Are you translating workforce data into business relevant insights? Great! And can you present them in a snappy dashboard, to share with board members and with other HR professionals? Even better! But at the same time very risky. Because you need appropriate controls, or you might be in breach of new data privacy regulations. Under new European General Data Protection Regulation (GDPR), you are liable for a fine that may run up to 4 percent of your company’s worldwide sales.
Handling personal data has become tricky because you need explicit consent from employees. They will for sure let authorised staff use their personal data to pay salary or register days off. But it is far from trivial that employees also give their consent for advanced workforce analytics. Especially if it only benefits the employer. Also, at any time, the employee can use the ‘right to be forgotten’, meaning you can only use the data for analytic purposes when they are anonymised. The same holds after employees have resigned. It takes a constant monitoring, adapting and authorising if you don’t want to risk crippling fines.
Built-in privacy protection
If you use generic Business Intelligence tools for example Excel, QlikView or Tableau, for workforce reporting or analytics, you must take additional measures, or you may have a serious problem, says Dirk Jonker, founder and managing director of people analytics platform Crunchr. “These tools simply haven’t been designed to work with personal data for workforce analytics”. “The GDPR requires you to monitor who has accessed data, to manage authorisations, to automatically anonymise data and to make sure that data is of reasonable quality. You’d need an army of data auditors to make your dashboard GDPR-proof.”
Jonker saw the privacy initiative coming two years ago. Since then twenty developers at Crunchr have been working non-stop to build all necessary safeguards into the analytic applications. “The trick is to automatize the required checks and balances without degrading the results too much or user experience (processing speed) of your dashboard”, says Jonker. “Crunchr has built in all the necessary privacy measure without any concession to its power of is instant processing and instant presentation. Preventing a GDPR-fine, is relevant for your business. But keeping trust with your workforce that you’re doing the right thing is probably evenly important.”