Blog post

Collection of Personal Employee Data – How much is too much?

Today, almost everything we do at work creates data.

Conversations with colleagues are captured in email chains. E-tickets, payments, and vehicle trackers for every spot of business travel. Performance metrics are recorded in mammoth spreadsheets. Much of this data sits with HR teams. It’s often highly sensitive, and incredibly personal.

Unsecured, inaccurate, and outdated data puts businesses in breach of GDPR. Failing to store information safely can undermine employee trust, put companies at risk of data breaches, and destroy reputations. Keeping data safe and secure is a non-negotiable. But that’s easier said than done when there’s just so much of it.

Keeping a limited amount of data in a secure and centralised system can reduce the chance of theft, corruption, and human error. But how should HR teams limit what they keep without missing out on vital data insights?

Let’s explore.


The True Value of HR Data

HR teams keep different data for different reasons. Retaining some employee data is a legal requirement, like employment records and details about pay, leave, and contributions. However, other non-essential data is kept to improve the employee experience, productivity, and company. For example:

  • Keeping performance review information can help leaders work with employees to improve outcomes.
  • Storing existing interview questionnaires can help companies identify why their people are quitting.
  • Referring back to learning and development data can help businesses spot skill gaps.


There are countless benefits to a data-driven HR approach. Companies can use this information to improve engagement, progression, and retention. But it all hinges on the quality and quantity of data collected. And many HR departments are failing to collect enough of the right data to make a meaningful impact.


The Risk of Too Much HR Data

We’ve all been told that data is the be-all and end-all. That we can solve all our problems with the right data. This is how companies fall into the over-collection trap. Holding onto data that they’ve been told is important but lacking the facility, capacity, and understanding to properly use and manage it.

too much post it note

Storing too much of the wrong data can put businesses in breach of GDPR. This was the case when H&M overstepped the mark on people analytics and was fined for keeping excessive employee records back in 2020.

Under GDPR rules, businesses must ensure the data they keep is accurate and up to date, and that proper security is in place to protect against unlawful or unauthorised access. But another key element of the legislation is to only keep what is necessary, and use it in a way that is adequate and relevant.

Essentially, if you can’t justify what you’re keeping, you shouldn’t be keeping it. The more you have, the more you need to protect.


Beyond compliance, good data practices are essential for employee, partner, and investor relationships. When private information isn’t kept safe, it’s not only a breach of regulation – it’s a breach of trust!

For years, HR professionals have leaned on spreadsheets to manage and maintain employee data. But this may not be the most secure option.

It’s all too easy to click in a spreadsheet cell and alter or delete data – undermining the accuracy and reliability of information. And it’s harder to garner data insights from spreadsheets; you can see the information, but you can’t always see what it means.


Tips for Better Data Management

Modern data management systems offer encryption and security protections that top even the most tightly monitored spreadsheet. With advanced data analytics capabilities, you can do more good with the information you collect.

When you strip back your data collection approach (so only the relevant stuff is stored, maintained, and used responsibly), you build trust with your employees at a time when retention couldn’t be more important.

To finish off, here are some quick tips for improving your HR data management and only hanging onto the stuff that matters:


1. Run an audit on your employee data

If there isn’t a clear reason for collecting it, you shouldn’t have it.


2. Assess how your current data is helping towards specific company objectives

If it isn’t helping, perhaps you’re not focusing on the right data.


3. Empower employees to manage their data where possible

Provide a connected app to your HR platform that lets teams update their data.


4. Use a system that enables you to customise data access and roles

This will manage the access of people to only see the stuff they’re authorised for.


5. Centralise all of your employee data in a secure space

Increase protection and stop private information from moving around in the wrong places.


Managing Compliance, Data and Employment Best Practices

HR excellence webinar

Looking for more on HR data management and compliance? Check out our webinar and learn how you can achieve HR excellence.

Collection of Personal Employee Data – How much is too much? was last modified: March 1st, 2024 by Beatriz Araujo

Enquire about using HRLocker in your organisation in 2024

Book a Demo

Join our Newsletter

Receive blog posts, updates & keep up to date with HRLocker!