Companies are learning the hard way that consumers do not appreciate personal data or financial information being stolen by hackers. While consumer data protection seems to be the focus now, there is a lack of HR professionals seeing the need to protect employee data. More than 40 percent of companies are not training their HR personnel to safeguard this data, according to SmallBizTrends.
A company’s employee data can contain some very personal information – information that you can be sure that they would not want to make public. Many businesses have already learned the hard way that it can be costly to have a breach when data security policies and measures were lax.
Employee Data Is Valuable to Data Hackers
Employee records contain a lot of information about an employee. When accessing this data, which some hackers will try, they will find information they can use – or sell. The data not only contains names and addresses, but also Social Security numbers, phone numbers, work records, clearance levels, job responsibilities, health, driver’s license, and more. The very nature of the data makes it attractive to potential hackers and disgruntled employees.
Similar Protection Is Needed for Employees and Customers
After recent large data breaches have occurred at some companies, it has created a powerful awareness that greater protection needs to be given to customer data. Unfortunately, the same level of protection has not yet been given to employees. In fact, many HR personnel remain untrained and ignorant of the need.
Difficulties in Data Protection
A major problem with protecting employee data is that many people in an HR department are given access to the data. Another problem comes from having personnel data being digitally transferred from one place to another over unprotected channels. One more problem is that it may reside in multiple places and devices.
Data Protection Starts with Identifying Locations
It is impossible to protect your data if you do not know where it is stored and accessed from. Finding out everywhere it is being stored is essential to protecting it. Then, you need to know every route that it may travel to and from users. Storing it on spreadsheets is not a good idea because up to 25 percent of all data theft occurs from Microsoft Office documents, says Sapho, the software developer.
The Cost of Data Loss
When there is a loss of employee data, you can expect that it is going to cost you in several ways. Current laws, if you fail to take steps to protect that data, mean that you are apt to pay costly legal fees, penalties and fines. There will also be a loss of productivity during the investigation and other procedures – as well as damage to your company’s reputation.
Developing the Protection You Need
Protecting your employees’ data may take some time. You will need to get rid of paper-based systems, which can be lost or destroyed by storm or flood, and possibly move the data to the cloud. In order to develop a solid data protection plan for your company, you need to:
- Understand the current laws and responsibilities of employers to protect the data (state, federal, and international)
- Identify what type of employee data you need to protect
- Find out where the data resides
- Ensure secure data storage and transfer
- Determine who can access it
- Develop data protection using best practices
- Instruct HR personnel and employees about new policies and precautions
- Maintain training of new employees
- Keep up with new data protection laws and technology.
Finding out exactly what you need to do and how to do it is important. The sooner you get started implementing these steps lowers your risk of employee data loss.