Aug 2018
20
BrightPay Connect is tailored to help you overcome some of the key challenges GDPR presents when processing payroll. The payroll itself is still processed on BrightPay’s desktop application, however the payroll information is stored online on a secure cloud server. As the payroll information is stored online, it has allowed us to bring you even more benefits to help you with GDPR compliance.
With the GDPR, it is important to keep a copy of payroll files safe in case of fire, theft, damaged computers or cyber attacks. Essentially BrightPay Connect is an automated cloud backup, keeping employee’s payroll data safe and secure. BrightPay Connect will automatically backup payroll data every 15 minutes when the payroll is open, and again when you close down the employer file. A chronological history of all backups will be maintained which can be downloaded and restored at any time.
GDPR includes a recommendation to provide remote access to a secure system, which would provide employees with direct access to their personal data. With BrightPay Connect, employees can be invited to their own password protected self-service portal. Employees can login to the portal 24/7 on any device, including PC’s, Macs, tablets and smartphones (essentially anywhere that they have access to an internet browser) or there is also an employee smartphone app where employees can login and get notifications directly to their device.
With BrightPay Connect, employees can access a payslip library where they can view and download all historic and current payslips. Employees can also access payroll documents such as P60s and P45s, HR documents (e.g. their contract of employment), personal data held by their employer and past and scheduled leave.
The right to rectification of personal data held is an important employee right under the GDPR. With the employee self-service portal, employees can update their basic personal details such as their phone number and postal address.
Data controllers and data processors must ensure that the personal data held is relevant and up-to-date. As employees can update their basic personal details on BrightPay Connect, this ensures that employers and payroll bureaus have the most accurate and current details on file for employees.
With the GDPR, data controllers must ensure that, by default, only personal data which is necessary for each specific purpose of the processing can be accessed. Therefore, payroll processors should only have access to the personal data that is strictly required for processing the payroll. This is referred to as data minimisation, or privacy by default. With BrightPay Connect, users can be set up so that they only have access to the information needed to complete their specific responsibilities. For example, there may be a HR manager who should not have access to employee’s payroll data, or a payroll processor who should not have access to employee documents or employees marked as confidential.
BrightPay Connect acts as an all in one central location to store all things employee related, including payroll, HR and other employment related documents. Employers have the ability to upload documents that apply to all employees (e.g. company handbook), documents that are unique to individual employees (e.g contract of employment), or even documents that are relevant to a particular department.
If you are a payroll bureau, you can invite your payroll clients to BrightPay Connect to their own online employer dashboard. This is a secure portal for client communications, eliminating the need to send documents with sensitive personal information by email. Clients can view employee payslips as soon as they have been finalised, they can run their own payroll reports and view amounts due to HMRC. Clients will also be able to upload employee timesheets and payments and approve the payroll through their employer portal (coming soon). This offers an additional layer of GDPR protection for client’s payroll data.
Essentially, by introducing BrightPay Connect in your business, you will be taking steps to be GDPR compliant. Book a demo today to have a look at BrightPay Connect.
Related articles:
Aug 2018
16
From April 2021 the student loan repayment threshold will rise to £25,000 in Scotland. Before graduates start to pay back their loans they will have to earn at least £25,000. The First Minister announced this change along with plans to reduce the maximum repayment period for student loans by 5 years, from 35 years to 30 years.
Currently, the student loan repayment threshold is £18,330 for Student Loan Plan 1 for 2018-19. Student Loan Plan 1 is for pre-2012 loans, the threshold for 2017-18 was £17,775.
For Student Loan Plan 2, the current student loan repayment threshold is £21,000 for 2018-19. The student loan repayment threshold for postgraduate loans is also £21,000, these loans are due for repayment through the PAYE system from April 2019.
Are you missing out on our newsletter? We will not be able to email you without you subscribing to our mailing list. You will be able to unsubscribe at any time. Don’t miss out - subscribe today!
Aug 2018
3
Under Article 16 of the GDPR, individuals have the right to rectify data that is inaccurate about them. An individual may also be able to have incomplete personal data completed. Although you may have already taken steps to ensure that the personal data was accurate when you first obtained it, this right imposes a specific obligation to reconsider the accuracy upon request.
What do we need to do?
