Spring 2017

On April 14, 2016, the European Parliament approved the General Data Protection Regulation ("GDPR" or the "Regulation"), a new regulation that will replace the European Union's ("EU") current data privacy standard. As a regulation, the GDPR will impose a more uniform data protection regime across the Member States and makes more clear the extent of its jurisdictional reach than did its predecessor. Though the GDPR is not specific to the employment context, it is clear that the "processing" of employee data falls within the scope of its protection. This paper provides a broad overview of the ways in which the GDPR will change data protection regulations across the EU, focusing on employee data and how it is treated differently from consumer data. This paper also highlights key areas of change from the current state of the law and suggests proactive steps an employer may take to better prepare for May 25, 2018, the date on which the GDPR will start to apply.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.