In order to support their European customers in following General Data Protection Regulation (GDPR) that will be implemented across all European Union countries 25-May-2018 Lanteria offers new GDPR supporting functionality within the Lanteria HR core solution.
Our GDPR solution covers all mandatory areas required by Data Protection regulation:
Right to be forgotten
Right to be forgotten ensured by Data Deletion and Data Anonymization functionality. Upon request all Employee record can be deleted, or it can be anonymized – in this case employee history and sensitive data is deleted, name is anonymized.
Right to be informed
Our solution also provide the possibility To be informed for Employee. All the Employee related data structure can be demonstrated to Employee per his or her request. Employee will know which data is stored and processed in Lanteria HR.
Right of access
LanteriaHR solution covering Right to access requirement. Every Employee can access his or her data trough the Employee Self-Services functionality in Lanteria HR.
Right to rectification
Our solution also covers Right to rectification. For example, we grant employees permissions to correct their data through the Employee Self-Service. Additionally Employee can ask HR to correct the data through HR Help Desk or by mail.
Right to restrict processing
Lanteria strictly follows Right to restrict processing rules.
- Lanteria HR does not provide any data to the 3rd parties
- All the data is stored in the system, secured, restricted by the access permissions and authentication
- Data is available only at the “need to know basis”
- Company HR is owning the employee data and is responsible for the correct processing
Right to data portability
Our solution also supports Right to data portability. For example, Lanteria HR allows exporting data to different portable formats (.csv, .xls, .doc, .pdf).
Right to object
We also covering Right to object requirements.
- Lanteria HR collects and stores employee data only for internal HR purposes defined by labor legislation
- Data is not transferred to any external marketing, scientific or other institutions that use personal data for research or other purposes
LanteriaHR GDPR functionality supports legislation requirements towards to the both Personal and Sensitive Personal data protection. Personal data and sensitive data is handled separately from all the other employee data and is visible to HR only. This data is protected by access restrictions.
In addition to that we made Sick Leave absences visible only to HR with our new features.
LanteriaHR GDPR solution also includes security and data protection, that consists of multi-layer security model, which includes Microsoft OS and SharePoint security restrictions and Lanteria role-based access control. In addition to that Lanteria has obligation to notify authorities of personal data breaches within 72 hours after Lanteria becoming aware of it.
Lanteria HR utilizes MS SharePoint services (logs, audit trails, version history) for keeping records detailed data processing.
We take care about our customers. With LanteriaHR GDPR solution our customers will be compliant with General Data Protection Regulation (GDPR) requirements as well as with any other legislation, rules and policies.