This Month Only! >> $20 off and a FREE SHRM tote with your membership and code TOTE2018!
Sign up for free email newsletters and get more SHRM content delivered to your inbox.
Is your employee handbook keeping up with the changing world of work? With SHRM's Employee Handbook Builder get peace of mind that your handbook is up-to-date.
Build competencies, establish credibility and advance your career—while earning PDCs—at SHRM Seminars in 12 cities across the U.S. this spring.
#SHRM18 will expand your perspective – on your organization, on your career, and on the way you approach HR. Join us in Chicago June 17-20, 2018
Members may download one copy of our sample forms and templates for your personal use within your organization. Please note that all such forms and policies should be reviewed by your legal counsel for compliance with applicable law, and should be modified to suit your organization’s culture, industry, and practices. Neither members nor non-members may reproduce such samples in any other way (e.g., to republish in a book or use for a commercial purpose) without SHRM’s permission. To request permission for specific items, click on the “reuse permissions” button on the page where you find the item.
Several recent data privacy breaches underscore the vulnerability of sensitive employee information to mishandling. Whether the documents are retained on paper or electronically doesn’t seem to matter; in either form, human error and a breakdown of good data privacy practices are allowing personally identifiable information, including employee names, addresses, Social Security numbers and employment records to escape their employer’s watch.
On June 5, 2008, administrators at Stanford University learned that a laptop computer containing records of approximately 62,000 current and former employees had been compromised. According to a notice on the university’s web site, data on the laptop included:
Two days later, New Mexico officials acknowledged that state documents with names and Social Security numbers were thrown into a trash bin behind the state’s Department of Workforce Solutions office in Roswell. The documents were discovered by an employee in a nearby building, who saw the papers flying out of the trash on a windy day.
Unsecured data housed on laptops is an increasingly common source of accidental privacy data breaches, privacy experts say. More than 80 percent of nearly 500 companies surveyed in 2006 by the Ponemon Institute, a Michigan security consultancy, reported the loss or theft of a laptop or other computer device containing sensitive data. Officials at a Connecticut drug manufacturer have reported a rash of recent laptop thefts, including one containing 13,000 employee records.
Nefarious employees are also behind a spate of recent data breaches of confidential nonemployee data. In May 2008, the Justice Department arrested five Internal Revenue Service employees in California for improperly accessing confidential taxpayer files.
Since 2005, more than 200 million sensitive and private personal files have been released improperly by hundreds of organizations, according to the Privacy Rights Clearinghouse, a San Diego-based advocacy group.
In some cases employers—particularly those handling health, banking or insurance records—can be subject to huge fines for not adequately protecting private consumer or employee data.
A growing number of states require employers to provide free credit monitoring services to workers affected by a breach.
Rita Zeidner is a senior writer for HR Magazine.
You have successfully saved this page as a bookmark.
Please confirm that you want to proceed with deleting bookmark.
You have successfully removed bookmark.
Please log in as a SHRM member before saving bookmarks.
Please sign in as a SHRM member before saving bookmarks.
Please purchase a SHRM membership before saving bookmarks.
An error has occurred
Recommended for you
HR Education in a City Near You
SHRM’s HR Vendor Directory contains over 10,000 companies