employer you must provide a written contract of employment to a new staff member no later than 2 months after their commencement. Employers must also provide employees with written disciplinary procedures, and procedures that the employer will follow when dismissing an employee, within 28 days of the employee starting. These procedures may be included in the employment contract or in the company handbook.

Protect your business against costly disputes

Having contracts of employment in place offers your business protection in the case of a dispute. A dispute can escalate to the WRC, where not having clearly documented terms of employment can really leave you wide open as an employer. If you are found not to have contracts of employment in place for your staff you will face a fine of 4 weeks’ pay per employee. In the case of a dispute, employers could face fines equating to two years remuneration - the maximum compensation award.

Protect your company against WRC inspections

Approximately 5,000 workplace inspections are carried out by the WRC every year, with 60% of them being unannounced. During a WRC inspection, the first thing they will ask to see is a copy of your contracts of employment. In 2016, 62% of employers failed to keep adequate employment records. Inspectors may issue on the spot fines for amounts up to €2,000 where they have reasonable cause to believe that a person has committed a relevant offence.

Instills confidence in you and your employees

In terms of the employer/employee relationship, the contract of employment is the most important thing you’ll ever deal with. It is the foundation stone of the employer/employee relationship. Having contracts of employment in place will clarify certain conditions for you and your employee so that both parties are aware of what is expected of them. Having contracts in place will also instill confidence in you, knowing that you are doing everything you can do to protect yourself and your business in any situation that may arise.

It is never too late to put contracts of employment in place. Read our blog “How can I introduce contracts to existing employees?” and follow our 4 simple steps here.

To book a free online demo of Bright Contracts click here
To download your free Bright Contracts trial click here

Posted in Company Handbook, Contract of employment, Dismissals, Employee Contracts, Employee Handbook, Employee Records, Employment Contract, Employment Tribunals, NERA, Pay/Wage, Sick Leave/Absence Management, SME, Staff Handbook, Wages

30
Aug 17

Posted by
Jennie Hussey

The importance of having an Absence/Sick Leave Policy

As an employer, it can be quite a daunting prospect having to deal with sick leave and long-term sick leave can throw up other issues making it seem more complicated and even more daunting for the employer to deal with effectively. So how can an employer ensure compliance during these periods of absence?

First and foremost an Absence/Sick Leave Policy needs to be put in place. It must contain clear and concise guidelines for the employee and employer to follow in cases of absence

Your Absence Policy should include:

1. Details of any company Sick Pay Policy:

  • If an employer will/will not pay employee while on certified/uncertified sick leave.
  • If payments are to be made, length of term for payments.

2. Notification and certification requirements if employees are absent due to illness:

  • How much notice an employee needs to give an employer if they will be absent from work.
  • After how many days of absence a medical certificate is required.
  • For long-term absences, how often a medical certificate is required to be presented to the employer.

3. A statement that in the case of long-term absence due to illness, the employee may be required to attend a company GP or other nominated medical persons/facilities at the request of the employer.

It would also be advisable to include details on what is classed as being short-term, long-term and unauthorised absences - Unauthorised leave is absence by the employee without consent or approval from management or without proof of illness by means of a doctors certificate and should be dealt with as a matter of misconduct via the company disciplinary procedures.

As with most company policies and procedures, once in place, the employees will be aware of what is expected of them during times of absence or sick leave; this, in turn, should eliminate any further issues from arising.

Bright Contracts has a comprehensive Absence and Sick Leave Policy built into the Company Handbook which can be customised to suit your own company specifications and requirements.

BrightPay - Payroll and Auto Enrolment Software
Bright Contracts - Employment Contracts and Handbooks

Posted in Company Handbook, Contract of employment, Employee Contracts, Employee Handbook, Employee Records, Employment Contract, Pay/Wage, Sick Leave/Absence Management, Staff Handbook

18
Jul 17

Posted by
Lauren Conway

Workplace Relations Commission Annual Report Findings

The Workplace Relations Commission (WRC) has released their second annual report revealing interesting and surprising statistics. In 2016, a total of 4,830 inspections were carried out, of which 60% were unannounced. 2,398 breaches of employment legislation were recorded with an average of 1.2 breaches per employer. By far the most common breach was the failure to keep adequate employment records (62%) followed by employment permits irregularities (17%).

Other highlights from the report are:

• 14,400 complaints were made
• €1.5m was recovered in unpaid wages
• Almost 75,000 employees were covered by inspections
• 85% of workplace disputes were resolved

The most common complaints that were heard include:

• 28% Pay related issues
• 15% Unfair dismissal issues
• 12% Working time issues
• 11% Discrimination/equality related
• 9% Trade disputes/IR issues
• 9% Terms and conditions of employment-related

The sectors showing a higher degree of non-compliance were:

• 60% Electrical
• 53% Hair and Beauty
• 49% Construction
• 47% Agriculture
• 45% Wholesale and Retail

Keeping appropriate employment records is not just a legal requirement placed on the employer but is also protection for both the employer and employees. Having proper records in place ensures that information and documents regarding wages, hours worked etc., are readily available in the case of grievances and disputes or a WRC inspection. Not having records in place leaves the employer is at a distinct disadvantage in the event of a dispute and at risk of failing an inspection. Primary to this employers are advised to have robust contracts of employment and policies and procedures in place and to ensure that they are fully compliant and kept up to date.

To book a free online demo of Bright Contracts click here
To download your free Bright Contracts trial click here

BrightPay - Payroll Software
Bright Contracts - Employment Contracts and Handbooks

Posted in Company Handbook, Contract of employment, Dismissals, Employee Contracts, Employee Handbook, Employee Records, Employment Contract, Employment Tribunals, Pay/Wage, Staff Handbook, Wages

19
Nov 13

Posted by
Laura Murphy

How to Manage your Employee Files

All employers need to retain certain information on their employees.

Maintaining accurate, up-to-date employee files ensures employers are:
• compliant with employment law
• prepared to deal with employee relations issues
• equipped to handle any audit or NERA inspection enquiries

Creating & Storing Employee Files

For most companies manual files are the easiest, most convenient way to retain employee files. However, more companies are moving towards electronic records. Personnel files, of both past and present employees, should always be stored securely and confidentially:
• Filing cupboards should be locked or files should be stored in a locked room
• Only those staff who need to use the data should have access to it
• Electronic records should be password protected
• Files should not be removed from their normal place without good reason

Employees Accessing Their own File

Under the Data Protection Act employees have a right to access their personnel file and obtain information with regard to why data is being stored and how it is being processed/used.

With this in mind, employers should:
• never record something that they wouldn’t want a tribunal to see
• hold only factual information (no criticisms or comments about an employee’s personal circumstances or beliefs)
• only hold information pertaining to the individual in question on file otherwise you may infringe on another employee’s Data Protection Rights

Employees’ right to access their own files continues after they have stopped working with a company.

Further details on records to be kept can be found in our guidance note on Record Keeping Requirements. http://www.brightcontracts.ie/docs/record-keeping-requirements/

BrightPay - Payroll Software

Bright Contracts - Employment Contracts and Handbooks

Posted in Company Handbook, Employee Records, Employment Contract