Archive RSS
Blog  »  Employee Contracts
17
Sep 18

Posted by
Jennie Hussey

Data Protection complaints increase since introduction of GDPR

Nearly 4 months since the General data Protection Regulation (GDPR) was introduced across all of Europe, complaints around Data Protection have nearly doubled in the UK and are up by nearly 2 thirds in Ireland.


GDPR was designed to give Data Subjects more control over their personal data, with more transparency and the threat of larger fines to those in breach of the new rules. The GDPR requires any company that suffers a data breach to notify its users/data subjects within 72 hours of the breach being discovered.


• Ireland’s Data Protection Commission (DPC), head of communications - Graham Doyle has said that ‘there has been a significant increase in the volumes of both breaches and complaints to the DPC since May 25th.’ Since GDPR enforcement began the DPC has seen monthly data breach reports double, while data protection complaints increased by 65%.

• Data protection complaints to the UK’s Information Commissioners Office (ICO) rose to 4214 in July compared to just 2310 complaints received in May before the GDPR came into force. A spokes person for the ICO said the increase was expected, as more users became aware of data protection because of publicity around the new rules and following a series of high-profile data scandals involving big technology firms.


Experts note, however that the increase does not mean that the number of data breaches has suddenly gone up, but rather reflects the full scale of the data breach problem becoming better known.
Organisations that fail to comply with GDPR can face fines of up to 4% of annual global revenue or €20 million, whichever is greater. So far none of the EU’s Data Protection Agency’s has issued any fines. Graham Doyle at the DPC said ‘It is too soon to expect to see any fines levied against organizations that have violated GDPR – given its only 3 months after it went into full effect.’

 

We will be hosting a free online webinar - ‘GDPR 3 Months On’ on Thursday September 20th at 11am, where Graham Doyle will joining us as a guest speaker.


To register for this webinar please click here.

Posted in Company handbook, Employee Contracts, Employee Self Service, Employment Update, Events, GDPR, General Data Protection Regulation

24
Jul 18

Posted by
Jennie Hussey

Back to Basics - New Employees

We often get calls into the helpline requesting basic information on HR/Employment Law queries like how to deal with new starters or when should an employer invoke the disciplinary procedures, so we will look at some basic HR topics in a series of blogs starting today with new employees.


New Employees
• A new employee is required by law, under the Unfair Dismissal Act, to receive a copy of the company’s ‘Dismissal Procedures’, which are usually contained in the ‘Disciplinary/Grievance Procedures’ of the Staff or Company Handbook, within 28 days of starting work with the company.
• Under the Terms of Employment (Information) Act 1994 the employer is obliged to furnish new employees within 2 months of starting, with a ‘Written Statement of ‘certain’ terms and conditions’ of their employment, also known as an ‘Employment Contract’.
• The new GDPR regulations specify that employers must provide their employees with information about what personal data they hold on them, for what purpose and how it was collected, who it may be shared with, what security measures are in place to keep it safe and what the employee’s rights are as well as other specific requirements. This is called an ‘Employee Privacy Policy’ or ‘Employee Privacy Notice’ and should be given to the employee as an addendum to their Employment Contract.

Based on these 3 pieces of legislation it would be best practice to provide your new starter with their Employment Contract, Privacy Policy and Staff/Company Handbook on their first day of work, if not before it. An employer can be fined up to 4 weeks pay for not providing the employee with their ‘Written Statement of Terms and Conditions of Employment’ within the 2 month timeframe, so it is best to get into the habit of furnishing the documents as soon as possible.

There is no requirement for a signature from the employee on any of these documents; however it would be prudent of an employer to request a signature from the employee or at least some form of acknowledgement or proof of the employee receiving the documents.

The new Employment Bill 2017, yet to be introduced, stipulates that a new employee should receive some details of their terms of employment within 5 days of starting with a company but it is yet to be seen whether this aspect of the Bill will get the go ahead.

Bright Contracts offers employers a simple and user-friendly system which enables them to easily create and customize all of these documents and keep an electronic record on file. To download a Free Trial click here or book an online Demo of the Bright Contracts software.

