The introduction date was announced two years ago, and I suppose that somewhere in the world there must have been someone who started their countdown to 25th May and the introduction of GDPR straightaway. Unfortunately for many people despite all the warning it has been left to the last few months or weeks. It’s not dissimilar to the frantic efforts we made as teenagers to complete a week’s worth of homework in one massive session of a Sunday night. But ever the optimist I have to believe that no matter how odious the task, there must be something positive, a silver lining if you like, for us, if only we take advantage of it.
So, I decided the ask a few professional recruiters if experience of ensuring GDPR compliance would strengthen a CV.
Simone Devereux of Solo Search in West Yorkshire kicks me off with a positive message on my voice mail. ‘Yes’, she says, then after a short pause I hear the ‘but’, there is often a but in answers to this sort of question, ‘only initially’ she concludes.
I understand what she means, with a pessimistic view I suppose there will be companies that leave it until 25th May to start looking at how they will comply with GDPR, and so they will be looking for someone who has done it, so that they can achieve compliance quickly. Hopefully this will be a small number of companies, which means that they could have their pick from a large pool of candidates with the right experience, so as Simone reminds me supply of expertise could outstrip demand.
Looking beyond 25th May Simone explains that GDPR is not just a one-off event, but an on-going change in the way organisations of all types collect, store and utilise data. So, every employee regardless of their job role will have to comply with the GDPR regulations. This means that every employee will be expected to apply GDPR to their job. The more likely scenario is that candidates without GDPR experience might find it difficult to get interviews.
The key GDPR skill that could attract a salary advantage which companies might need says Simone is knowing how to conduct a GDPR audit, but she continues most organisations will probably outsource that activity.
Sue Bradnock from SVB Solutions in Coventry a specialist HR recruiter is already seeing clients ask specifically for GDPR experience, it is because organisations are taking the new regulations seriously and acknowledging the wide impact GDPR will have on the way that HR departments operate from policies and procedures to HR information systems
This recognition of the impact that GDPR will have on the way HR functions operate, agrees Tim Holden from Bold Recruitment in Cambridge another specialist HR recruiter will drive the demand for specialist GDPR skills. But he says when we start to see that demand emerge at a significant level will depend on how quickly the Government starts to investigate organisations and bring GDPR prosecutions. Once there have been a few high-profile cases with big fines organisations will start to take the issue really seriously. We have to look to the past he says to understand the potential impact on salaries. Think about the requirement for gender pay gap reporting. That was something and nothing until the gap in some big-name organisations like the BBC started to get media coverage. Now we all understand the value someone with experience of dealing with a gender pay gap can bring to an organisation.
What that will create in terms of size of salary increases is also difficult to predict he continues. Again, you really have to look to the past. Look at what happened when TUPE for example was introduced in 2006 and how salaries rose when demand for those specific skills outstripped demand. People could, suggests Tim, see GDPR experience potentially creating a 10percent increase in salary. So, there may be an advantage in being an early adopter!
David Winterburn from search firm Burns Tempest in Leeds agrees that there could be an almost immediate increase in salary for HR jobs with a specific GDPR responsibility, like the GDPR audit roles that Simone mentioned, but, says David those roles are only going to exist in bigger organisations. He expects most organisations to list GDPR experience as a desirable rather than an essential, so I suppose job hunters shouldn’t get too excited.
Ever the voice of common sense in my network of contacts, David is sure that once the hullabaloo over GDPR introduction on 25th May has died down wise HR professionals will see GDPR as just another piece of legislation that they have to understand and the ability to ensure organisational compliance just another aspect of their eclectic HR set of skills and knowledge.
Keith Watson from 360-degree HR Solutions in Scotland is also sure that there will be a short-term advantage, but that this will pass as GDPR compliance becomes just another slice of the bread and butter of good HR practice activities.
Nevertheless, as Keith points out if you have experience of successfully achieving GDPR compliance and completing the subsequent audits that ensure continued compliance you should not be shy about putting it on your CV.
I get the feeling that for most HR professionals being able to demonstrate their competence in GDPR compliance is not in the long term going to be all that important, after all it will be a part of every HR role in some way or another pretty soon after 25th May.
Investigating this question has reminded me of when the Access to Medical Reports legislation was introduced in 1988 and responsibility for ensuring compliance fell on my lap. I can still quote sections of the legislation. Any advantage that my exclusive knowledge gave me was dissipated very quickly because a key part of my role was to ensure that I transferred my knowledge to everyone else in the HR department. Indeed, I would have to say that I would have failed in my objective if I had maintained a knowledge advantage.
On reflection I think that there were two-real advantages of being the person with responsibility for ensuring legislative compliance.
Firstly, there were the new skills and knowledge that I gained from that process. Project management, there was a definite deadline that had to be met, communication of information to a wide range of people, negotiations with senior managers and trade union officials, presentations to ensure understanding, writing manuals, policies and procedures, and not forgetting some interesting lessons in conflict resolution from having to deal with the company nurse and doctor.
The second thing I gained was exposure, more people in the organisation got to see me work, helping them, and all that added up to a very valuable addition to my internal CV, and that opened the doors to even more exciting opportunities.
If you are still wondering how GDPR will affect your organisation you can find out more at this link