Your payslip is often send by mail, it is more direct, better for the environment and it is easier to archive, but with the GDPR regulation, it is extremely dangerous to just send out emails that contain valuable private information like payslips.
In your payslip private information has been stored, and it would be dramatic if this information would be leaked, or even worse, come in the wrong hands.
But according to Arnoud Engelfriet, the above is changing nothing to how security should be managed. The thing the new GDPR law will change is the fact that these type of things need to be documented.
In the near future, it would not be weird if you would have to cross a checkbox in your contract where you state that you allow the company to send out your payslip via email.
Actions to take
- Special attention is required for the processing of personal data via e-mail.
- You must specify which data may and may not be sent via the mail.
- You must specify how the security must be.
- You must specify which data can better be made available in a different way.