 

Bright Contracts | Thesaurus Payroll Software | BrightPay Payroll Software

Posted in Company handbook, Contract of employment, Dismissals, Employee Contracts, Employee Handbook, Employee Records, Employment Contract, GDPR, Staff Handbook

11
Jul 18

Posted by
Jennie Hussey

GDPR deadline gone - So what now?

If you haven’t already updated existing policies for GDPR or if you haven’t started to look at the implication of the new regulations within your organization, you still have time. GDPR compliance will be an on-going process and therefore will need to be monitored and updated on a regular basis – it will not be just a one-off exercise, so it’s certainly not too late to make a start on those updates to get you on the road towards compliance.
The first thing you should consider is to create an inventory of all the personal data you currently store and/or process, whether that be data belonging to employees, customers or suppliers. This inventory will go a long way in helping you, as you will be able to garner from it any areas that need updating or creation of new procedures to help with meeting the GDPR requirements.


• Employee Privacy Policy - If you have employee’s, does the existing contract detail what data you process on them, with whom and what they’re rights are in relation to that data? If not then you would need to create an Employee Privacy Policy.
• Clean Desk Policy – Do you operate a Clean desk Policy? Whereby data belonging to customers or suppliers is not left out on desks overnight where cleaners/security staff may have access to them.
• Data Processor Agreement - Do you share any employee information with your accountant or pension provider? If so do you have a valid or up to date contract or letter of engagement covering the new GDPR stipulations between data controllers and data processor’s?


Realistically it will be difficult for any organization to ever be fully compliant with GDPR; however once you are not ignoring your obligations under the new rules and have or are in the process of taking steps towards demonstrating compliance this should be sufficient if you ever face a Data Protection inspection.


If you require further guidance on GDPR please see our dedicated support section on our website where you can find on-demand GDPR webinars, FAQ’s and template documents like a Data Processor Agreement.
Bright Contracts has also recently been upgraded to include a new Employee Privacy Policy feature whereby you can tick off another box to prove compliance under the new GDPR regulations. Download a free trial of Bright Contracts here. Book a free online Demo of the software.

 

Bright Contracts | Thesaurus Payroll Software | BrightPay Payroll Software

Posted in Employee Contracts, General Data Protection Regulation

22
Jun 18

Posted by
Jennie Hussey

Privacy Policies - a GDPR requirement

One of the main principles of GDPR is that Data shall be processed lawfully, fairly and in a transparent manner, these three elements overlap and all three must be satisfied in order to demonstrate compliance.
Employers, as both Data Controllers and Processors, must be able to show how they comply with the new data protection principles and be clear and open with their employees about the processing of data and their rights. The GDPR stipulates that anywhere personal data is being collected, either directly or indirectly, Privacy Notices should be in place, these policies are critical to complying with the transparency obligations in the GDPR. So the introduction of an Employee Privacy Policy will cover the required elements and ensure demonstratable compliance in this regard.


The Privacy Policy should be written in a clear and easily-understandable format and must include;


• What data is processed – name, address, PPS no., bank details, etc.
• How it was obtained – employee detail request form, CV, ROS, etc.
• The ‘legal basis’ for processing the data – contractual necessity, legal obligation, etc.
• Who has access to it and any third parties– HR dept., payroll clerk, pension company
• How it is stored and security – HR system, Thesaurus software, encryptions, etc.
• How long it is kept for –set in company policies or statutory requirements
• The rights of the employee – right to access, rectification, erasure, etc.
• If data is transferred outside the EEA
• Contact details of Data Controller


We have recently upgraded our Bright Contracts software to include a new Employee Privacy Policy feature, so now employers can facilitate the main GDPR principle of lawful, fair and transparent processing of the employee data. We have also updated the Data Protection Policy within the Handbook and the Data Protection Clause within the contracts.


To download a free trial of Bright Contracts, click here.
To request a free online Demo of Bright Contracts, click here.

