Get Started for Free Learn More

7 GDPR Principles – How Excel Spreadsheets Represent a GDPR Risk

March 26, 2018 in Compliance, GDPR, Training

Legacy Systems

Legacy tracking methods such as Microsoft Excel spreadsheets has sufficed in some instances for several years, however that is all about to change.
A once-off ‘tick-box’ approach is likely to present significant compliance risks, therefore planning an ongoing compliance approach is essential.

Excel GDPR Risk Baner

Download the infographic

Data processing is collecting, storing, recording, and even deleting personal data.

When considering an ongoing approach we need to ask:

    • What is expected of employees
    • What are the consequences for non-compliance?
    • How will your company approach requests for personal data?
    • What are your obligations as an employer?

A once-off ‘tick-box’ approach is likely to present significant compliance risks.

Now under GDPR, non-compliance penalties present further risks that could result in large fines. Beyond that, there is also company reputation on the line, which could result in lost customer orders.

How Excel Represents a GDPR Risk

The GDPR has outlined seven key principles. They are:

  1. Lawful, fair and transparent processing
  2. Purpose limitation
  3. Data minimisation
  4. Accurate and up-to-date processing
  5. Limitation of storage
  6. Confidential and secure
  7. Accountability and liability

Considering this, how does the use of Excel spreadsheets for tracking employee data represent a new compliance risk?

Lacks Transparency
The ability to search and provide employees access to their data is unreasonably difficult and time consuming with Excel spreadsheets.

Difficult to Limit Purpose
Excel’s arduous version control means that additional and unnecessary data creeps into the spreadsheet.

Poor Data Minimisation
Excel spreadsheets are notorious for containing duplicate data, which can be difficult to identify.

Inaccurate Data
With duplicate data comes inaccurate data and further human error, which becomes impossible to track.

Inadequate Storage
Excel spreadsheets are often stored in different locations such as company servers and personal devices, making it difficult to track.

Security Risk
With poor storage comes the risk of a data breach. How do you know who has access to the spreadsheet? This includes accidental loss and the intentional manipulation of data.

Low Accountability
When required to ‘prove’ compliance, Excel spreadsheets are a poor option for reporting, either to management or auditing bodies.