Aug 2018

20

Thesaurus Connect: The GDPR Survival Toolkit

Thesaurus Connect is tailored to help you overcome some of the key challenges GDPR presents when processing payroll. The payroll itself is still processed on Thesaurus Payroll Manager’s desktop application, however the payroll information is stored online on a secure cloud server. As the payroll information is stored online, it has allowed us to bring you even more benefits to help you with GDPR compliance.

Secure Cloud Backup

With the GDPR, it is important to keep a copy of payroll files safe in case of fire, theft, damaged computers or cyber attacks. Essentially Thesaurus Connect is a secure cloud backup, keeping employee’s payroll data safe and secure. A chronological history of all payroll backups will be maintained which can be downloaded and restored at any time.

Self-Service Remote Access

GDPR includes a recommendation to provide remote access to a secure system, which would provide employees with direct access to their personal data. With Thesaurus Connect, employees can be invited to their own password protected self-service portal. Employees can login to the portal 24/7 on any device, including PC’s, Macs, tablets and smartphones (essentially anywhere that they have access to an internet browser) or there is also an employee smartphone app where employees can login and get notifications directly to their device.

Password Protected Payslip Portal

With Thesaurus Connect, employees can access a payslip library where they can view and download all historic and current payslips. Employees can also access payroll documents such as P60s, HR documents such as their contract of employment, personal data held by their employer and past and scheduled leave.

Right to Rectification

The right to rectification of personal data held is an important employee right under the GDPR. With the employee self-service portal, employees can update their basic personal details such as their phone number and postal address.

Accurate Employee Records

Data controllers and data processors must ensure that the personal data held is relevant and up-to-date. As employees can update their basic personal details on Thesaurus Connect, this ensures that employers have access to the most accurate personal details for employees.

User Limitations and Restrictions

With the GDPR, data controllers must ensure that, by default, only personal data which is necessary for each specific purpose of the processing can be accessed. Therefore, payroll processors should only have access to the personal data that is strictly required for processing the payroll. This is referred to as data minimisation, or privacy by default. With Thesaurus Connect, users can be set up so that they only have access to the information needed to complete their specific responsibilities. For example, there may be a HR manager who should not have access to employee’s payroll data, or a payroll processor who should not have access to employee documents or employees marked as confidential.

Central Location for Employee Documents

Thesaurus Connect acts as an all in one central location to store all things employee related, including payroll, HR and other employment related documents. Employers have the ability to upload documents that apply to all employees (e.g. company handbook), documents that are unique to individual employees (e.g contract of employment), or even documents that are relevant to a particular department.

Secure Document Exchange

If you are a payroll bureau, you can invite your payroll clients to Thesaurus Connect to their own online employer dashboard. This is a secure portal for client communications, eliminating the need to send documents with sensitive personal information by email. Clients can view employee payslips as soon as they have been finalised, they can run their own payroll reports and view amounts due to Revenue. This offers an additional layer of GDPR protection for client’s payroll data.

Essentially, by introducing Thesaurus Connect in your business, you will be taking steps to be GDPR compliant. Book a demo today to have a look at Thesaurus Connect.

Related articles:

BrightPay Payroll Software | Thesaurus Payroll Software

Posted byRachel HynesinEmployee Self ServiceGDPR


Aug 2018

15

How will PAYE Modernisation impact on your payroll?

In late 2016, Revenue issued a consultation document outlining their vision for the introduction of Real Time Reporting (RTR) or PAYE Modernisation in Ireland.

This will modernise the Pay As You Earn (PAYE) system, and mean that employers will be required to report pay, tax and other deductions, as well as details of employees leaving the organisation, at the same time as they run their payroll.

The new obligations for employers are due to take effect from 1 January, 2019, meaning businesses have a limited amount of time to prepare their payroll systems to be compliant with the new RTR / PAYE Modernisation rules.

Do you use payroll software? If so, there are two methods of reporting payroll in real time:

  • Direct Payroll Reporting - allows your payroll software to communicate seamlessly with Revenue Online System (ROS) and exchange the required information.
  • ROS Payroll Reporting - you can upload files created by your payroll software to ROS.

Payroll software companies have been working with Revenue to ensure that the software will be compatible with Revenue’s requirements. We would advise that you use payroll software, but if you don’t, you will be able to retrieve Revenue Payroll Notifications and complete a form through ROS. This reporting process will eliminate the need to file:

  • P30
  • P35
  • P45
  • P46

P60s

You will no longer be obliged to produce a P60 for your employees. Revenue will produce an end of year statement for all employees.

Information you will report to Revenue

You must provide Revenue with payroll information for each employee, including:

  • Payment date
  • Amount of pay 
  • Amount of Income Tax, Universal Social Charge (USC) and Local Property Tax deducted.

Upcoming free online webinars:

PAYE Modernisation for Employers - Understanding and implementing the new legislation

PAYE Modernisation for Payroll Bureaus - Understanding and implementing the new legislation for your clients

 

Related Articles:

PAYE Modernisation: How successful was it in the UK?
PAYE Modernisation - List of Employees
PAYE Modernisation - The Facts
PAYE Modernisation - Understand how your payroll processing will change

 

Are you missing out on our newsletter? We will not be able to email you without you subscribing to our mailing list. You will be able to unsubscribe at any time. Don’t miss out - subscribe today!