 

Bright Contracts | Thesaurus Payroll Software | BrightPay Payroll Software

Posted in Bright Contracts News, Contract of employment, Employee Contracts, Employee Records, GDPR, General Data Protection Regulation, New Features, Software Upgrade

13
Jun 18

Posted by
Jennie Hussey

Why am I getting all these emails about privacy?

Lately you may have noticed your inbox bulging each morning with lots of emails with similar subject lines to these;


“Your privacy = our priority”                   “GDPR Data Protection – Your Data is Safe with us”
“Big Changes are coming”                        “Opt-In to continue receiving our great updates”
“GDPR update – please don’t leave us!”  “We’re keeping your details safe”


New, tougher European regulations around privacy and the use of personal data have now come into force and could see companies hit with huge fines if found to be in breach of the new laws.
In order for personal data to be processed lawfully, the processor must be able to rely on the reasoning being at least one of 6 categories, the main one being Consent. So if you were previously signed up with a company to receive newsletters or emails about special offers, they can no longer continue to send you these without your explicit consent.
Previous Data Protection Legislation allowed for an option to ‘Opt-Out’ as being sufficient means to mark having your consent, however with the new GDPR this is no longer the case. Consent must be ‘freely given’ unambiguous’ and for a ‘specific purpose’. Consent must be easily read and clearly distinguishable from other text and evidence must be collected as to how consent was obtained.
Consent can no longer be assumed and the likes of pre-ticked boxes that would have needed to be unticked if you didn’t want to register are now banned. Also the facility to Unsubscribe must be clear and an easy procedure to follow.


So all the emails you have been receiving, like those listed above, are those companies that you may previously have signed up with, scrambling to cover themselves for GDPR and not wanting to lose you as a possible customer or sale.


For more information on GDPR and how it may affect your organization, please see our dedicated online support documentation here.

 

Bright Contracts | Thesaurus Payroll Software | BrightPay Payroll Software

Posted in Bright Contracts News, Company handbook, Contract of employment, Employee Contracts, Employee Handbook, Employment Contract

4
Apr 18

Posted by
Lauren Conway

How long should you retain employee data under GDPR?

The General Data Protection Regulation (GDPR) will come into force on 25th May 2018, legislation with new rules and guidelines on how to protect and process personal data. Employee personal data held may include: name, address, phone number, email address, emergency contact details, PPS number, bank account details etc.

The GDPR requires that when retaining and processing personal data there must be lawful reasoning for doing so. In terms of processing employee data employers are likely to rely on a number of lawful reasons, mainly: to fulfill contractual obligations, legal obligations or other legitimate interests. Under data protection legislation employee data should be kept for no longer than is necessary, for the purpose that it was retained. However, when deciding how long to retain personal data employers should be guided by employment legislation.

So how long should I retain employee data?

Written Terms of Employment – 1 year

Employers must retain a copy of this statement throughout the employee’s employment and for one year after termination at a minimum.

Payroll details and Payslips – 6 years

Records, calculations and documents relating to the value of benefits for employees must be kept for 6 years in the event of an audit by Revenue. The WRC may also inspect these in an audit and seek evidence that employees are supplied with payslips.

Hours of Work – 3 years

Details of days and hours worked each week, annual leave and public holidays taken and payment received for same. Rest break records and/or records of notification of employees being fully informed about rest break entitlement and procedures if rest break is unable to be taken.

Maternity and Adoptive Leave Records – none

While there is no set period of the retention of data on maternity leave or adoptive leave records, claims can be made within 6 months of employers being informed of an issue giving rise to a dispute or extended to 12 months in exceptional circumstances.

Parental Leave – 8 years

Records of Parental Leave, including the period of employment of each employee and the dates and times of the leave taken, must be retained for 8 years.

A more detailed list of Employee Record Keeping Requirements can be viewed here.

Where legislation gives no guidance on record keeping requirements, employers should carefully predetermine, and include in any employee privacy notice, how long and the grounds they will use for retaining that data. For example; an employer may decide to retain all performance review records for the entire duration of an employee’s employment to monitor employee performance.

