Is the personal information of your Employees Safe?
Safeguarding the Personal Identifying Information (PII) of your current and former employees, along with those applying for a position, is extremely important.
There are legitimate times that a person is required to provide personal details about themselves. It may be during their application for credit or a loan, a rental application, or even when they are the subject of a background check. This personal information can include their date of birth, social security number, and many other things that can identify them as the person they say they are.
However, the threat of that information getting into the wrong hands worries many. It exposes individuals to possible identify theft, which can cause long term ramifications to their credit, security, and future employment. Many times people don’t even know they have been compromised until some red flag arises.
That is why it is understandable that job applicants are often reticent about sharing this information when it comes time for the employment background check.
As a company and employer, what can you do to alleviate their fears?
Keeping both your clients' and employees' personal information safe is the responsibility of every company, even a small business. That is why it is important to put practices in place from the beginning that will help!
That duty begins with guarding the Personal Identifying Information (PII) of your employees and clients.
As an employer, you are required to develop and implement a policy for the safe handling of PII. You must also include the rules of behavior expected, including the consequences for non-compliance.
You should also recognize that employees are often the “weak link” when it comes to safeguarding PII.
Making sure they are both thoroughly trained and monitored helps.
Steps to Help you safeguard PII:
- Determine if Information is PII
- “De-Identify” your Records ~ removing as much PII from your records as possible
- Anonymize your Information ~ consider substituting a code for PII
- Control / Limit Access to PII ~ limiting the number of people who have PII access
- Onsite Location of PII ~ keep all PII records onsite with limited accessibility
- Confidential Transmission of PII
- Develop an Auditing Program ~ ongoing monitoring of potential PII breaches
Learn more about what constitutes PII and how to safeguard it in “Tips to help you Safeguard Personal Identifying Information in your Small Business”.
Does Your Company have a Privacy Policy? Find out Why You Should!
Establishing sound rules regarding the PII of your job applicants and existing employees all starts with creating a good Privacy Policy!
Creating a sound Privacy Policy is a crucial step in ensuring their PII is handled safely and thoughtfully.
Your Privacy Policy, or Privacy Statement, should have two versions. One that will appear on your website and one for the Owners, Managers, and Employees of your company.
Discover what needs to be included in each and why here!
However, no matter what you include in your PII Policy, the best way to protect your employees, clients, and your company is to practice the “minimum necessary principle”.
The goal is to minimize the use, collection, and retention of PII to the least amount necessary.
This includes the previously mentioned limiting of access to PII. It also means the proper destroying of records physically, shredding for example, and digitally (sanitizing).
Creating sound PII handling procedures, along with a company Privacy Policy, makes sense.
It is not only vital to your applicants and employees, it is good for your company and your reputation…and that is priceless.
Authored by
Check out the Privacy Policy on our website here!
And learn more About Us and Our Services too!
