The daily routine of a Human Resources professional involves much more than simply hiring and onboarding people within a company. These professionals are in daily contact with sensitive and confidential data. Therefore, it is necessary to use strategies and tools to protect this information. Consequently, this sector is greatly impacted by the LGPD (Brazilian General Data Protection Law). 

Protecting personal data and valuing people's privacy is an attitude that is gaining increasing importance; therefore, Human Resources managers need to adapt to new technologies and everything involved in data protection on the internet. 

With the General Data Protection Law (LGPD) coming into effect in September 2020, companies have had to ensure ways to maintain the privacy of information from customers, suppliers, and employees. This is where the work of Human Resources departments and outsourced companies in adapting to the LGPD comes in.

Impacts of the LGPD on Human Resources

The Human Resources sector requires heightened attention to personal data, which is information that makes a person identifiable, such as documents, addresses, IP addresses, photos, and videos. It also requires careful attention to sensitive data, which can be used to harass or discriminate against an employee, such as ideological orientation, illnesses, etc.

With technological advancements, the hope is that the HR and IT sectors will eventually become more closely aligned. This will allow IT programmers to develop programs that help HR professionals keep third-party personal data secure.

But since this whole issue involves the digital environment, it's necessary to understand the consequences a company may face by not following the new rules. With the LGPD (Brazilian General Data Protection Law) in effect, it's more than necessary for HR to create strategies that guarantee the security and preservation of the vast amount of information they possess. 

Given this, it will be necessary to study and adapt to the new processes to ensure everything complies with the law. Mapping all stages of data storage is one of the first steps to be taken. By understanding all phases of data collection and archiving, it will be possible to determine the points that need improvement or where an error begins. This way, the company avoids the risk of being fined under the new LGPD (Brazilian General Data Protection Law) regulations.

Protect your employees.

Company HR departments need to be aware of all their responsibilities towards employees. This involves taking care of these people's personal information, especially in the digital age, where everything is stored in the cloud and there is a risk of leaks.

Therefore, it is necessary for the department to update employee registration data and make it clear to them how this information can be used. In other words, the company needs to grant authorization to the employee to use this data. Another important point is to clarify all employee doubts and explain in detail how their personal information will be used and what the LGPD (Brazilian General Data Protection Law) governs. 

Changes to contracts

The law requires companies to take steps to minimize the amount of personally identifiable information they store and ensure that it is not kept longer than necessary. Each person should know how long and for what purpose their personal data will be in the company's records. This information may already be included in each employee's employment contract, with authorization for the collection of this data. Employees already working for the organization need to update their registration and sign a document authorizing the use of their personal data.

Each institution must also meet the requirements. requests from the holdersThis includes the deletion and modification of data whenever necessary. It's important to note that the LGPD (Brazilian General Data Protection Law) applies to data that is online or on paper. However, managing data digitally allows for greater control and security. Management systems facilitate the control of the data the company holds and centralize employee requests.

Pay attention to candidate data.

Some companies conduct online recruitment processes. When selections take place online, candidates are required to provide information about the use of their data and how it will be used. 

Therefore, it is advisable that an authorization for the use of information be made available to candidates. When registering on a digital platform, they will have the choice to allow or not the use of their data.

Therefore, this document, which clarifies what happens to the personal data collected during the selection process, serves as a guarantee for the company in case unforeseen events occur.

Consequences of non-compliance

Among the sanctions for companies that fail to comply with the LGPD (Brazilian General Data Protection Law) are data blocking, suspension of activities, and fines that can reach 2% of revenue, with a ceiling of R$ 50 million. 

The person who will assist in this process is... Company DPOThe Data Protection Officer, who can be internal or outsourced, is the professional responsible for training the team on data protection, ensuring best practices, and providing support to data subjects and the relevant authority. National Data Protection Authority (ANPD).

Ideally, each company should have one. compliance teamThe team will include professionals from the legal, technology, communication, and human resources fields. This ensures the institution's compliance with the law in all sectors. The HR department's role will be to guarantee the security of employee data and transparency regarding its storage.

Encourage your HR department to learn about the LGPD (Brazilian General Data Protection Law).

Companies must constantly stay updated on industry news. Therefore, showing Human Resources professionals the importance of the LGPD (Brazilian General Data Protection Law) and its impacts on the sector is a way to prevent potential problems involving third-party personal data.

Seeking guidance, professional advice, and tools that facilitate data processing is a good option for initiating strategies to preserve the collected information. 

Here at Privacy Tools, we have the right platform for your company to comply with personal data protection regulations. Get to know us! free trial To see in practice how it can help you!