If you receive a request from an individual to rectify their personal data, you should take reasonable steps to ensure that the data is accurate and rectified if necessary. The reasonable steps taken will depend on the nature of the personal data and what it will be used for. The more important the personal data is to be accurate, the greater the effort you should put into ensuring it’s accurate and if not, taking steps to rectify it.
When is data inaccurate?
The GDPR does not give a definition of the term accuracy. However, it states that personal data is inaccurate if it is incorrect or misleading in any way. It is the data controller's responsibility to ensure the personal data they manage is accurate and up-to-date.
Can we refuse to comply with the request for rectification for other reasons?
You can refuse to comply with a request for rectification if the request is excessive or manifestly unfounded, taking into account whether the request is repetitive in nature. There are two things you can do if you consider that a request is excessive or manifestly unfounded:
1. Request a “reasonable fee” to deal with the request
2. Refuse to deal with the request
You will need to justify your decision in either case. The reasonable fee should be based on the administrative costs of complying with the request. If you decide to charge a fee, it is advised that you contact the individual within one month. You do not need to comply with the request until you have received the fee.
In most cases, you cannot charge a fee to comply with a request for rectification. However, as noted above, if the request has been excessive or manifestly unfounded you may charge a reasonable fee to cover the administrative costs.
Related Articles:
HMRC and GDPR - Holding and using your personal information
GDPR to affect your employee payroll processing!
GDPR - Everything you need to know!
Are you missing out on our newsletter? We will not be able to email you without you subscribing to our mailing list. You will be able to unsubscribe at any time. Don’t miss out - subscribe today!
Aug 2018
1
Our GDPR experts have put together a list of some of the frequently asked questions that we have been asked by our customers regarding the General Data Protection Regulation. Additionally, the legislation states that whenever a data controller (e.g. business / employer) uses a data processor (e.g. payroll bureau) there needs to be a written contract or Data Processor Agreement in place.
View all FAQs | Template Data Processor Agreement
This FREE webinar will look at what’s new in GDPR, how it may affect your business and what have we learned from the GDPR 5 months on. We will also have a look at how BrightPay can help your organisation utilise the new regulation to benefit you, your customers, suppliers and employees. The webinar will include a demo of how our new timesheet upload feature can save you time and help you work towards GDPR compliance.
One of the main principles of the GDPR is that data shall be processed lawfully, fairly and in a transparent manner. These three elements overlap and all three must be satisfied in order to demonstrate compliance. The GDPR stipulates that anywhere personal data is being collected, either directly or indirectly, Privacy Notices should be in place.
Individuals have gained the ‘right to erasure’ or commonly known as the ‘right to be forgotten’. This new right came into force with the implementation of the GDPR. It essentially allows individuals to request for erasure of their personal details verbally or in writing.
Our optional add-on, BrightPay Connect is an online payroll and HR self-service tool that offers significant benefits to help your business or practice comply with the GDPR legislation. Accountants, employers and employees can instantly access their payroll information, enabling many routine payroll and HR related tasks to be automated. BrightPay Connect significantly increases the efficiency and effectiveness of payroll work within the remit of the GDPR guidelines.
BrightPay Connect & GDPR | Book a demo
By law, employers must provide employees with payslips which include personal data such as proof of earnings, tax paid and any pension contributions. It is advisable that businesses take steps to protect and securely send this payslip information.
Are you missing out on BrightPay's newsletter? We will not be able to email you without you subscribing to our mailing list. You will be able to unsubscribe at anytime. Don’t miss out - sign up to our newsletter today!
Jul 2018
16
The deadline of 31st July is fast approaching for employees renewing tax credits. Payments will be stopped if tax credits are not renewed by this deadline. HMRC are asking employers to encourage their employees to renew their claim for tax credits as soon as possible and to use the online method.
An employee can renew their tax credits online using their mobile device, tablet or computer. They can also renew on HMRC’s App. Renewing online is easy and is less time consuming, an employee can do this once they have received their renewal pack.
Employees need to report any changes in their circumstances that they have not previously reported to HMRC, for example, changes to working hours, income etc. HMRC has a specialist support team through the tax credits helpline that employees can contact if they cannot renew online.
