GDPR and Payslips - Is it still okay to email payslips?
Right, I’ve been having a look around the world wide web and seeing what everyone has to say about the good ol’ GDPR and payslip dilemma. It is chaos out there! “Is it ok to email payslips?”, “Will I really be fined THAT much money?”.
The general consensus and advice I’m seeing is basically:
“Nobody has definitively said that emailed payslips are NOT GDPR compliant.”
…….Let’s take a second to dissect this. Essentially it’s like walking in on your 7 year old smearing Nutella all over the walls and them saying “well, no one said I couldn’t do it”. Ok so that’s a bit of an exaggeration but you get my point. Just because nobody said emailing payslips is not GDPR compliant doesn’t mean that it’s good practice. Actually, the fact that there’s so much discourse over it should intimate to any reasonable person. GDPR, payroll and securely sending payslips is still a bone of contention and a reasonable person would want to take reasonable measures to ensure that they are being as GDPR compliant as possible and not just burying their head in the sand!
As for the fines, no, you probably won’t be fined the vast amounts of money being thrown about but do you really want to risk it? The ICO says that fines will be “proportionate and judicious”[sic] which is fine (no pun intended, ..ok it was) but again, if there is a very simple payslip solution that would remove this stress then it is best to just bloody do it! That way you can demonstrate that you are making every attempt for your payroll data to be GDPR compliant amidst the minefield of new regulation. This also means you are less likely to be fined for a mishap if you are demonstrating due diligence in all other areas.
And you can’t escape it, you are legally required to provide an employee with a payslip on or before payday and any department, company or supplier you outsource your payroll to needs to be fully GDPR compliant in order to process the data necessary for providing payslips.
So let’s recap: you probably can but you probably shouldn't be emailing payslips to employees. You should be taking reasonable precautions and practicing due diligence when handling employee data to make sure that it is kept safe and secure (i.e. by not emailing them) and the people responsible for processing this payroll data need to be fully GDPR compliant. Hmmmmm, if only I knew of a completely GDPR compliant, payslip generating, online payslip archive with personal online self service functionality that required the employee to create their own individual password to access all their payslips and not the other way around……..but nope I’m drawing a complete blank.
JUST KIDDING. BrightPay Connect offers an online self service portal that offers maximum security when it comes to payslips and GDPR. This way you can securely send and store payslips (along with any other sensitive payroll documents). The payslips are stored in the cloud are automatically available on the system as soon as they’re finalised and this offers an additional layer of security against Russia, sorry, cyber attacks that you would be vulnerable to by emailing them.
It’s the simple solution to all your GDPR headaches. You can carry on with the short term solution of, well, doing nothing, and while you're at it you can whip out your cheque book and write a big fat one to the ICO because sooner or later it will come back and bite you in the…
Check out our full list of BrightPay Connect features for Payroll Bureaus.
Written by Aoibheann Byrne | BrightPay Payroll Software
- How BrightPay Connect is helping with GDPR
- BrightPay Connect features for Payroll Bureaus
- GDPR and the future of payroll