Not a Member? Get access to HR news and resources that you can trust.
Here is how HR can help prevent the missteps that could cost your company big in court.
Is your employee handbook ready for the changing world of work? With SHRM’s Employee Handbook Builder get peace of mind that your handbook is up-to-date.
60+ new SHRM Seminar dates in 10 U.S. cities and virtually.
Expand your influence and learn how to become an effective leader -- Join us in Phoenix, AZ, October 2-4, 2017.
HR should focus on prevention, experts say
It’s bad enough that working adults have to worry about their data security when hackers attack, but now kids are being targeted, too.
On Dec. 1, 2015, Chinese toy company
VTech revealed that 4.8 million parent accounts and about 6.3 million children’s profiles worldwide were breached, according to a statement published on the company’s website.
That information included names, IP addresses, e-mails, download histories, encrypted passwords, and even the security questions and answers needed to retrieve or change those passwords. Not only was that data exposed, but the names, birthdates and genders of children were breached, too.
It should. That same kind of information has been stolen from companies’ HR files.
What's Next?In addition to credit monitoring, experts say parents may likely receive the same advice received by millions of past and present federal employees whose personal data was stolen in the U.S. Office of Personnel Management (OPM) cyberattack earlier this year and during the Sony hack.
That advice includes being vigilant about protecting data and reviewing security protocols. During the
AshleyMadison.com breach, experts suggested HR make employees participate in data security awareness training.
Cost of Breaches
For many companies, data breaches are costly affairs. According to a study commissioned by IBM and conducted by data security researchers the Ponemon Institute, the total average cost of a data breach in 2015 is now $3.8 million.
Reutersreported Dec. 2 that “Target Corp. agreed to pay $39.4 million to resolve claims by banks and credit unions that said they lost money
because of the retailer's late 2013 data breach.” In that case, 110 million people had their phone numbers and e-mail addresses stolen after 40 million credit cards were compromised.
As Jim Farrell, senior vice president of products at New Jersey-based Archive Systems, told HR professionals at a technology conference earlier this fall, HRIT professionals must be proactive when it comes to protecting their data, and that includes having a plan to prevent such breaches before they happen.
what can HR do? Farrell said HR professionals should:
“There is a movement in our industry to say, ‘This stuff is going to happen,’ ” Farrell said. Some people say, “Don’t try to worry about prevention; worry about how you’re going to respond” to a breach. But, he said, he advises against using only that approach. “It’s
important to focus on prevention.”
Aliah D. Wright is an online editor/manager for SHRM. Reach her via Twitter @1SHRMScribe.
You have successfully saved this page as a bookmark.
Please confirm that you want to proceed with deleting bookmark.
You have successfully removed bookmark.
Please log in as a SHRM member before saving bookmarks.
Your session has expired. Please log in again before saving bookmarks.
Please purchase a SHRM membership before saving bookmarks.
An error has occurred
Recommended for you
Join SHRM's exclusive peer-to-peer social network
SHRM’s HR Vendor Directory contains over 3,200 companies