So, what are you doing to secure private employee data?
Probably not enough, unfortunately. Fifty three percent of HR professionals say they’ve seen or have been guilty of questionable data management practices, according to a BambooHR report.
It gets worse: More than 10% of employees say they’ve been victim of a data breach that originated with the company.
When their personal information was stolen from their employer, they often times experience identity theft and financial losses. And they almost always lose trust in their employers.
Protect private employee data
So it’s more imperative than ever that HR pros — and everyone who touches private employee data — clamp down on that information so it doesn’t get in the wrong hands.
But how — especially in the age of the dark web, deep fakes and rapidly expanding Artificial Intelligence?
In this episode of HRMorning’s 3-Point, our expert shares practical tools and tips to keep employee data secure. Some of the solutions will come from working with your vendors. Other critical elements include minimizing who has access to the data and how it is handled once it’s in those hands.
Click, watch and listen for more details on building happiness in your workplace.
Transcript (edited for clarity):
You have a lot of employee data. And you’ve done a lot to keep it private. But it might not be enough.
Today, just one state – California – has employee data privacy laws. But twelve states have laws that govern how companies handle all private information — things as simple as people’s full names and email addresses to things as sensitive as their social security and bank account numbers or performance records and health history.
All of that is critical data at HR’s fingertips. And now, in the age of Artificial Intelligence, it’s more important than ever that you secure it.
Jason Albert – the Global Chief Privacy Officer at ADP – has tips to move HR pros in the right direction. First …
Albert: If you’re an HR manager, what you’ve got to think about is, all right, how do we use employee data in the HR context? How do we process it? For what purposes do we capture it? Who do we share it with? Who are our vendors? How do we make sure that we are able to respond to employee requests for that information? Do we have a records retention policy that we implement so we are not keeping it longer than it’s needed? Have I worked with our security team to make sure that information is protected against a data breach?
And this is likely the most critical rule for data privacy.
Albert: A common privacy principle we call data minimization, right? You only share data with people who have a real need to know it. And so part of a good privacy practice is limiting access internally to only those who need to know information.
And for employees …
Albert: Make sure that you know what data is being processed about you, how your employer is going to use it, who they’re going to share it with, give you an opportunity to have access to it so that you can see what’s there if they no longer need it, to make sure that they’ve deleted it.
Now our takeaways on employee data privacy …
- Ask questions. Albert gave us eight important ones to ask when you talk about any data.
- Minimize access. Limit who can get their hands on data as much as possible.
- Be proactive. Before your state mandates how you handle private data, let employees know how you use and protect it.
Privacy is in HR’s control. Take command now.