Employers can help encourage their employees to renew their tax credits by:
Jul 2018
2
Businesses must provide their employees with information on what happens to their data, for example sharing employee’s personal data with a payroll bureau who processes the payroll. Employee personal data can be stored and managed by a payroll bureau, bookkeeper or accountant for the sole benefit of correctly paying their wages, paying the correct tax and providing a payslip. All of this legitimately falls under the remit of the GDPR legislation.
Many bureaus have expressed concern and confusion in relation to getting consent from client’s employees and securely distributing payslips. Payroll bureaus do not need to seek consent from individual employees that the payroll is processed for. However, the employer will need to inform their employees that they are sharing their personal information with a third party.
An employee cannot withdraw their consent for their personal data to be used as part of the payroll processing. It should be noted that bureaus should keep only the personal data that is strictly required for the purpose of the payroll. This is referred to as data minimisation or privacy by default.
BrightPay is running a free webinar to help you with what you need to know about GDPR. The webinar takes place on 3rd July at 11.00 am and is free to attend for payroll bureaus and employers.
This webinar will look at the biggest areas of concern including emailing payslips, employee consent and your legal obligation. We will also look at some important steps to achieve GDPR compliance.
Click here to book your place now.
Related articles:
Jun 2018
25
In today’s fast paced environment employees want their payslips at their fingertips. BrightPay’s cloud add-on BrightPay Connect now offers an employee smartphone and tablet app for employees to access their payroll information on the go. The BrightPay Connect app integrates with the BrightPay payroll software application bringing a new level of efficiency and productivity to managers who manage the payroll, leave requests and HR activities. The employee app is available to download for free on any Android or iOS device.
BrightPay Connect offers an online intuitive app, providing employees with the following benefits:
BrightPay developed the employee payroll app to improve the payroll processing for accountants, employers and employees. The BrightPay Connect app increases the level of accessibility that employees have to their payroll data while providing innovative features that reduces the overall administrative HR processing time and general payroll related enquiries.
Payroll bureaus can now automate the distribution of payslips and eliminate the need to print or email payslips to employees. Employees no longer need to contact their payroll bureaus when they need 6 months’ worth of past payslips when applying for a mortgage or loan. The leave management tool reduces back and forth correspondence between you and your client. All leave requests can now be managed by your client and will automatically be added to the BrightPay payroll software on the bureaus PC. Under the GDPR, it is recommended that you provide individuals with a remote self-service system. BrightPay Connect offers an additional layer of security while providing a self-service app, helping bureaus work towards GDPR compliance.
Employers can offer their employees a self-service app offering full transparency when accessing payslips and other personal information. The annual leave management tool allows employers or HR managers to seamlessly process leave requests with changes flowing through to BrightPay payroll software. The employer portal provides an overview of all employee leave in the company-wide leave calendar, ensuring that employers have adequate cover at peak times. The smartphone and tablet app allow employees to seamlessly connect and interact with employers and HR managers, cutting down on employee queries, making it a valuable time-saving tool.
The employee payroll app provides a better control process, improved efficiency and an online platform for your team to manage their payroll information and personal contact details. Employees have instant access to their payroll information including payslips, an employee calendar and an annual leave request facility. Employees can also view their annual leave balance and HR documents such as their contract of employment. The BrightPay Connect app offers enhanced GDPR security for the employee’s personal payroll data. BrightPay Connect is powered using the latest web technologies and hosted on Microsoft Azure for ultimate performance, reliability and scalability.
Click here for a full list of employee app features.
Related Articles:
Jun 2018
5
Employers must take steps to protect and securely manage employees’ personal data to comply with GDPR. Equally, where a business outsources their payroll to a third party (payroll bureau), they are legally obliged to provide assurances to safeguard the payroll information they manage on behalf of their clients. Places are limited.
If an employer fails to comply with auto enrolment, the Pensions Regulator will take enforcement action. Although the rollout of auto enrolment began in 2012, it is now that the true consequences of non-compliance are coming to light.
Data Protection has always been a concern for BrightPay and we have always aimed to act with complete integrity in this regard. In preparation for GDPR, we have had to complete a total review on how we gather, maintain and use data. We have taken steps to securely protect our customers information including increased encryption, securely deleting files from our servers and updating our privacy policies in line with GDPR.
