Aug 2018
20
BrightPay Connect: The GDPR Survival Toolkit for Employers
BrightPay Connect is tailored to help you overcome some of the key challenges GDPR presents when processing payroll. The payroll itself is still processed on BrightPay’s desktop application, however the payroll information is stored online on a secure cloud server. As the payroll information is stored online, it has allowed us to bring you even more benefits to help you with GDPR compliance.
Automated Cloud Backup
With the GDPR, it is important to keep a copy of payroll files safe in case of fire, theft, damaged computers or cyber attacks. Essentially BrightPay Connect is an automated cloud backup, keeping employee’s payroll data safe and secure. BrightPay Connect will automatically backup payroll data every 15 minutes when the payroll is open, and again when you close down the employer file. A chronological history of all backups will be maintained which can be downloaded and restored at any time.
Self-Service Remote Access
GDPR includes a recommendation to provide remote access to a secure system, which would provide employees with direct access to their personal data. With BrightPay Connect, employees can be invited to their own password protected self-service portal. Employees can login to the portal 24/7 on any device, including PC’s, Macs, tablets and smartphones (essentially anywhere that they have access to an internet browser) or there is also an employee smartphone app where employees can login and get notifications directly to their device.
Password Protected Payslip Portal
With BrightPay Connect, employees can access a payslip library where they can view and download all historic and current payslips. Employees can also access payroll documents such as P60s, HR documents such as their contract of employment, personal data held by their employer and past and scheduled leave.
Right to Rectification
The right to rectification of personal data held is an important employee right under the GDPR. With the employee self-service portal, employees can update their basic personal details such as their phone number and postal address.
Accurate Employee Records
Data controllers and data processors must ensure that the personal data held is relevant and up-to-date. As employees can update their basic personal details on BrightPay Connect, this ensures that employers and payroll bureaus have the most accurate and current details on file for employees.
User Limitations and Restrictions
With the GDPR, data controllers must ensure that, by default, only personal data which is necessary for each specific purpose of the processing can be accessed. Therefore, payroll processors should only have access to the personal data that is strictly required for processing the payroll. This is referred to as data minimisation, or privacy by default. With BrightPay Connect, users can be set up so that they only have access to the information needed to complete their specific responsibilities. For example, there may be a HR manager who should not have access to employee’s payroll data, or a payroll processor who should not have access to employee documents or employees marked as confidential.
Central Location for Employee Documents
BrightPay Connect acts as an all in one central location to store all things employee related, including payroll, HR and other employment related documents. Employers have the ability to upload documents that apply to all employees (e.g. company handbook), documents that are unique to individual employees (e.g contract of employment), or even documents that are relevant to a particular department.
Secure Document Exchange
If you are a payroll bureau, you can invite your payroll clients to BrightPay Connect to their own online employer dashboard. This is a secure portal for client communications, eliminating the need to send documents with sensitive personal information by email. Clients can view employee payslips as soon as they have been finalised, they can run their own payroll reports and view amounts due to Revenue. This offers an additional layer of GDPR protection for client’s payroll data.
Essentially, by introducing BrightPay Connect in your business, you will be taking steps to be GDPR compliant. Book a demo today to have a look at BrightPay Connect.
Related articles:
- Payroll Data & GDPR: What you need to know
- BrightPay launches employee payroll smartphone app
- How have BrightPay prepared for GDPR?
Aug 2018
15
How will PAYE Modernisation impact on your payroll?
In late 2016, Revenue issued a consultation document outlining their vision for the introduction of Real Time Reporting (RTR) or PAYE Modernisation in Ireland.
This will modernise the Pay As You Earn (PAYE) system, and mean that employers will be required to report pay, tax and other deductions, as well as details of employees leaving the organisation, at the same time as they run their payroll.
The new obligations for employers are due to take effect from 1 January, 2019, meaning businesses have a limited amount of time to prepare their payroll systems to be compliant with the new RTR / PAYE Modernisation rules.
Do you use payroll software? If so, there are two methods of reporting payroll in real time:
- Direct Payroll Reporting - allows your payroll software to communicate seamlessly with Revenue Online System (ROS) and exchange the required information.
- ROS Payroll Reporting - you can upload files created by your payroll software to ROS.
Payroll software companies have been working with Revenue to ensure that the software will be compatible with Revenue’s requirements. We would advise that you use payroll software, but if you don’t, you will be able to retrieve Revenue Payroll Notifications and complete a form through ROS. This reporting process will eliminate the need to file:
- P30
- P35
- P45
- P46
P60s
You will no longer be obliged to produce a P60 for your employees. Revenue will produce an end of year statement for all employees.
Information you will report to Revenue
You must provide Revenue with payroll information for each employee, including:
- Payment date
- Amount of pay
-
Amount of Income Tax, Universal Social Charge (USC) and Local Property Tax deducted.
Upcoming free online webinars:
PAYE Modernisation for Employers - Understanding and implementing the new legislation
- 4th September @ 11.00 am
- Find out more | Register here
PAYE Modernisation for Payroll Bureaus - Understanding and implementing the new legislation for your clients
- 6th September @ 11.00 am
- Find out more | Register here
Related Articles:
PAYE Modernisation: How successful was it in the UK?