Whatever the reasoning behind retaining employee data – whether it be legal or other business reasons, employers need to ensure they have a clear policy outlining their reasoning, that this is easily accessible to employees and that the policy is consistently applied.

To book a free online demo of Bright Contracts click here.
To download your free trial of Bright Contracts click here.

Posted in Contract of employment, Employee Contracts, Employee Records, Employment Tribunals, GDPR, General Data Protection Regulation, Parental Leave, Workplace Relations Commission, WRC

1
Feb 18

Posted by
Jennie Hussey

New Code of Practice on Longer Working

Case 1

Paul Quigley, a highly regarded GP in addiction services in the North Dublin HSE was recently granted an injunction by the High Court to stop the HSE from forcing him to retire. His lawyers are claiming the forced retirement amounts to age discrimination.

Case 2

A WRC adjudicator recently ruled that Susan Devereaux, who was forced to retire from her job, should be re-instated in her role with Pdforra, as the employer had failed to ‘objectively justify’ its reasons for dismissing her when she reached the age of 60.

Case 3

A Bookkeeper who was ‘retired’ by her employer on reaching the age of 66 has been awarded €12,000 in an age discrimination case she took against her employer.

These are just a few of the cases relating to forced retirement that has come up in the courts over the last few months. They have brought attention to the fact that these now ‘retired’ workers were sometimes unable to claim the State pension as they may not have reached the eligible age to do so. At the moment private sector workers in Ireland can start to receive the State pension at the age of 66, this will rise to 67 in 2021 and again to 68 in 2028.

The Workplace Relations Commission has now published a Code of Practice, Industrial Relations Act 1990 (Code of Practice on Longer Working)(Declaration) Order 2017. The Code can now be used to help employer’s when dealing with retirement and requests to work beyond the retirement age. Although not legally binding, any employer who does not follow the guidelines will need to be able to justify the reasoning behind it.

On publishing the new Code of Practice, the WRC has set out what should be taken into consideration when it comes to retirement in the workplace:

Utilising the skills, abilities and experience of older workers

  • Draw on benefits of older workers and utilize through training and knowledge sharing with younger members of staff.
  • Train all management about age diversity and the benefits of such diversity in the workplace

Objective Justification

  • If a mandatory retirement age is set within a company, the employer must be able to ‘objectively justify’ the reason for it, examples may include health and safety, intergenerational fairness.

Set out a step by step ‘Retirement Process’

  • Set timelines and give adequate notice prior to retirement date
  • Explore transitional arrangements like flexible working, alternative roles up to date of retirement.

Requests to work longer

  • Need to be seen to be taken into consideration
  • Procedures set in place for acceptance and refusal of requests to work after set retirement age.

As a whole we are all living longer so it seems only natural that we would also be allowed to work for longer? This new Code of Practice will be very important going forward for Irish Employment legislation and employer’s alike.

For more information please click here


To book a free online demo of Bright Contracts click here
To download your free trial of Bright Contracts click here

Posted in Company handbook, Contract of employment, Employee Contracts, Employee Handbook

23
Jan 18

Posted by
Laura Murphy

Is it discrimination to top up maternity pay but not paternity pay?

September 2016 saw the introduction of Paternity Leave, that for the first time ever allowed fathers/partners to take two weeks paid leave on the birth of a child / placement of a child for adoption. Paternity Leave is paid at the same rate as Maternity Pay, currently €235 per week*, leaving it up to employers to decide whether or not they wish to top-up pay during the two weeks leave. The question then arose that if by topping up maternity leave, would an employer by default have to top up paternity pay?

A recent Workplace Relations Commission (WRC) case involving a transport company, provides useful guidance on the answer to this question.

In this case a male employee brought a case under the Employment Equality Act claiming discrimination on the grounds of gender due to the fact that the employer topped up maternity pay but did not top up paternity pay.

However the WRC Adjudicator held in favour of the Company, stating that maternity leave is different to paternity leave and that “the special protection afforded to women in connection with pregnancy and maternity is embedded in European and Irish law”. The Adjudicator concluded that the employer was entitled to make special provisions for women at the time of maternity leave and was protected in that regard by the Employment Equality Acts.

