We hear a lot of companies struggle in their quest to attract top talent. In order to stand out and be reputed as an attractive employer, it helps to be known as a safe haven for the personal data of the talent you are trying to attract. In order to achieve this, you need more than just a GDPR file that is stored in the shelves, after the expert advisor left your premises and sent the invoice.
The seven steps to becoming a talent magnet are …
1-4: think business process
In essence there are four main phases. The first phase is a typical advisory track, which starts with some analysis and advisory sessions and reports, and leads to an update of the systems and the internal change of policies and people’s intentions. Our main advice is to not go for a classic GDPR advisory track which is geared towards claims protection. Ensure the whole track intends to install a fundamental respect for personal data within the HR business processes. Preferably also within all the most important business processes, since HR does not stop at the moment of onboarding.
5: show off
When your organization is ready, it is the ideal moment to start shouting out loud that you are a safe haven for candidate’s and employee’s personal data. That’s when you become a magnet. Press releases, blog, linkedin posts, facebook, … wherever you communicate about your organization, ensure to add your organization’s respect for personal data.
6: ensure day-to-day respect
Most forgotten, but most important, is that your organization walks the talk. Even more, the whole organization should walk the talk for months and years after the advisor left your premises. That’s why we advise to install a GDPR-request handling workflow system and explain all the front office people to respond respectfully to external requests. If they respond in a friendly way, your organization will be seen true to your passion. And if they have any doubt, they should know to who to refer to, for assistance.
7: keep the fire burning
Finally, culture is not created overnight. Also, your company is going to evolve. You might install cameras at some point in time. Or define a new hiring process. This is why we advise to install a permanent data respect improvement process. This is not difficult at all – it only requires a pragmatic approach that, again, is geared to doing better business, rather than inspired by claim protection. And it requires someone or a team that understands this is one of their core responsibilities.
This way, it should be possible to install a culture of respect for individual’s data in a matter of a couple of months – and keep that pace going over the years to come.
Want to know more? Get in touch for a chat and a coffee …
Related tips
Four shades of privacy – safe and win-win privacy are for business winners
Idlegcy defined four shades of privacy. Most people talk about documented privacy, when they talk about the GDPR initiatives of their organization. That is only the basic shade. There are three more shades.
Does HR really need the personal data they are saving?
Does HR really need the personal data they are saving? It is so evident to take a copy of the ID card of a new staff member, and save it in the company files, that no one still reflects on the why.
GDPR should be about much more than penalties
The first penalties should not drive the attention away from the essence: GDPR is about a basic human right that individuals’ data should be treated with respect.