How to Keep Employee Data Secure

Businesses should want to keep their employees' data safe. Let's look at ways that businesses’ can keep their HR data pool safe and secure.

Share This Post

An HR data breach is the unauthorized access to unencrypted or unredacted records or data that has personal information with the intention to use the data illegally in a way that would cause harm; and it’s every company’s worst nightmare. Fixing the mess often requires a big effort and the fallout can be a PR nightmare. Understandably, employees and job applicants expect that their private information – such as their Social Security Number (SSN), medical records, and date of birth – will be stored securely. Let’s talk about some straightforward ways that businesses’ can keep their HR data pool safe and secure.

How to Keep Employee Data Secure

1. Create data security policies

Data security policies should:

  • Identify the type of employee information the company will store.
  • Explain how the company will protect and secure sensitive data.
  • Lay out clear rules and consequences for unauthorized viewing, copying, or transmitting sensitive employee data.

2. Train employees on data security

All employees and managers should be trained on the data security policies created by the company. Managers who will need to access sensitive information should be trained to recognize signs of attempts to breach HR data such as phishing scams in order to prevent unauthorized access. They should also be trained to report any attempted data breach.

3. Secure all employee HR data

Whether employee data is on physical paper or in digital form, it needs to be stored securely to avoid a data breach. Paper files should always be stored in a locked cabinet or room with one manager responsible for the key. All electronic data should be encrypted, password protected and on a secure server – full access to data should not be available to all managers. Passwords should be difficult to guess and changed on a regular basis. Electronic systems should be evaluated and maintained regularly to reduce the risk of a hack or virus.

4. Comply with Hawaii’s security breach reporting law

Hawaii’s data breach notification law requires disclosure of a security breach “without unreasonable delay” as described in §487N-2(a) of chapter 487N of the HRS. The law is applicable to any business that owns or licenses personal information of residents of Hawaii and any business that does business in Hawaii that owns or licenses personal information in any form.

5. Follow federal and state recordkeeping laws

Hawaii law requires wage records to be maintained for six years. Both federal and Hawaii law require a significant amount of information to be maintained. After the six years is up, make sure to dispose of the records properly. For paper records, shredding is an option. You may need to contract with a reputable third-party vendor to properly dispose of digital records in a way that complies with federal regulations. It’s also important to note that the Americans with Disabilities Act (ADA) requires employers to separate employee medical information from employee personnel files; access to the records must also be restricted.

6. If possible, do not use SSNs

Because SSNs can so easily be used for identity theft or other types of fraud, this data must be stored in the most secure way possible. Employers should also avoid transmitting or using employees’ SSNs whenever possible

7. Use a data access log to track access

One of the best deterrents to an internal employee data breach is to keep a log of anyone who accesses employee records. For paper records, the employee should be required to mark the date, time and why they accessed the records. Digital records should be on software that can both control and log when and by whom employee records are accessed. Review the access log every month and investigate any attempts that were not authorized.

Partnering with Makai HR

Not excited about employer laws? That’s okay; we’ve got you covered through HR outsourcing! When you partner with Makai HR you can get on with the business you are trying to grow while we take care of your employee needs from payroll to taxes, health insurance/benefits and worker’s compensation. You also gain peace of mind that you are in compliance with all of Hawaii’s employer laws (if you’ve ever looked you know that the list is very long). When choosing a PEO to partner with, there are many things to consider including cost, services and technology solutions.

We know how important it is to keep labor costs in line with revenue. Our plans are priced competitively and include value-added services like time-in/time-out systems. Our three tiers of PEO service plans are tailored to the size of your business and specific needs. We offer a 100% paperless solution which means that your employees can manage their needs through a computer, tablet or phone. We can truly improve your employees work benefits while freeing you up to run your business.

What are you waiting for? Companies that partner with a PEO benefit from 7-9% faster growth, 10-14% lower employee turnover; and they are 50% less likely to go out of business. Contact us today to get started!

Subscribe To Our Newsletter

Get updates and learn from the best

Let's get started, it's easy!