Many companies are focusing their GDPR efforts around their external data. They’re reviewing and systems to ensure compliance with customer’s new rights. However, the new regulation also extends to the data you hold on your employees. So, following 25th May, you need to show regulators that you’ve factored HR and payroll into your compliance strategy. They should have a permanent seat at your GDPR table, right alongside finance, IT and operations.