'Most Innovative Startup 2020' by RSA - Watch the video

Learn More

As global privacy regulations evolve, more stringent obligations are being set on organizations, and they are being expected to maintain compliance. One of the recent developments that most organizations are looking at is the rights that their employees have. According to many major privacy regulations such as the CCPA and GDPR, organizations have to honor not just their consumers' rights but also the rights of their employees. These challenges are becoming even more pressing with the transition to fully remote or hybrid workforce models.

employee privacy webinar

Securiti and IAPP organized a webinar on "Privacy Rights of Global Employees in the Era of Work from Anywhere," inviting the following speakers:

  • Barbara Cosgrove: VP and CPO, Workday
  • Mike Morgan: US Head Global Privacy and Cybersecurity Practice, McDermott Will & Emery
  • Rehan Jalil: CEO, Securiti
  • Julie Ho: Cyber Risk Partner at Deloitte

The panel discussed how an employer could protect their employees' data by covering the following topics:

  • What are the privacy rights of remote employees working from various geographies and with different residencies?
  • What are the privacy rights of prospects that apply from various geographies and residencies for jobs in different locations?
  • How can your business automate employees' privacy rights across the entire lifecycle - from recruiting to human resource management - in the 'work from anywhere' era?
  • How can modern platforms like Workday and Securiti jointly enable Autonomous Privacy Controls to fulfill key prospect and employee data obligations?

 

Privacy rights of Remote Employees

The first and foremost step for an employer is to identify their employees working from various geographies. This is important because different privacy laws might apply to an organization depending on the nationality or residence of its employees.

The application of privacy laws also depend on other factors such as where the organization is established, what industry an organization functions in and which areas of the world it provides goods or services to. Therefore, it is essential to identify which privacy laws apply to your organization.

Most global data privacy laws which apply to employees' personal data require organizations to:

  • Be transparent about their data processing activities to employees;
  • Map employee data within their systems;
  • Undertake appropriate and reasonable security measures on employees' data;
  • Perform risk assessments before sharing employees' personal data with third parties;
  • Perform transfer risk assessments for cross-border transfers of employees' personal data;
  • Abide by data protection principles such as data accuracy, data minimization, and purpose limitation when processing employees' personal data;
  • Fulfill data subject rights requests of employees within stipulated deadlines;
  • Notify employees in the case of breach of their personal data;
  • Collect, document, and track consent from employees.

 

Privacy Rights of Applicants

Most privacy regulations treat employees and job applicants equally. This means that the same rights and obligations apply to the person applying for the job and the employee. When it comes to candidates applying for a job, organizations are required to:

  • Inform applicants of the types of personal data to be collected and their purposes
  • Record and maintain the purpose of data collection
  • Collect only adequate and relevant data
  • Disclose data retention period

 

Automation of Privacy Lifecycle

To operationalize the entire lifecycle from receiving a job application, hiring an employee, offboarding them, and maintaining data past contract termination, organizations need to automate their processes to honor employee rights and simplify the compliance process. To do so, organizations can use the following solutions:

  • Consent Management Solution
  • Data Subject Request Fulfillment Center and Workflow Management
  • Sensitive Data Mapping and Data Protection Solution
  • Breach Management and Notification Solution

Learn how Securiti provides a full, end-to-end platform for employee privacy management here.

 

Workday + Securiti

Securiti partnering with Workday is enabling organizations to work towards compliance with regard to employee obligations. This collaboration helps organizations:

  • Establish Sensitive Data Intelligence
  • Govern Access to Sensitive Data
  • Fulfill Employee Privacy Rights
  • Address Candidate Privacy Rights

To watch the full webinar, download our on-demand version here.

Share this

Our Videos

View More
2:56

China’s PIPL

China has drafted its new data protection law, Personal Information Protection Law (PIPL) that will strengthen the regulatory framework for privacy and data protection in China.

Learn More
View More
3:03

South Africa’s POPIA Explained

The video gives an overview of South Africa's Protection of Personal Information Act (POPIA).

Learn More
privacy policy and notice management View More
02:26

Dynamic Privacy Policies & Notices

Automatically Update & Refresh Your Policies and Notices

Learn More
View More
02:37

Universal Consent & Preference Management

Simplify and automate universal consent management

Learn More
View More
01:53

Cookie Consent Management

Automate and manage the entire consent life cycle with efficiency for various cookie compliance regulations around the world.

Learn More
View More
3:06

Sensitive Data Intelligence

Discover granular insights into all aspects of your privacy and security functions while reducing security risks and lowering the overall costs

Learn More