Not yet a Member?
HR Magazine is highlighting the next generation of HR leaders.
Is your employee handbook ready for the New Year? With SHRM’s Employee Handbook Builder get peace of mind that your handbook is up-to-date.
30+ HR education programs, including 4 NEW programs on hot topics, are available for registration.
Join us in Chicago for the latest trends and technology in talent management, and what to expect in the future.
Several recent data privacy breaches underscore the vulnerability of sensitive employee information to mishandling. Whether the documents are retained on paper or electronically doesn’t seem to matter; in either form, human error and a breakdown of good data privacy practices are allowing personally identifiable information, including employee names, addresses, Social Security numbers and employment records to escape their employer’s watch.
On June 5, 2008, administrators at Stanford University learned that a laptop computer containing records of approximately 62,000 current and former employees had been compromised. According to a notice on the university’s web site, data on the laptop included:
Two days later, New Mexico officials acknowledged that state documents with names and Social Security numbers were thrown into a trash bin behind the state’s Department of Workforce Solutions office in Roswell. The documents were discovered by an employee in a nearby building, who saw the papers flying out of the trash on a windy day.
Unsecured data housed on laptops is an increasingly common source of accidental privacy data breaches, privacy experts say. More than 80 percent of nearly 500 companies surveyed in 2006 by the Ponemon Institute, a Michigan security consultancy, reported the loss or theft of a laptop or other computer device containing sensitive data. Officials at a Connecticut drug manufacturer have reported a rash of recent laptop thefts, including one containing 13,000 employee records.
Nefarious employees are also behind a spate of recent data breaches of confidential nonemployee data. In May 2008, the Justice Department arrested five Internal Revenue Service employees in California for improperly accessing confidential taxpayer files.
Since 2005, more than 200 million sensitive and private personal files have been released improperly by hundreds of organizations, according to the Privacy Rights Clearinghouse, a San Diego-based advocacy group.
In some cases employers—particularly those handling health, banking or insurance records—can be subject to huge fines for not adequately protecting private consumer or employee data.
A growing number of states require employers to provide free credit monitoring services to workers affected by a breach.
Rita Zeidner is a senior writer for HR Magazine.
You have successfully saved this page as a bookmark.
Please confirm that you want to proceed with deleting bookmark.
You have successfully removed bookmark.
Please log in as a SHRM member before saving bookmarks.
Your session has expired. Please log in again before saving bookmarks.
Please purchase a SHRM membership before saving bookmarks.
An error has occurred
Recommended for you
Become a SHRM Member
SHRM’s HR Vendor Directory contains over 3,200 companies