Key changes | Updated privacy policy
Whenever a data controller uses a data processor there needs to be a written contract in place. The contract is important so that both parties understand their responsibilities and liabilities. The GDPR sets out certain information which needs to be included in the contract.
Find out more | Template Data Processor Agreement
BrightPay’s employee self-service smartphone and tablet app is available with our cloud add-on BrightPay Connect. The advancement of employee mobile apps offers many different advantages for employers, employees, and the business as a whole. For employers and HR Managers, the user-friendly portal will streamline payroll processing while reducing the number of payroll queries from employees.
Where possible, the data controller should offer self-service remote access to a secure system providing individuals with access to their personal data. BrightPay Connect is a self-service option which provides online access 24/7. Employees can view and download current and historic payslips, P45’s and P60’s. Annual leave can also be requested which flows through as a notification for the employer to approve. Employee contact information can be edited and updated, keeping records accurate at all times.For payroll bureaus, your clients can instantly access payslips, payroll reports, an employee leave calendar, and amounts due to HMRC.
If you are employing staff for the first time this year, it’s important to understand what to do and when, so you can meet your automatic enrolment duties on time. Your legal duties begin on the day your first member of staff starts work. This is known as your duties start date. Even if you think you won’t need to put staff into a scheme, you will still have duties.
Are you missing out on BrightPay's newsletter? We will not be able to email you without you subscribing to our mailing list. You will be able to unsubscribe at anytime. Don’t miss out - sign up to our newsletter today!
May 2018
24
Payroll Data & GDPR - What you need to know about consent, emailing payslips, and your legal obligation.
Employers must take steps to protect and securely manage employee’s personal data to comply with GDPR. Equally, where a business outsources their payroll to a third party, they are legally obliged to provide assurances to safeguard the payroll information they manage on behalf of their clients.
Given recent cyber-attacks, an updated security process is definitely required to protect the personal data that we manage. GDPR is not a new concept, it is simply a data protection process that is being upgraded to protect all individuals. Essentially, GDPR is an overhaul of the way we process, manage and store individual’s personal data.
This free webinar will uncover the ins and outs of the impact of GDPR on your payroll processing, highlighting the biggest areas of concern including emailing payslips, employee consent and your legal obligation. Places are limited, book early to avoid disappointment.
We will walk you through some important steps to achieve GDPR compliance by examining the following topics:
What does GDPR mean for your payroll processing?
Payslips & GDPR Compliance
Breaching GDPR
BrightPay & GDPR
GDPR is changing how we communicate with you. After May 2018, we will not be able to email you about webinar events, special offers, legislation changes, other group products and payroll related news without you subscribing to our newsletter. You will be able to unsubscribe at any time. Don’t miss out - sign up to our newsletter today!
Related Articles:
May 2018
22
As one of the largest payroll software providers in the UK and Ireland, we have a lot of customers using our payroll software, but did you know that we have a number of other useful HR software packages available?
BrightPay is a payroll software which is future-proof, having been programmed using modern technology, it allows the user to process and run payroll effortlessly no matter how large or complicated it may be. Having a feature-rich interface allowing the user to customise reports, set up unlimited pay rates, additions and deductions, the options are endless making the weekly/monthly pay-run a breeze!
As with the Windows version, BrightPay for MAC has no unnecessary limitations or pointless restrictions on what you can do. It has proven to be a breath of fresh air for many customers who have switched from competing products. Features like seamless RTI and automatic enrolment functionality have been elegantly integrated into the software along with other key features such as CIS and HMRC payments – including the Employment Allowance and Apprenticeship Levy.
This HR software allows the user to manage and create professional contracts of employment for their workers, and also includes an Employee Privacy Policy in line with the new data protection legislation, GDPR. It also has a customisable Staff/Company Handbook with all the legislative and best practice policies and procedures that are recommended for any business with staff. The software also provides a wealth of online support documentation such as template HR letters, checklists, guidelines, etc.
BrightPay Connect is a powerful add-on to the payroll software which enables secure automatic backups of your payroll data to the cloud. The web based self-service dashboard for employers and their employees is an invaluable tool for those employers looking to put their best foot forward in terms of GDPR readiness and compliance.
Related Articles: