If you work in HR, you have more resources available than ever to store and organize files. However, you are also as vulnerable as ever to having them compromised or stolen. When handling documents as private as income statements, health records, and legal records, it is essential to know exactly where your documents are and how to disclose them only to the appropriate parties.
Here are some tips that will help you make sure the documents under your care are secure:
Use a separate network—By using an exclusive network from the rest of the workplace, you help make sure that other employees don’t intentionally or unintentionally access confidential data. Create a network that is clearly distinct from others that are located nearby. If possible, install a firewall on your personal computer as a second control.
Password protect—As with any data you protect, you need to create a password for documents with sensitive information. Make sure the password is complex, unique, and disclosed to others on a need-to-know basis only. Use passwords not only for critical documents, but for the network you use as well.
Give specific user access to different files—Identify who needs to have access to which files, and make sure that files are only shared with those individuals. Make sure to keep on top of privacy regulations like HIPAA, FCRA, and ECPA so you know what kind of information can be shared and with whom.
Share confidential information on a need-to-know basis if there’s a question as to whether somebody needs access to a given document, steer on the side of caution. Avoid the embarrassment and liability of compromising data by knowing the guidelines and consulting with legal professionals if necessary.