The panel discussed how an employer could protect their employees' data by covering the following topics:
- What are the privacy rights of remote employees working from various geographies and with different residencies?
- What are the privacy rights of prospects that apply from various geographies and residencies for jobs in different locations?
- How can your business automate employees' privacy rights across the entire lifecycle - from recruiting to human resource management - in the 'work from anywhere' era?
- How can modern platforms like Workday and Securiti jointly enable Autonomous Privacy Controls to fulfill key prospect and employee data obligations?
Privacy rights of Remote Employees
The first and foremost step for an employer is to identify their employees working from various geographies. This is important because different privacy laws might apply to an organization depending on the nationality or residence of its employees.
The application of privacy laws also depend on other factors such as where the organization is established, what industry an organization functions in and which areas of the world it provides goods or services to. Therefore, it is essential to identify which privacy laws apply to your organization.
Most global data privacy laws which apply to employees' personal data require organizations to:
- Be transparent about their data processing activities to employees;
- Map employee data within their systems;
- Undertake appropriate and reasonable security measures on employees' data;
- Perform risk assessments before sharing employees' personal data with third parties;
- Perform transfer risk assessments for cross-border transfers of employees' personal data;
- Abide by data protection principles such as data accuracy, data minimization, and purpose limitation when processing employees' personal data;
- Fulfill data subject rights requests of employees within stipulated deadlines;
- Notify employees in the case of breach of their personal data;
- Collect, document, and track consent from employees.
Privacy Rights of Applicants
Most privacy regulations treat employees and job applicants equally. This means that the same rights and obligations apply to the person applying for the job and the employee. When it comes to candidates applying for a job, organizations are required to:
- Inform applicants of the types of personal data to be collected and their purposes
- Record and maintain the purpose of data collection
- Collect only adequate and relevant data
- Disclose data retention period
Automation of Privacy Lifecycle
To operationalize the entire lifecycle from receiving a job application, hiring an employee, offboarding them, and maintaining data past contract termination, organizations need to automate their processes to honor employee rights and simplify the compliance process. To do so, organizations can use the following solutions:
- Consent Management Solution
- Data Subject Request Fulfillment Center and Workflow Management
- Sensitive Data Mapping and Data Protection Solution
- Breach Management and Notification Solution
Learn how Securiti provides a full, end-to-end platform for employee privacy management here.
Workday + Securiti
Securiti partnering with Workday is enabling organizations to work towards compliance with regard to employee obligations. This collaboration helps organizations:
- Establish Sensitive Data Intelligence
- Govern Access to Sensitive Data
- Fulfill Employee Privacy Rights
- Address Candidate Privacy Rights
To watch the full webinar, download our on-demand version here.