PAYE Modernisation - List of Employees
PAYE Modernisation - The Facts
PAYE Modernisation - Understand how your payroll processing will change
Are you missing out on our newsletter? We will not be able to email you without you subscribing to our mailing list. You will be able to unsubscribe at any time. Don’t miss out - subscribe today!
Aug 2018
3
GDPR & the right to rectification:
Under Article 16 of the GDPR, individuals have the right to rectify data that is inaccurate about them. An individual may also be able to have incomplete personal data completed. Although you may have already taken steps to ensure that the personal data was accurate when you first obtained it, this right imposes a specific obligation to reconsider the accuracy upon request.
What do we need to do?
If you receive a request from an individual to rectify their personal data, you should take reasonable steps to ensure that the data is accurate and rectified if necessary. The reasonable steps taken will depend on the nature of the personal data and what it will be used for. The more important the personal data is to be accurate, the greater the effort you should put into ensuring it’s accurate and if not, taking steps to rectify it.
When is data inaccurate?
The GDPR does not give a definition of the term accuracy. However, it states that personal data is inaccurate if it is incorrect or misleading in any way. It is the data controller's responsibility to ensure the personal data they manage is accurate and up-to-date.
Can we refuse to comply with the request for rectification for other reasons?
You can refuse to comply with a request for rectification if the request is excessive or manifestly unfounded, taking into account whether the request is repetitive in nature. There are two things you can do if you consider that a request is excessive or manifestly unfounded:
1) Request a “reasonable fee” to deal with the request
2) Refuse to deal with the request
You will need to justify your decision in either case. The reasonable fee should be based on the administrative costs of complying with the request. If you decide to charge a fee, it is advised that you contact the individual within one month. You do not need to comply with the request until you have received the fee.
In most cases, you cannot charge a fee to comply with a request for rectification. However, as noted above, if the request has been excessive or manifestly unfounded you may charge a reasonable fee to cover the administrative costs.
Related Articles:
GDPR & Payroll processing: Do I need consent from my client's employees?
BrightPay launch an employee payroll smartphone app.
Are you missing out on our newsletter? We will not be able to email you without you subscribing to our mailing list. You will be able to unsubscribe at any time. Don’t miss out - subscribe today!
Aug 2018
1
BrightPay Customer Update: GDPR & PAYE Modernisation Special Edition
PAYE Modernisation Explained
PAYE Modernisation or real-time reporting (RTR) will enable Revenue to ensure that employees are receiving their correct tax credits and cut-off points throughout the year. This compares with the current PAYE reporting which is done through P35s on a yearly basis.
Learn more | Frequently asked questions
Free GDPR Webinar | Guest Speaker: Data Protection Commissioners
Graham Doyle, Head of Communications from the Data Protection Commissioners office will be joining us to discuss GDPR and the effect it is having on all businesses. This FREE CPD accredited webinar will look at what is new in GDPR, how it may affect your business and what have we learned from the GDPR 3 months on. We will also look at how BrightPay can help your organisation utilise the new regulation to benefit you, your customers, suppliers and employees.
Manually Calculating Payroll with PAYE Modernisation
A significant number of employers are still processing their payroll using a manual or spreadsheet system. A manual approach may seem like an attractive option but can result in inaccurate payroll processing. From January 2019, employers will be required to submit their payroll returns electronically and in real-time, each payroll run, allowing Revenue to access the most up-to-date information.
Privacy Policies - A GDPR Requirement
One of the main principles of the GDPR is that data shall be processed lawfully, fairly and in a transparent manner. These three elements overlap and all three must be satisfied in order to demonstrate compliance. The GDPR stipulates that anywhere personal data is being collected, either directly or indirectly, Privacy Notices should be in place.
PAYE Modernisation FREE webinar in conjunction with Revenue
We have teamed up with Sinead Sweeney who is the PAYE Modernisation Change Manager for the Revenue Commissioners. The webinar will peel back the legislation to help you understand and implement the new changes for your business. The objective of PAYE Modernisation is for Revenue, employers and employees to have access to the most accurate, up-to-date information relating to pay and statutory payroll deductions. Places are limited.
Employer webinar: 4th September | Bureau webinar: 6th September
GDPR: Do I need consent from my client’s employees? (Bureaus Only)
Many bureaus have expressed concern and confusion in relation to getting consent from their client’s employees and securely distributing payslips. Payroll bureaus do not need to seek consent from individual employees that the payroll is processed for. However, the employer will need to inform their employees that they are sharing their personal information with a third party.
GDPR: Frequently Asked Questions
Our GDPR experts have put together a list of some of the frequently asked questions that we have been asked by our customers regarding the General Data Protection Regulation. Additionally, the legislation states that whenever a data controller (e.g. business/employer) uses a data processor (e.g. payroll bureau) there needs to be a written contract or Data Processor Agreement in place.
View all FAQs | Template Data Processor Agreement
Are you missing out on BrightPay's newsletter? We will not be able to email you without you subscribing to our mailing list. You will be able to unsubscribe at anytime. Don’t miss out - sign up to our newsletter today!
