The Data Protection Authority of Hamburg (HmbBfDI) fined H&M, one of the largest global clothing retailers, €35.2 million for excessive monitoring of employees. This should highlight to all companies the importance of employee data protection.
Just so you remember here are some of the other fines:
France’s CNIL fined Google €50 million for lack of transparency and consent regarding personalized ads
UK’s ICO fined British Airways £83.39 million for poor data security, and Marriott has a pending fine of £99 million for a data breach.
According to HmbBfd, H&M supervisors were acquiring special category data – family issues and religious beliefs – without obtaining proper consent. The data was stored digitally in a means accessible to managers throughout the organisation. The amount is substantial, so the HmbBfDI is trying to send a clear message to employers. Be careful about what data you collect about your employees, how you store that data and how it’s used.
This means make sure your staff is aware of your data protection policies, make sure data is accessible only by specific individuals, make sure it’s secure and make sure the data is cleansed. With more employees being furloughed as a result of COVID-19 making sure your HR team complies with the GDPR is more important than ever.
GDPR365 has tools that can ensure your employees are aware of your companies policies around data and that your HR team has the right policies in place.
GDPR365 offers an all-in-one solution highly affordable. Starting at £45/month, a license will include all features from data mapping to data breach management but also DPIA (Data Protection Impact Assessment) and Data Subject Access Request (DSAR). Click now on the button below to book a demo and see our software can speed up your compliance.