Written by

Bernard Marr

Bernard Marr is a world-renowned futurist, influencer and thought leader in the fields of business and technology, with a passion for using technology for the good of humanity. He is a best-selling author of 20 books, writes a regular column for Forbes and advises and coaches many of the world’s best-known organisations. He has over 2 million social media followers, 1 million newsletter subscribers and was ranked by LinkedIn as one of the top 5 business influencers in the world and the No 1 influencer in the UK.

Bernard’s latest book is ‘Business Trends in Practice: The 25+ Trends That Are Redefining Organisations’

View Latest Book

Follow Me

Bernard Marr ist ein weltbekannter Futurist, Influencer und Vordenker in den Bereichen Wirtschaft und Technologie mit einer Leidenschaft für den Einsatz von Technologie zum Wohle der Menschheit. Er ist Bestsellerautor von 20 Büchern, schreibt eine regelmäßige Kolumne für Forbes und berät und coacht viele der weltweit bekanntesten Organisationen. Er hat über 2 Millionen Social-Media-Follower, 1 Million Newsletter-Abonnenten und wurde von LinkedIn als einer der Top-5-Business-Influencer der Welt und von Xing als Top Mind 2021 ausgezeichnet.

Bernards neueste Bücher sind ‘Künstliche Intelligenz im Unternehmen: Innovative Anwendungen in 50 Erfolgreichen Unternehmen’

View Latest Book

Follow Me

What Are The Pitfalls Of People Analytics And Data-Driven HR?

2 July 2021

People-related data is arguably HR’s most important asset. But when data becomes a core asset, the need for careful data governance becomes even more pressing. 

Today’s HR teams potentially have access to huge amounts of data, and this can bring great rewards for those who use that data intelligently. But, data also brings its own unique challenges. Therefore, before implementing any data-driven HR approach, it’s important to consider the potential pitfalls that surround employee-related data, particularly when it comes to their personal data.

Data privacy

Obviously, HR teams need to operate within the data privacy laws of their country. Here in the UK, unless you’ve been living under a rock, you’ll know that personal employee data comes under GDPR – General Data Protection Regulation – which comes into effect in May 2018. I talk more about this in my article ‘What GDPR means for HR teams’, but suffice to say that GDPR will impact the way HR teams gather, store and work with employee data. 

What’s interesting about GDPR is how it cracks down on companies that take a laissez-faire approach to data privacy. Companies that fail to properly protect employees’ personal data, or are found to be misusing personal data, face stiff fines of up to €20 million or 4% of annual worldwide turnover, whichever is the greater of the two. T

Protecting against data breaches

Amidst this harsher regulatory landscape (not to mention the reputational fallout of high-profile data breaches), HR data must be properly secured and protected from threats. If you think that no one would be interested in stealing your employee-related data (as opposed to, say, customer credit card details), think again. It may surprise you to know that medical data is 10 times more valuable to criminals than credit card data. So the lesson is: if it contains personally identifiable information, data of any kind can be valuable.

But hoodied criminal hackers trading data on the dark web aren’t the only source of data breaches. The insider threat (whether malicious or through sheer ineptitude) is huge. In one example, a Boeing employee inadvertently caused a breach that might have exposed the personal data of 36,000 Boeing employees, including their names, date of births, and social security numbers. How? The unlucky employee was having trouble formatting a spreadsheet, so he sent it on to his spouse for help, unaware that the spreadsheet contained hidden columns with confidential information.

In another example, a disgruntled employee of British supermarket Morrisons deliberately exposed colleagues’ personal data online. In a landmark High Court case, the supermarket was found liable for the breach. Just imagine the consequences of such a breach when GDPR is in effect. The damage to a business’s finances and reputation could be catastrophic.

Understanding the ethical pitfalls

As well as sitting on the right side of the law, HR teams also need to ensure their data usage sits within the company’s ethical boundaries. Most companies these days emphasise a culture of openness and honesty. If your data-driven HR activities fly in the face of that culture – for example, by clumsily implementing data projects or poorly communicating how data is used – it could lead to massive morale and trust issues.

That’s why one of the key pieces of advice I give to businesses is this: transparency. Transparency around what employee data is being collected, transparency around why it’s being collected, and transparency around how it will be used.

It’s also important to add value for employees and emphasise the positive outcomes of using their data. People are far happier for their data to be used when they feel they’re getting something valuable in return, whether it’s better working conditions, more effective management, a safer environment, or whatever.

The importance of good governance

Practising good data governance will help ensure your HR data remains a valuable asset and doesn’t turn into a liability. Here’s a snapshot of what good data governance means in practice:

  • Create data governance procedures (if you haven’t already). This may include defining who owns the various people-related data within the organisation, who is responsible for data accuracy, who is responsible for controlling access to the data, and who is responsible for updating the data. It should also cover how the data can be used.
  • Get consent for employee data. Consent is a critical pillar of data privacy. This means HR must get employees’ express permission in order to collect and process their personal data. It used to be that consent was assumed as part and parcel of employment. Thanks to GDPR, that’s no longer the case.
  • Be strict about data usage. GDPR means you can only use personal data for the specific purpose for which consent was given. If you want to use the data for a different purpose, new permission is needed. It’s vital HR colleagues fully understand this, as the fines for misusing data can be enormous.
  • Practise data minimization. This means gathering only the very essential data, i.e, data that can help meaningfully improve the company and add value. Data for data’s sake is worthless, and can actually prove detrimental to the company in the long run.
  • Anonymise data. Wherever possible, you should anonymize personal employee data, which means stripping it of any personal markers that link an individual to that piece of information.
  • Protect and secure your data. There are certain safeguards any business can put in place to secure data and prevent breaches. Such measures can include encrypting data, having systems in place to detect and stop breaches while they’re happening, and training staff so they never give away secure information.

Read more about how HR teams can get the most out of data and analytics, without falling foul of the pitfalls, in my book Data-Driven HR. It’s packed with real-life examples and practical ways HR teams can deliver maximum value in our increasingly data-driven world. 

Business Trends In Practice | Bernard Marr
Business Trends In Practice | Bernard Marr

Related Articles

The 10 Tech Trends That Will Transform Our World | Bernard Marr

The 10 Tech Trends That Will Transform Our World

What makes the fourth industrial revolution so different from previous industrial revolutions is the convergence and interaction between multiple technology trends at once. In thi[...]

How Any Business Can Build Data Skills

Anyone interested in how businesses can start making better use of the explosion of data that's available for capture, analysis, and insights, has probably heard about the data skills crisis.[...]

How To Build A Business Data Infrastructure

In the information age, data is one of a company’s most valuable assets. Businesses that distinguish themselves in how they work with data are leading the field.[...]

How Do You Prioritize Data Projects?

Every business could come up with hundreds (or thousands) of potential data projects. How do you prioritize?[...]

9 Steps You Can Take to Help Save the Planet | Bernard Marr

9 Steps You Can Take to Help Save the Planet

Caring for our natural world is everyone’s responsibility. The good news is that taking action to reduce your impact doesn’t have to be difficult or expensive[...]

The 5 Biggest Cloud Computing Trends In 2022 | Bernard Marr

The 5 Biggest Cloud Computing Trends In 2022

During 2020 and 2021, cloud computing exploded as work went virtual and businesses adapted to the global pandemic by focusing[...]

Stay up-to-date

  • Get updates straight to your inbox
  • Join my 1 million newsletter subscribers
  • Never miss any new content

Social Media



View Podcasts