Ye Old HCM System
You have that old legacy system lying around from when you migrated or acquired that company way back when. Is it GDPR compliant? Probably not. Old systems may not be protected by SSL/TLS so encryption in transit is not possible. More than likely encryption at rest is definitely not supported in your old system or even 2 factor authentication (2FA). These are all disqualifying things for GDPR compliance. Since it’s an old system it’s highly unlikely they’ll ever get those new features needed for compliance. The old strategy of keeping old software around to satisfy legal requirements of keeping employee data for the typical 7 or even 30 years in some cases will not work for these types of new regulations.
SAAS doesn’t fix it
Maybe you are already migrated to one of the SAAS HCM platforms of the future. It’s all better now because we’re in the cloud. But what happens when you decide to migrate away from that SAAS provider? SAAS isn’t new. From the beginning of the web the “cloud” has always been there so this isn’t a future idea that you want to upgrade your service to a new provider. It happens all the time.
Moving between SAAS providers is more complex because some of the short cuts you took in the past with historical data governance aren’t applicable. You don’t have a legacy system that you can just keep the data in until it’s thrown out. If you’re lucky enough to get your data from a SAAS provider keeping it in a zip file on a windows share is not allowed by GDPR or any other regulations. So what are going to do with all that old HR data now? Loading it into your cloud provider means a lot of work, and clutter you don’t want in that system. Starting a huge multi-man-year project to implement a solution is a waste of resources.
What do you do?
You need somewhere else that is already GDPR compliant. Somewhere you can easily access the data, answer subpoenas for litigation in a compliant manner, and sunset that data when it expires or you have a “right to be forgotten” request. Fuse archive solutions offers this option so you can quickly move the data into and be compliant out of the box. Let us help you nail your compliance problem today.