Protection of personal data of employees
The protection of personal data of employees is a very complex and ambiguous matter. Therefore, it is easy to make mistakes. The situation of employers is not improved by the latest Regulation of the European Parliament and of the Council (EU) 2016/679, which goes into effect as early as on 24 May 2018, as it imposes on the entities that process personal data a number of new obligations for which failure to comply with can be subject to penalties of as much as €20 million. We offer assistance in all issues relating to the personal data of employees.
Compliance with requirements of the EU regulation on protection of personal data
We prepare procedures for protecting personal data to comply with the EU Regulation, adjust internal documentation, and specify technical means that meet the requirements set forth in the EU Regulation.
We conduct audits of employee documentation (in particular employees’ personal files) at the employer’s offices to determine the scope of personal data processing and degree of current protection, and to verify existing document (security policy in particular). As part of the audit, we identify the duty to appoint a Personal Data Protection Inspector and to maintain a register of processing activities, and we verify the technical and organizational means of protecting personal data. We represent employers in inspections conducted by the General Inspector of the Protection of Personal Data (GIODO) in proceedings before the GIODO and before administrative courts.
Personal data protection audits
The employer is obligated to maintain employee documentation, which makes the employer process personal data of his employees. The processing of personal data by a company’s HR department should meet all Polish and European legal requirements.
Personal data in IT
The dynamic development of modern technologies and digitization has left the law, including the labour law, inextricably linked with IT. In order to meet our Client’s expectations, we offer additional advisory legal assistance in the field of personal data protection and in the security of information in the IT industry.