No HR professional is exempt from the planning.
Take the work out of creating and maintaining an employee handbook.
A one-year, all-access pass to the SHRM eLearning library features 500+ courses on a variety of HR topics to support your development.
Join us, September 27 - 28.
Several recent data privacy breaches underscore the vulnerability of sensitive employee information to mishandling. Whether the documents are retained on paper or electronically doesn’t seem to matter; in either form, human error and a breakdown of good data privacy practices are allowing personally identifiable information, including employee names, addresses, Social Security numbers and employment records to escape their employer’s watch.
On June 5, 2008, administrators at Stanford University learned that a laptop computer containing records of approximately 62,000 current and former employees had been compromised. According to a notice on the university’s web site, data on the laptop included:
Two days later, New Mexico officials acknowledged that state documents with names and Social Security numbers were thrown into a trash bin behind the state’s Department of Workforce Solutions office in Roswell. The documents were discovered by an employee in a nearby building, who saw the papers flying out of the trash on a windy day.
Unsecured data housed on laptops is an increasingly common source of accidental privacy data breaches, privacy experts say. More than 80 percent of nearly 500 companies surveyed in 2006 by the Ponemon Institute, a Michigan security consultancy, reported the loss or theft of a laptop or other computer device containing sensitive data. Officials at a Connecticut drug manufacturer have reported a rash of recent laptop thefts, including one containing 13,000 employee records.
Nefarious employees are also behind a spate of recent data breaches of confidential nonemployee data. In May 2008, the Justice Department arrested five Internal Revenue Service employees in California for improperly accessing confidential taxpayer files.
Since 2005, more than 200 million sensitive and private personal files have been released improperly by hundreds of organizations, according to the Privacy Rights Clearinghouse, a San Diego-based advocacy group.
In some cases employers—particularly those handling health, banking or insurance records—can be subject to huge fines for not adequately protecting private consumer or employee data.
A growing number of states require employers to provide free credit monitoring services to workers affected by a breach.
Rita Zeidner is a senior writer for HR Magazine.
You have successfully saved this page as a bookmark.
Please confirm that you want to proceed with deleting bookmark.
You have successfully removed bookmark.
Please log in as a SHRM member before saving bookmarks.
Please purchase a SHRM membership before saving bookmarks.
An error has occurred
Recommended for you
Join SHRM's exclusive peer-to-peer social network
SHRM’s HR Vendor Directory contains over 3,200 companies