Employers hold a lot of personal data regarding their employees and/or contractors. In many jurisdictions there are strict data protection rules requiring employers to:
- Identify data: know what data is being held, where, who has access, etc.
- Manage data: appoint a manager to secure the data
- Control data: design and implement controls to safeguard data
- Train/educate: ensure all employees accessing employee/contractor data are aware of the data secrecy rules and follow them
GRC-Maestro supports your Employee Data Secrecy management by formalising the requirements investigations, designing and implementing the controls, periodically assessing the implementation and reporting/resolving exceptions.