Issue: You're responsible for securing sensitive employee information.
Benefits: Privacy measures and policies protect employees from identity theft and privacy invasion.
How safe is your employees' personal information? Between the growing threat of identity theft and new obligations such as those under the Health Information Portability and Accountability Act (HIPAA), it's up to you to protect employees' privacy.
Here are three ways to upgrade your privacy requirements:
2. Maintain employee records properly. Managers should have access to employees' job and performance information but not to medical records, Social Security numbers or other personal data.
That's why you should keep personal information separate from employment and performance data. Store HR records in a controlled area that's accessible to only those few people, HR personnel, for example, who need them. Follow HIPAA regulations for verifying that service vendors are securely storing and transmitting sensitive employee information.
Finally, at least once a year, re-evaluate your trash-management procedures to make sure that confidential information can't inadvertently wind up in the wrong hands.
The minute you go to work with Personnel Records: What to Keep, What to Toss, you eliminate all that dangerous guesswork, including:
- Exactly how long to retain job applications, résumés, job descriptions, disciplinary letters, attendance records, leave requests, medical-related data, employment agreements, payroll records, salary information, benefits information and more
- How electronic storage requirements differ from paper requirements – and how to comply with both sets – without going nuts
- Which documents need to be maintained in separate files – and why
- How to handle medical records, and who should – and should not – have access to those files
- How to create documentation for performance reviews, investigations and discipline so they stave off lawsuits and stand up in court
- Best practices for destroying records – safely