Overview: One component of a risk management plan is protection of data. Every employer manages sensitive employer data. Whether it is client lists, future plans or other trade secrets makes little difference: employers should do everything in their power to protect this information from theft.
Data could be stolen from an inside source (such as an employee) or an outside source (such as a hacker). Employers should do their utmost to protect against both scenarios. From an HR perspective, there are employee concerns from both angles. The first, more obviously, relates to any data that the employer wants to protect from the employee - e.g., trade secrets. The second relates to data stolen that contains employee information.
HR, along with IT and any other relevant work group, need to create security guards that will both stop employees from stealing data and stop any unauthorized person from accessing employee information. Policies and employment agreements might help with some employee-related theft, whereas stronger password protections and spamming technology, along with greater employee education, are some ways to begin with the latter.
Trends: Bring your own device (BYOD) policies are growing and more and more employers are having employees bring in their own laptops, etc., in place of supplying employees with these devices. While there are many benefits to this type of service, there are also some security pitfalls regarding theft of data as the computers are often less secure, and it is harder to remove the data from the computer at the end of employment.
Author: Ashley Shaw, JD, Legal Editor
Anthem Inc., the second largest health insurance company in the nation, was recently breached by hackers who gained access to the unencrypted personal information of nearly 80 million members and nonmembers, including the company's president/CEO and employees.
In-depth review of the spectrum of New Hampshire employment law requirements HR must follow with respect to employee discipline.
Employers seeking to ensure that employees know that they should not improperly use or disclose certain confidential information and the potential ramifications of doing so should consider including this model policy statement in their handbook.
Employers seeking to notify employees of employer monitoring, measures to protect employee privacy and the strict prohibition against unauthorized or improper use of video surveillance footage should consider including this model policy statement in their handbook.
Employers seeking to set expectations for employee use of company equipment and resources should consider including this model policy statement in their handbook..
A new Delaware law, effective January 1, 2015, will require employers to take additional steps to safely destroy documents containing personal identifying information.
In-depth review of the spectrum of Colorado employment law requirements HR must follow with respect to employee discipline.
In-depth review of the spectrum of Kansas employment law requirements HR must follow with respect to Employee Discipline
In-depth review of the spectrum of Arkansas employment law requirements HR must follow with respect to employee discipline.
HR guidance on safeguarding employer sensitive data against theft.