BrightPay Payroll Software | Thesaurus Payroll Manager

Posted byHolly McHughinPAYE Modernisation


Aug 2018

3

GDPR & the right to rectification:

Under Article 16 of the GDPR, individuals have the right to rectify data that is inaccurate about them. An individual may also be able to have incomplete personal data completed. Although you may have already taken steps to ensure that the personal data was accurate when you first obtained it, this right imposes a specific obligation to reconsider the accuracy upon request.

 

What do we need to do?

If you receive a request from an individual to rectify their personal data, you should take reasonable steps to ensure that the data is accurate and rectified if necessary. The reasonable steps taken will depend on the nature of the personal data and what it will be used for. The more important the personal data is to be accurate, the greater the effort you should put into ensuring it’s accurate and if not, taking steps to rectify it.

 

When is data inaccurate?

The GDPR does not give a definition of the term accuracy. However, it states that personal data is inaccurate if it is incorrect or misleading in any way. It is the data controller's responsibility to ensure the personal data they manage is accurate and up-to-date.

 

Can we refuse to comply with the request for rectification for other reasons?

You can refuse to comply with a request for rectification if the request is excessive or manifestly unfounded, taking into account whether the request is repetitive in nature. There are two things you can do if you consider that a request is excessive or manifestly unfounded:

 

1) Request a “reasonable fee” to deal with the request
2) Refuse to deal with the request

 

You will need to justify your decision in either case. The reasonable fee should be based on the administrative costs of complying with the request. If you decide to charge a fee, it is advised that you contact the individual within one month. You do not need to comply with the request until you have received the fee.

 

In most cases, you cannot charge a fee to comply with a request for rectification. However, as noted above, if the request has been excessive or manifestly unfounded you may charge a reasonable fee to cover the administrative costs.

 

Related Articles:

GDPR & Payroll processing: Do I need consent from my client's employees?

BrightPay launch an employee payroll smartphone app.

GDPR: What you need to know

 

Are you missing out on our newsletter? We will not be able to email you without you subscribing to our mailing list. You will be able to unsubscribe at any time. Don’t miss out - subscribe today!

 

Thesaurus Payroll Software | BrightPay Payroll Software

Posted byHolly McHughinGDPR


Aug 2018

1

Customer Update: GDPR & PAYE Modernisation Special Edition

PAYE Modernisation Explained

PAYE Modernisation or real-time reporting (RTR) will enable Revenue to ensure that employees are receiving their correct tax credits and cut-off points throughout the year. This compares with the current PAYE reporting which is done through P35s on a yearly basis.

Learn more | Frequently asked questions

 

Free GDPR Webinar | Guest Speaker: Data Protection Commissioners

Graham Doyle, Head of Communications from the Data Protection Commissioners office will be joining us to discuss GDPR and the effect it is having on all businesses. This FREE CPD accredited webinar will look at what is new in GDPR, how it may affect your business and what have we learned from the GDPR 3 months on. We will also look at how Thesaurus Payroll Manager can help your organisation utilise the new regulation to benefit you, your customers, suppliers and employees.

Register today | Full agenda

 

PAYE Modernisation To Do List: Step 1 - List of Employees

In preparation for PAYE Modernisation, Revenue is asking employers to send a list of their employees through Revenue's Online Services (ROS). This list will ensure that both Revenue and employer records are accurate and up-to-date.

Find out more

 

Manually Calculating Payroll with PAYE Modernisation

A significant number of employers are still processing their payroll using a manual or spreadsheet system. A manual approach may seem like an attractive option but can result in inaccurate payroll processing. From January 2019, employers will be required to submit their payroll returns electronically and in real-time, each payroll run, allowing Revenue to access the most up-to-date information.

Find out more

 

Privacy Policies - A GDPR Requirement

One of the main principles of the GDPR is that data shall be processed lawfully, fairly and in a transparent manner. These three elements overlap and all three must be satisfied in order to demonstrate compliance. The GDPR stipulates that anywhere personal data is being collected, either directly or indirectly, Privacy Notices should be in place.

Find out what to include

 

PAYE Modernisation FREE webinar in conjunction with Revenue

We have teamed up with Sinead Sweeney who is the PAYE Modernisation Change Manager for the Revenue Commissioners. The webinar will peel back the legislation to help you understand and implement the new changes for your business. The objective of PAYE Modernisation is for Revenue, employers and employees to have access to the most accurate, up-to-date information relating to pay and statutory payroll deductions. Places are limited.

Employer webinar: 4th September | Bureau webinar: 6th September

 

GDPR: Do I need consent from my client’s employees? (Bureaus Only)

Many bureaus have expressed concern and confusion in relation to getting consent from their client’s employees and securely distributing payslips. Payroll bureaus do not need to seek consent from individual employees that the payroll is processed for. However, the employer will need to inform their employees that they are sharing their personal information with a third party.

Read more

 

GDPR: Frequently Asked Questions

Our GDPR experts have put together a list of some of the frequently asked questions that we have been asked by our customers regarding the General Data Protection Regulation. Additionally, the legislation states that whenever a data controller (e.g. business/employer) uses a data processor (e.g. payroll bureau) there needs to be a written contract or Data Processor Agreement in place.

View all FAQs | Template Data Processor Agreement

 

Are you missing out on the Thesaurus newsletter? We will not be able to email you without you subscribing to our mailing list. You will be able to unsubscribe at anytime. Don’t miss out - sign up to our newsletter today!

Posted byKaren BennettinCustomer Update