by Chris Deeson - pensionsync's Chief Marketing Officer
HEALTH WARNING: This is not a “learn how to comply with GDPR” blog.
This is a “how can you mitigate your personal data risks when sending and retrieving Automatic Enrolment data” blog.
Employers, accountants, payroll bureaus and bookkeepers need to do everything they can to minimise their GDRP-related risks. Automatic Enrolment requires frequent movement of data to and from pension providers and payroll software.
The majority of AE data is moved via CSVs, which need to be downloaded, stored and uploaded. CSVs cannot be password protected.
And all too frequently - when something goes wrong - they are e-mailed, unencrypted for someone to “look at and fix”.
So, here are 4 ways that automated AE processing significantly reduces risks for everyone in the chain.
1. GDPR extends the requirements so that not only Data Controllers, but also Data Processors have to comply. If everyone along the payroll processing line is producing and saving CSVs, then Data Controllers need to keep tabs on multiple CSVs manged in multiple organisations.
That’s a significant amount of risk for a Data Controller to be on top of (not mentioning potential fines).
How does automated AE processing help?
pensionsync users don’t use CSVs to send data, nor do they download them when retrieving error or opt out reports from pension providers. No CSVs, means data is only held within the payroll software and not scattered around multiple storage facilities.
2. All businesses now have to produce DPIAs (Data Protection Impact Assessments) where privacy breach risks are high. The risk of sending, receiving or saving Automatic Enrolment data using CSVs is inherently high risk, so businesses reliant on CSVs will have to produce those DPIAs. CSVs are inherently risky because:
Proper automation eliminates CSV usage. But pensionsync goes further than other API solutions, as pensionsync undergoes an annual voluntary independent audit to ensure that we maintain the strongest security mechanisms as well as data privacy standards. This provides confidence to our Data Controllers further up the chain.
3. GDPR requires Privacy by Design.
This includes deleting information – which means every CSV with personal data must be included in a deletion plan. Where those CSVs are held in multiple places (e.g. email, hard-drives, different organisations etc) that becomes a complex series of plans to co-ordinate.
How does automated AE processing help?
Personal data is only held on individuals in limited circumstances on pensionsync, so usually there is nothing to forget – but if there is then it is one place and can easily be removed.
Data flowing through pensionsync is encrypted and no human eyes see the data on the way through. To view data – e.g. for a support query – we need a full audit trail of permissions before we can even view the data.
And as data flows through the system, we minimise data stored by deleting submission data within specified timescales. Deletions happen 48 hours after a successful submission for our White Label clients and after 2 months for our Direct Label ones.
4. GDPR strengthens Individual’s Rights across a number of areas:
Again, rare that pensionsync will have data for an individual – but if an individual wants deletion of that data or wants to know what data is held, then it is held in a concise number of places.
This is why many accountants are increasing their use of pensionsync within their payroll software ahead of the GDPR Compliance deadlines.
And, of course, they are saving the time and money they spend on Automatic Enrolment at the same time.
HEALTH WARNING: This is not a “learn how to comply with GDPR” blog.
This is a “how can you mitigate your personal data risks when sending and retrieving Automatic Enrolment data” blog.
Employers, accountants, payroll bureaus and bookkeepers need to do everything they can to minimise their GDRP-related risks. Automatic Enrolment requires frequent movement of data to and from pension providers and payroll software.
The majority of AE data is moved via CSVs, which need to be downloaded, stored and uploaded. CSVs cannot be password protected.
And all too frequently - when something goes wrong - they are e-mailed, unencrypted for someone to “look at and fix”.
So, here are 4 ways that automated AE processing significantly reduces risks for everyone in the chain.
1. GDPR extends the requirements so that not only Data Controllers, but also Data Processors have to comply. If everyone along the payroll processing line is producing and saving CSVs, then Data Controllers need to keep tabs on multiple CSVs manged in multiple organisations.
That’s a significant amount of risk for a Data Controller to be on top of (not mentioning potential fines).
How does automated AE processing help?
pensionsync users don’t use CSVs to send data, nor do they download them when retrieving error or opt out reports from pension providers. No CSVs, means data is only held within the payroll software and not scattered around multiple storage facilities.
2. All businesses now have to produce DPIAs (Data Protection Impact Assessments) where privacy breach risks are high. The risk of sending, receiving or saving Automatic Enrolment data using CSVs is inherently high risk, so businesses reliant on CSVs will have to produce those DPIAs. CSVs are inherently risky because:
- data is saved outside of payroll software
- any time the CSV file is sent somewhere it is unencrypted
- e-mailing that CSV file immediately saves it in email accounts (where it could be hacked) and across multiple devices.
Proper automation eliminates CSV usage. But pensionsync goes further than other API solutions, as pensionsync undergoes an annual voluntary independent audit to ensure that we maintain the strongest security mechanisms as well as data privacy standards. This provides confidence to our Data Controllers further up the chain.
3. GDPR requires Privacy by Design.
This includes deleting information – which means every CSV with personal data must be included in a deletion plan. Where those CSVs are held in multiple places (e.g. email, hard-drives, different organisations etc) that becomes a complex series of plans to co-ordinate.
How does automated AE processing help?
Personal data is only held on individuals in limited circumstances on pensionsync, so usually there is nothing to forget – but if there is then it is one place and can easily be removed.
Data flowing through pensionsync is encrypted and no human eyes see the data on the way through. To view data – e.g. for a support query – we need a full audit trail of permissions before we can even view the data.
And as data flows through the system, we minimise data stored by deleting submission data within specified timescales. Deletions happen 48 hours after a successful submission for our White Label clients and after 2 months for our Direct Label ones.
4. GDPR strengthens Individual’s Rights across a number of areas:
- GDPR gives someone the right to be forgotten (including retention and disposal). It is unlikely that someone will want to be forgotten while employed, but what about once they’ve left employment? How are you going to remove them from multiple CSVs if they ask to be forgotten? Everything gets messy as soon as you hold data outside of payroll software.
- Right of Access. Under GDPR, individuals can ask for access to what information is held on them. It will be a huge undertaking to trawl through months’/years’ worth of CSVs to see what data is held about each person requesting this information.
- Quality and Rectification – are all those CSVs accurate and up to date if a piece of data changes?
Again, rare that pensionsync will have data for an individual – but if an individual wants deletion of that data or wants to know what data is held, then it is held in a concise number of places.
This is why many accountants are increasing their use of pensionsync within their payroll software ahead of the GDPR Compliance deadlines.
And, of course, they are saving the time and money they spend on Automatic Enrolment at the same time.
No comments:
Post a Comment