Identity Theft Necessitates Securing Employees’ Personal Data — Business Management Daily: Free Reports on Human Resources, Employment Law, Office Management, Office Communication, Office Technology and Small Business Tax Business Management Daily
  • LinkedIn
  • YouTube
  • Twitter
  • Facebook
  • Google+

Identity Theft Necessitates Securing Employees’ Personal Data

Get PDF file

by on
in Office Management

Workplace identity theft doesn't discriminate. It's just as prevalent in public and government workplaces as it is in the private sector.

Consider, for example, the cyber-attacks and computer thefts at four U.S. Energy Department offices that placed in peril the personal information of at least 5,500 employees. Poor computer passwords and a lack of reporting cyber-security incidents were blamed. In New Jersey's state department of labor, a mail-stuffing machine was the culprit in the improper disclosure of the names, addresses, and Social Security numbers of approximately 500 individuals.

With the implications of ID theft so high in today's workplace, regardless of size, industry, or sector, record-keeping privacy standards are of the utmost importance. That's why it never hurts to review the basics.

  • Lock all file cabinets containing records with personal information at all times. Don't leave the cabinet open for even just 10 minutes. And never leave a file unattended on your desk, even if you close your office door.
  • Encrypt electronic data with several layers of protection, including code-level protection, passwords, and access authorization. Insist employees create complex passwords (i.e., use upper- and lower-case letters, numbers, and one or more special characters) and routinely change these passwords. Stress that change means creating an entirely new password, not just altering a single character.
  • Consult with IT. Ask them to install password-activated screen-saver programs and to establish a virtual private network, which allows employees to access the system from home as securely as they would at their desk. That way, sensitive records themselves don't leave the workplace.
  • Require employees to input a code to use copier machines. Also, if they're making copies that contain personal employee data, require them to black out any non-essential data.
  • If confidential records must be faxed, insist employees take precautions, such as always including a fax cover sheet and calling the recipient before and after sending the fax.

When it comes to personnel files themselves, run through the following audit to help prevent identity theft.

  • How many file folders do we need to maintain for each employee?
  • What types of records go into each folder?
  • Who has access to the personnel files? Who can make copies?
  • Which documents should not be kept in personnel files?
  • Should supervisors keep their own employee files? Should supervisors keep files on their employees separate from HR?
  • What needs to go to HR as duplicates?

Related Articles...

Leave a Comment

Previous post:

Next post: