Three in four Irish HR Departments unknowingly breaching GDPR,

HR professional at work

by HRHQ Editorial Team

While an impressive 90% of Irish HR professionals report confidence in their GDPR compliance, a survey by HRLocker showed an alarming 76% had breached the regulation within the past 12 months.

The most prominent GDPR breaches reported are:

  1. Insufficient consent: A startling 40% of HR professionals are failing to obtain clear and explicit consent from employees before collecting, processing and storing personal data. While health data (26%) and sensitive personal data (23%) were the most common areas for breach under this category, one in five (19%) of survey respondents had not attained permission to track employees for activities including internet usage, email communication and track their location. A worrying figure in light of the significant rise in remote and hybrid working.

  2. Failure to respond to Data Subject Access Requests (DSARs): Under GDPR HR professionals must respond to DSARs within 30 days unless an extension is justified. Despite this, almost a third (32%) of respondents reported exceeding this deadline, with 15% taking over 45 days to respond.

  3. Data retention and management issues: 25% of HR professionals admitted not auditing their employee data for more than six months, with a further 9 percent stating they had not reviewed it in the past year. GDPR specifies that personal data should only be kept for as long as it is needed for the purpose for which it was collected. Furthermore, over half (52%) of HR professionals report having to manage data deletion and anonymisation using manual or semi-manual processes.

The survey, conducted in July 2023 and polling 400 Irish HR professionals, also highlights the administrative burden of GDPR for HR departments, with 76% of respondents acknowledging this challenge.

67% of respondents reported increased resource allocation to meet GDPR compliance demands over the past 12 months and 62% stated it had negatively impacted their ability to focus on core functions such as employee wellbeing, talent acquisition and resource planning.

An overwhelming majority of HR professionals (78%) see technology as an enabler of better, more timely HR compliance. The key areas for improvement include:

  • Automation of data management – 72%

  • Data retrieval and reporting – 66%

  • Automatic policy updates – 64%

  • Enhanced privacy and anonymisation – 30%

However, in order to maximise the benefits of new technologies, HR departments will need to upskill, as the HRLocker survey revealed that one in three (33%) of professionals reported significant gaps in digital competency.