IDC Names Securiti a Worldwide Leader in Data Privacy

View

Privacy Rights of Global Employees in the Era of Work from Anywhere

Published September 1, 2021 / Updated November 22, 2023

Listen to the content

As global privacy regulations evolve, more stringent obligations are being set on organizations, and they are being expected to maintain compliance. One of the recent developments that most organizations are looking at is the rights that their employees have. According to many major privacy regulations such as the CCPA and GDPR, organizations have to honor not just their consumers' rights but also the rights of their employees. These challenges are becoming even more pressing with the transition to fully remote or hybrid workforce models.

employee privacy webinar

Securiti and IAPP organized a webinar on "Privacy Rights of Global Employees in the Era of Work from Anywhere," inviting the following speakers:

  • Barbara Cosgrove: VP and CPO, Workday
  • Mike Morgan: US Head Global Privacy and Cybersecurity Practice, McDermott Will & Emery
  • Rehan Jalil: CEO, Securiti
  • Julie Ho: Cyber Risk Partner at Deloitte

The panel discussed how an employer could protect their employees' data by covering the following topics:

  • What are the privacy rights of remote employees working from various geographies and with different residencies?
  • What are the privacy rights of prospects that apply from various geographies and residencies for jobs in different locations?
  • How can your business automate employees' privacy rights across the entire lifecycle - from recruiting to human resource management - in the 'work from anywhere' era?
  • How can modern platforms like Workday and Securiti jointly enable Autonomous Privacy Controls to fulfill key prospect and employee data obligations?

 

Privacy rights of Remote Employees

The first and foremost step for an employer is to identify their employees working from various geographies. This is important because different privacy laws might apply to an organization depending on the nationality or residence of its employees.

The application of privacy laws also depend on other factors such as where the organization is established, what industry an organization functions in and which areas of the world it provides goods or services to. Therefore, it is essential to identify which privacy laws apply to your organization.

Most global data privacy laws which apply to employees' personal data require organizations to:

  • Be transparent about their data processing activities to employees;
  • Map employee data within their systems;
  • Undertake appropriate and reasonable security measures on employees' data;
  • Perform risk assessments before sharing employees' personal data with third parties;
  • Perform transfer risk assessments for cross-border transfers of employees' personal data;
  • Abide by data protection principles such as data accuracy, data minimization, and purpose limitation when processing employees' personal data;
  • Fulfill data subject rights requests of employees within stipulated deadlines;
  • Notify employees in the case of breach of their personal data;
  • Collect, document, and track consent from employees.

 

Privacy Rights of Applicants

Most privacy regulations treat employees and job applicants equally. This means that the same rights and obligations apply to the person applying for the job and the employee. When it comes to candidates applying for a job, organizations are required to:

  • Inform applicants of the types of personal data to be collected and their purposes
  • Record and maintain the purpose of data collection
  • Collect only adequate and relevant data
  • Disclose data retention period

 

Automation of Privacy Lifecycle

To operationalize the entire lifecycle from receiving a job application, hiring an employee, offboarding them, and maintaining data past contract termination, organizations need to automate their processes to honor employee rights and simplify the compliance process. To do so, organizations can use the following solutions:

  • Consent Management Solution
  • Data Subject Request Fulfillment Center and Workflow Management
  • Sensitive Data Mapping and Data Protection Solution
  • Breach Management and Notification Solution

Learn how Securiti provides a full, end-to-end platform for employee privacy management here.

 

Workday + Securiti

Securiti partnering with Workday is enabling organizations to work towards compliance with regard to employee obligations. This collaboration helps organizations:

  • Establish Sensitive Data Intelligence
  • Govern Access to Sensitive Data
  • Fulfill Employee Privacy Rights
  • Address Candidate Privacy Rights

To watch the full webinar, download our on-demand version here.

Omer Imran Malik

Authored by Omer Imran Malik

Omer Imran Malik (CIPP/US, CIPM) is a data privacy and technology lawyer with significant experience in advising governments, technology companies, NGOs and legislative think-thanks on data privacy and technology related legal issues and is an expert in modeling legal models for legal technology. He has been a prominent contributor to numerous esteemed publications, including Dawn News, IAPP and has spoken at the World Ethical Data Forum as well.

His in-depth knowledge and extensive experience in the industry make him a trusted source for cutting-edge insights and information in the ever-evolving world of data privacy, technology and AI related legal developments.

Join Our Newsletter

Get all the latest information, law updates and more delivered to your inbox

Share


More Stories that May Interest You

At Securiti, our mission is to enable enterprises to safely harness the incredible power of data and the cloud by controlling the complex security, privacy and compliance risks.

Newsletter



Gartner Cool Vendor Award Forrester Badge IAPP Innovation award 2020 IDC Worldwide Leader RSAC Leader CBInsights Forbes Security Forbes Machine Learning G2 Users Most Likely To Recommend