Today we’re going to talk about The Do’s and Don’ts of Record Keeping: how to keep it confidential, clean out the clutter and hopefully simplify what can be a very difficult process. We’ll go over what you need to keep and where you need to keep it.
There’s a lot in the papers, in the news and the HR resource world that you see about documentation and record keeping and everything that you need to do. There is a lot to do and it is very, very important that you do it. But we’re going to break it down for you today so that you can stay compliant.
Data security, records privacy, and identity theft should be on every HR professional’s radar. The Privacy Rights Clearinghouse reports that half a billion records containing personal identifying information have been exposed since 2005. (PRC is nonprofit consumer education and advocacy project whose purpose is to advocate for consumers’ privacy rights in public policy proceedings.)
Almost every week you read in the papers or on the Internet about someone’s information being breached. It could be a database somewhere with your personal information that was exposed to some hacker giving them your social security number or banking information. You certainly don’t want this to happen to you or your employees.
So how can you safeguard your information and the information of your employees? Data breaches are the result of incidents such as computer drives being stolen or lost, emails and regular mail sent mistakenly that contained personal information, and sophisticated and not-so-sophisticated computer hacker attacks. These events exposed Social Security numbers, credit card numbers, bank account information, drivers’ license numbers, and other personal information that could be used to steal a person’s identity.
What happens when there is a data breach in your organization?
Well even if your organization isn’t large enough that a data breach is going to affect you globally, and only affects your employees, it can be detrimental. When employees find out the information they gave you has gone beyond the HR office it can damage employee productivity, morale and good will.
In addition, you may face a negligence lawsuit. If your employees find out that their information has gone beyond HR and they feel that any employment decision may have been made based on that, there are lawsuits that can be brought up based on civil suits, the Civil Rights Act, or the Genetic Information Non-Discrimination Act.
So you certainly want to make sure that this information remains confidentially and does not go beyond the limits of where it needs to go. In some state laws, you can be found legally responsible if you did not properly secure and dispose of the information. Therefore, as the custodian of personal identifying information about your employees, you must guard against its unauthorized access and misuse in order both to protect workers from identity theft and your organization from liability.
You can take several steps to safeguard paper and computer records to protect sensitive information in workplace files from improper access and use. These steps should include:
Do you know exactly what records you need to keep and for how long?
When you’re setting up personnel files and your employee record retention information, you need to know what you need to keep and for how long.
Employee record destruction can be tricky. It can be hard to remember exactly how long to keep payroll records (3 years) or Affirmative Action plans (2 years). What about if the employee is terminated? Do you know how long to keep those records? And what about COBRA documents? Do you keep those things forever? If you aren’t exactly clear on the topic of record retention and destruction, maybe it is time for a refresher course.
The Human Resources Department must retain and destroy personnel records in accordance with corporate polices on Business Records Retention as well as federal and state laws governing records retention.
Remember: Personnel records include electronic as well as paper copies.
As we wrap up 2013, now is a perfect time to get rid of some of that employee records clutter you’ve let piled up. But before you pull out the shredder, you should be clear on exactly what records you need to keep and for exactly how long.
You can print this out and hang it up in your office so that you can reference it any time you need a refresher on this topic. You will also want to go through and look at your own policies to see at what point do you destroy records and how do you separate records.
If you have any additional questions, we encourage you to contact us.
Leading effective teams in a diverse and dynamic work environment is both an art and…
How to use Interim Professional Placement to Maintain Performance and Profitability Savvy business leaders…
In today's rapidly changing business landscape, workforce planning has emerged as a critical strategy for…
Given the increasing demands you face succeeding in a competitive marketplace, ensuring compliance with employment…
Good recruiting practices, in an increasingly competitive business landscape, is paramount for any company's success.…