Conclusion

This case gives the green light to employers who wish to offer a maternity top up but not offer the same for paternity leave. Whatever it is you decide on, employers are advised to have clear paternity and maternity leave policies in place that is accessible to all employees.

*The rate of maternity/paternity pay will increase to €240 per week from end of March 2018.

To book a free online demo of Bright Contracts click here
To download your free trial of Bright Contracts click here

Posted in Company handbook, Contract of employment, Discrimination, Employee Contracts, Employee Handbook, Employment Tribunals, Workplace Relations Commission, WRC

7
Nov 17

Posted by
Laura Murphy

Premature Births and Maternity Benefit

From 1st October 2017, the period for which Maternity Benefit is paid has been extended in cases where a baby is born prematurely. A premature birth is described as one at less than 37 weeks’ gestation. It is estimated that every year in Ireland approximately 4,500 babies are born prematurely.

Currently, under the Maternity Protection Acts 1994 and 2004, a mother is entitled to 26 weeks’ maternity leave and 16 weeks’ unpaid leave. Maternity leave normally starts two weeks before the baby’s expected due date or on the date of the birth of the child, should it be earlier.

Under the new amendment, where a child is born prematurely the mother’s paid maternity leave will be extended by the equivalent of the duration between the actual date of birth of the premature baby and the date when the maternity leave was expected to start.  For example, where a baby is born in the 30th week of gestation the mother would have an additional entitlement of approximately seven weeks of maternity leave and benefit i.e. from the date of birth in the 30th week to the two weeks before the expected date of confinement. This additional period will be added on to the mother’s normal entitlement to 26 weeks of maternity leave and benefit, where the mother meets the ordinary qualifying criteria.

Mothers of pre-term babies are advised to contact the Department of Employment Affairs and Social Protection (DEASP), email maternityben@welfare.ie, to arrange the additional payment.

Babies surviving from the earliest gestation's, such as 23 weeks, can spend months in a neonatal unit in hospital, by the time a premature baby gets to go home, a mother’s maternity leave can almost be used up. This new change has been heralded as a positive step in supporting parents during a difficult time.

To book a free online demo of Bright Contracts click here
To download your free Bright Contracts trial click here

Posted in Company handbook, Contract of employment, Customer Update, Employee Contracts, Employee Handbook, Employment Contract, Wages

26
Oct 17

Posted by
Marzena Ignar

Does my employee need a written statement of employment?

The main purpose of the written statement of employment, often referred to as the contract of employment, is to clarify the terms of a person’s employment and avoid uncertainty or misunderstandings, where employee expectations might not be the same as employer intentions.

The Terms of Employment (Information) Acts 1994 require an employer to provide an employee with a written statement of their terms of employment within 2 months of commencement of employment. The above Act covers all employees working under a contract of employment, including full-time staff, part-time staff, fixed-term and casual workers.

The written statement must include the following information:

  • The full name of employer and employee
  • The address of the employer
  • Place of work
  • Job title or nature of work
  • The date the employment started
  • Type of contract
  • Rate of pay
  • Pay intervals
  • Hours of work
  • Paid leave
  • Incapacity for work, sick pay 
  • Any terms relating to a pension scheme
  • Period of notice to be given by employer or employee
  • Details of any collective agreements
  • Pay reference period

Additional clauses can be recommended to further clarify the relationship. These might include:

  • Probation clause
  • Pay in lieu of notice clause
  • Confidentiality clause
  • Right to search 
  • The calculation of holiday pay

Failure to comply with the above Act could leave employers open to a claim from their employees. Employers found not to have written terms of employment in place will be fined a maximum of 4 weeks’ remuneration per employee. Clearly worded contracts of employment are key to the success of any business. They will ensure your business is on the right side of employment law as well as help prevent disputes with employees.

To book a free online demo of Bright Contracts click here
To download your free trial of Bright Contracts click here

Posted in Contract of employment, Employee Contracts, Employee Records, Employment Contract

Older Articles >