Keeping Employee Files Protected
Security of employee data has gained attention when it comes to data on company computer networks and intranets. A recent court case, Dittman vs UPMC, has held a company responsible for employee data that was stolen from its computer network. In addition to reviewing your electronic data security policies, do not forget to review the hard copy file security of your employee data as well. Here are a few reminders on securing your physical employee data files:
Files must be kept in a locked file cabinet at all times:
These file cabinets should be locked whenever not in use and always when the office is empty. This preventative measure ensures no one can access employee and client data if they do not have the clearance to do so.
Only essential personnel such as HR manager should have access:
Only employees allowed to access those files are allowed to have access to the key that unlocks them. Such employees would include employers, HR managers, and any related assistants if allowed.
I9s must be kept separate from the rest of employee data:
I9s should be kept in a separate binder or folder away from the rest of the employee files. This allows employers a quicker and easier access to such important documents when needed.
Benefits such as medical care and health insurance should be kept separate:
Any type of insurance enrollment forms should be kept separate from other new hire information. This information should go in a separate medical folder to distinguish the employees who are enrolled in benefits from those who aren’t. This should also only be accessible by whoever is in charge of benefits and open enrollment for the company.