Blog posts written during May 2018

All these QWERTY GDPR emails what should I do...

Monday Monday, May 21, 2018 by Administrator

Don't open, (if you didn't already) just delete or mark as spam.

 

If you don't recognise the sender's name, delete the email without opening it. It is a little known fact that email tracking systems know when you open an email (to read it or to immediately delete it). The sender can then identify the email address that have sent that email to as being a "live" address with a person who opens emails at the end. Simply they were trawling for "live" email addresses. you will be added a someone who has expressed an interest in receiving emails from them.

GDPR video and probably the lowest cost solution including Payroll and Invoicing

Sunday Sunday, May 20, 2018 by Administrator

GDPR video and probably the lowest cost solution including Payroll and Invoicing

 

In case you were not aware BBC News has a program called “Click”. It’s a reasonably non tech and entertaining guide to tech. This week’s edition gives a light guide to GDPR especially relevant to staffing agencies.

 

Fines for data breaches are only limited by €10 million or 2% of the company’s global annual turnover (whichever is greater).

 

To sum up, by default you are required by the legislation to ensure that by default you give the highest reasonable approach to keeping peoples’ data (employees or workers) secure. Simply this is the approach adopted by Microsoft Data Centres. It’s why we use them exclusively. Unfortunately in our understanding these same levels are not automatically and historically implemented by Amazon Web Services or indeed local servers maintained by your (probably very expensive) IT guys.

 

We can provide GDPR compliance at a stroke and our current, fully automatically generated, payslips already meet the requirements for the upcoming legislation the new standard of Payslips as well.

 

Links you may find helpful

 

BBC Click guide to GDPR implications

Information Commissioners Office (ICO) blog

Upcoming Payslip legislation

 

 

General Data Protection Regulation (GDPR) enforcement date 25 May 2018

Wednesday Wednesday, May 2, 2018 by Administrator

Our services are hosted by Microsoft who were the first company to adopt and achieve the stringent ISO 27018 standard for GDPR. This is the standard for government organisations and suppliers to government organisations such as NHS trusts. Microsoft cloud services will include commitments to maintain GDPR compliance when enforcement begins.

Your “people” data comes into two categories.

  • People you have employed: in which case you have a duty to retain all relevant employment data for six years or possibly more.
  • Those whom you have not yet employed or will, for whatever reason, not employ: in which case you should obtain a limited agreement via your own terms and conditions to retain their application for a reasonable period in case they wish to reconsider. You must also delete all their data on their explicit request. You can (and probably should for transparency) publish these on an employee T&Cs page on your own web site listing the data you will retain (for example Name, Address, email, phone, dob, NI, date of application etc.) and that it can be explicitly deleted on request.

We are providing hosting for such information. As long as there is a valid agreement between us, we will maintain your data, backed up every 5 minutes (via Microsoft services) with what is acknowledged as the highest level of security available and reasonably achievable.

We are legally obliged to delete any Microsoft hosted data once such agreement is terminated by you. Microsoft requires that their services are paid in advance. It is therefore essential that your customer account is always fully up to date. Ceasing licence payments implies you have actively terminated your contract. If for any reason your account is not up to date (for example your bank is experiencing technical difficulties), you need to contact us immediately. Especially if you are a start-up we will do our best to help. We can only maintain your data as long as you are a current valid customer. This is a direct consequence of GDPR.

You can and should use the reports available to maintain copies of employment data.

 

How secure is your data? Here are links to Microsoft's extensive compliance with GDPR

 

Microsoft and Compliance with ISO/IEC 27018 personal data protection

Trusted cloud: more certifications than any other cloud provider

Microsoft compliance ISO/IEC 27001 Information Security Management Standards

 

Contact Information

To find out more about Ava solutions you can contact us in a number of ways:
Follow Us...