September 19, 2014
Here’s a checklist of things HR can do to better secure your organization’s data:
- Take the time to educate yourself. The technology might seem intimidating, but there’s no excuse for failing to keep up with today’s security requirements.
- Conduct background checks on all new employees—even those who don’t use computers.
- Provide a security workshop as part of new-employee orientation.
- Emphasize ongoing education through annual workshops, newsletters, e-mail and ongoing intranet postings.
- Develop a code of conduct and require employees to acknowledge that they understand it and will abide by it.
- Mandate nondisclosure agreements for all employees handling sensitive data.
- Encrypt all confidential human resources files and limit access only to employees who require the data. Don’t send any private or confidential information through e-mail unless it’s encrypted. Instead, rely on conventional mail or sealed envelopes delivered through inter-office mail.
- Adopt a team-oriented security approach that includes a representative of every major department. Analyze problems, concerns and flaws on a regular and ongoing basis.
- Don’t forget about low-tech security protection, including keys, signatures and paper shredders.
- Work with the security or the compliance department to establish spot checks and audits. You can’t build a better system if you don’t know your weaknesses.
Workforce, May 1998, Vol. 77, No. 5, p. 56.