We propose redefining your approach to your contingent workforce population with the utilization of Talent Pool. Talent Pool allows your company to break down rigid job constraints by matching the current needs of tasks and projects with previously engaged talent. It houses a robust repository of your talent to allow for easy access and instant click-to-engage work. Below are three benefits your company will experience with Talent Pool:

1. Cost Savings

By having access to mobilize talent quickly, organizations can quickly backfill sick employees, find talent for critical projects, and reduce reliance on staffing agencies. This helps the bottom line with the reduction of time spent searching for talent and the elimination of staffing markups.

2. Scale Faster

The ability to search for candidates who meet the requirements for your open positions in real-time increases efficiency and productivity for your organization. Talent Pool allows your company to filter through talent based on skillset, location, and past engagement ratings to find the perfect fit at a moment’s notice.

3. Maintain Compliance

With ever-changing legislation surrounding 1099 compliance, local laws, and legal documentation, companies are becoming overwhelmed to stay compliant. Talent Pool allows your company to stay GDPR compliant with complimentary compliance checks across markets for all of your workers.

Request a Demo Today!

“Being recognized as an Award-Winning Contingent Workforce Company is such an honor,” says Robyn Ise, CTO of TargetCW. A panel of judges made up of prominent editors and reporters from top-tier publications in North America such as Accounting Today, AdWeek, Associated Press, Baron’s, Consumer Affairs, USA Today, and Wired, among others, looked at over 700 entries and hand-picked StaffingNation as a winner in the Enterprise Category. “It seems to get harder each year to select the best of the best in Best in Biz Awards. As a consumer reporter, it is particularly gratifying to me to see so many businesses striving to enhance the customer experience,” says Mark Huffman, Consumer Affairs.

On a commercial level, the GDPR can be seen to be implemented across businesses in the countries where it applies, and in fact to businesses who sell to customers based in countries where the GDPR applies. There are still a few websites that have chosen to take the route of banning entry by any user whose IP address shows them to be in an EU country, and a notice will show that states the related business to the website has taken the step due to the data protection issues. Essentially, businesses globally are deciding whether or not their trade is affected by banning sales or interest from EU countries, or if they are better off aligning to the requirements. Businesses that are based in areas where their data protection law holds the same level of stringent requirements that the GDPR does, such as in California, have been seen to align faster and facilitate EU trade to continue. There have been over 500 cross-border cases of data protection rights seen since the GDPR was incepted. A report on these cases and other rules enforcement subjects must be compiled by the European Commission for review by May 25th.

GDPR and Brexit

The most meaningful change within the GDPR is how it will play out in the UK, with laws being set to be taken into review post Brexit. There are several issues relating to Brexit that will have a bearing on the GDPR and its impact, but the UK is set to adhere to all EU standard rules throughout 2020. At that time, they will be considering how their internal laws will align with the GDPR, as there has been a commitment made by the UK to adhere to the standards created by the GDPR after they pull out of EU regulatory oversight post-Brexit. It remains to be seen how this will affect businesses that trade with UK consumers, and it is a good example of why it has become important.

GDPR and the World

In a global context for all jurisdictions to have comparable data protection laws. When there are stipulations made by laws that transcend jurisdictions, such as the GDPR does with non-EU businesses that hold information on residents of EU countries, there is a good reason to ensure on a national level that all data protection laws adhere. This acts to further the ability for consumers and businesses to trade globally, and even for social and news media-related information to be shared. While certain data protection laws can differ from the GDPR, such as the California Consumer Protection Act, the spirit of the laws aligns and that makes going the extra bit further to ensure data protection alignment to the GDPR or other global data laws much easier.

Conclusion

2020 will see the interpretation of data protection requirements that were set out by the GDPR reviewed for enforcement and adherence. This includes on a national level in all EU member states, but also for companies globally that store information of EU residents, even with their knowledge and consent. Businesses globally have been seen to be generally conducive to aligning their practices to the GDPR standard where they have an EU consumer base, but that has been seen to not be the case across the board. Some companies have chosen instead to block access to their sites by an EU resident whose IP address indicates their residence in a GDPR compliant country. Those companies will likely align in the future, but that remains to be seen.

1. Notice to Consumers

When a business is collecting information directly from consumers, that business must provide a notice to the consumer at the point of collection. That notice must inform the consumer what personal information is being collected, what the purpose of collection is, and whether there is any financial incentive being offered in exchange for the business using that data. This notice needs to be visible or accessible before any personal information is collected. The proposed regulations note that if a business collects personal information from a consumer online, the notice at collection may be given to the consumer by providing a link to the applicable section of the business’ privacy policy.

2. Notice of Right to Opt-Out

If your business sells its consumers’ personal data, it is time to read the proposed regulations thoroughly. There is some great guidance on how to comply with the “opt-out” requirements. Specifically, it is noted a business shall post the notice of right to opt-out on the webpage the consumer is directed to after clicking on the “Do Not Sell My Personal Information” or “Do Not Sell My Info” link on the website homepage or landing page on a mobile app. The proposed regulations even go so far as to give an example of what the opt-out button or logo should look like. This opt-out option needs to be addressed for offline methods of collection as well.

3. Request to Delete

For those of us already GDPR compliant, we are all too familiar with the “right to be forgotten.” With CCPA, consumers have a similar option which is entitled “request to delete.” This allows a consumer the right to request any personal information collected about the consumer to be erased. The business needs to have two methods for placing these types of requests – whether it be email, telephone, interactive webform, or US mail. The proposed regulations indicate that when a business receives a “request to delete,” they must confirm receipt of the request in 10 days and respond within 45 days. The company must also log any “requests to delete.” There are exceptions that allow a business to not delete information in certain situations. Those include when the information is necessary to:

• Complete a transaction.
• Provide a good/service the consumer has requested.
• Perform a contract.
• Detect security incidents.
• Protect against “malicious, deceptive, fraudulent, or illegal” activities.
• Prosecute people responsible for “malicious, deceptive, fraudulent, or illegal” activities.
• “Debug to identify and repair errors that impair existing intended functionality.”
• Ensure the exercise of free speech.
• Ensure the business can exercise “another right provided for by law.”
• Comply with a legal obligation.

4. Service Provider Contracts

Businesses may also need to update service-level agreements with any third-party provider where data processing is at issue. CCPA defines the term “sell” in a broad manner that does implicate arrangements where there is an exchange of value between the business and another party for the consumer’s personal information. The Proposed Regulations indicate that Service Providers should not use personal information collected from one business to provide services to another business. Specifically, it is indicated “A Service Provider shall not use personal information received either from a person or entity it services or from a consumer’s direct interaction with the Service Provider for the purpose of providing services to another person or entity. A Service Provider may, however, combine personal information received from one or more entities to which it is a Service Provider, on behalf of such businesses, to the extent necessary to detect data security incidents, or protect against fraudulent or illegal activity.” It also becomes critical that businesses utilizing service providers are contractually addressing the data processing relationship and providing clear instructions on how to respond to a consumer request that is received by a Service Provider on behalf of a business it services.

5. Employees Excluded from the Definition of Consumer until 1/1/2021

AB 25 has modified the definition of “consumer” under the CCPA to exclude for one year “a natural person whose personal information has been collected by a business in the course of a person acting as a job applicant to, an employee of, a contractor of, or an agent on behalf of, the business, to the extent the person’s personal information is collected and used solely within the context of the person’s role as a job applicant to, an employee of, a contractor of that business.” As long as an employer is collecting the data of its candidates and employees for purposes solely relating to employment, the CCPA generally does not apply to the collection of that personal information. This exemption will remain in effect only until January 1, 2021. It is anticipated that we will see a separate employee privacy bill proposed prior to the one-year deadline.

TargetCW takes data privacy seriously and believes it is best to take a transparent approach to how we handle personal information. Check out our policies at https://www.tcwprivacy.com/policies.

The EU’s privacy watchdog is predicting that the first enforcement actions under the General Data Protection Regulation (GDPR) will be announced in the coming months. Violations can carry hefty fines up to 4 percent of a company’s global revenue or about $23 million, whichever is higher. Regulators may also temporarily ban companies over violations.

Giovanni Buttarelli, the European Data Protection Supervisor, told Reuters in an interview on Tuesday that regulators have received a flood of complaints about privacy violations since the GDPR went into effect on May 25.

“I expect first GDPR fines for some cases by the end of the year. Not necessarily fines but also decisions to admonish the controllers, to impose a preliminary ban, a temporary ban, or to give them an ultimatum,” Buttarelli told Reuters.

“The fine is relevant for the company and important for the public opinion, for consumer trust. But from an administrative viewpoint, this is just one element of the global enforcement,” Buttarelli said, though he declined to give any hints about which companies were going to see penalties.

GDPR laws also make companies liable for any third-party vendors you contract with and release employee or customer information to. TargetCW has been at the forefront of protecting its clients from unnecessary lawsuits by being one of the first to implement comprehensive GDPR compliance across their organization. If you are currently using an employer of record or staffing agency, you need to ensure they are also GDPR compliant. We put together a helpful website for our clients to vet our compliance. Check it out at www.tcwprivacy.com and see if your current vendors have taken the required steps to prevent a lawsuit.

_________________________

source: thehill.com