Timelex lawyer Yung Shin Van Der Sype will lead a session about the GDPR at the EELA (European Employment Lawyers Association) conference in Tallinn, Estonia.
The General Data Protection Regulation EU 2016/679 (GDPR) came in with bells on. Concerned by the strengthened enforcement mechanisms and further-driven empowerment of data subjects, companies had to rethink how to handle personal data – also, their employee data. Now, one year after the GDPR’s point zero, it is time for a first ‘benefits vs. efforts’ assessment. How are employers handling and not handling their GDPR compliance? Did the supposedly insurmountable threat of data subject claims/requests and administrative fines actually manifested during the first GDPR year? Were employers confronted with a data subject request ‘boom’?
The goal of this session is to discuss how employers have addressed (reasonable and less reasonable) data subject requests, how they dealt with data protection in employment litigation, and how they implement(ed) the GDPR in practice. In addition, the panel members of the session will have a closer look at a number of indivertible implementation drawbacks and pitfalls, such as the use of biometric data of employees, employee consent and data retention periods for HR files.