HR module and GDPR

Overview

The HR Module within Claromentis is designed to follow GDPR (The General Data Protection Regulation). GDPR is a regulation in EU law on data protection and privacy for all individual citizens of the European Union and the European Economic Area. It's all about protecting and respecting the privacy of personal data, in this case, employee files and data.

 

HR Passcode

Access to HR sensitive data is protected by a Passcode in addition to the regular sign-in process. Please note that you can also have Two-factor authentication enabled for added security to the regular sign-in process.

A user will be prompted to set up a HR Passcode upon their first login to the HR system.

 

Recovery Email

When setting up an HR account for the first time, it is possible for a user to use choose a different email address such as personal email for HR-related recovery passcode. This is to ensure that your personal data is within the user's control and cannot be accessed by IT department personnel who may have access to employee's work email.

Time Out

Upon 10 minutes of inactivity within HR application (on both admin and front-end application), users will be automatically logged out of HR

 

Database Encryption

HR sensitive SQL database is encrypted using AES-256 public key encryption, It's considered among the top cyphers, meaning in the event of a database leak, sensitive HR data is protected.

 

HR Files & Document

HR Files and documents are secured using RC4 Encryption

 

HR Special Admin

Users with access to the system admin panel do not necessarily have access to HR Admin. It is part of the onboarding process to nominate two users who wish to be granted access to the HR Admin panel.

Minimum 2 admins are required.

 

Data Retention

To protect user's data after their employment has ended, it is possible to set a disposal schedule of HR Data. For example, HR Records will be permanently destroyed after 5 years from the employment end date. This information is also displayed to the users for complete transparency.

 

Audit Log

Activity within HR is fully audited within Claromentis Audit system allowing all activity to be tracked for compliance purposes.

 

HR Training & Awareness

It is possible to create an E-learning course within the learning management system to make sure your employees are aware of GDPR and Data Protection.

Learning Management System

 

HR Policies

Using the policy manager within Claromentis to share and distribute HR policies. 

Policy Manager Overview

 

 

 

Last modified on 31 July 2019 by Hannah Door
Created on 29 July 2019 by Michael Christian

Was this helpful?  

0 Likes
Share