[font=Calibri]Protecting Employee Payroll Information [/font]

[font=Calibri]Employers today are required by law to possess severalpieces of employee information that are very sensitive. I certainly remember a time when the term “identity theft” was not present in my vocabulary. Today, of course, we know that identity theft is a huge social issue. The I.R.S. has been reviewing its procedures regarding individuals who have had their identity stolen, and how to track the correct user of a social security number.  In addition, in response to the growingproblem, the I.R.S. is exploring using truncated social security numbers to prevent unnecessary exposure. So for employers we need to make sure we are not the source utilized for someone wishing to commit the crime of identity theft.[/font]

[font=Calibri]Let’s start with,[/font]

[font=Calibri]1.[/font][font=Times New Roman]      
[/font][font=Calibri]Do you know if the information you gather onyour employees is safe? [/font]

[font=Calibri]2.[/font][font=Times New Roman]      
[/font][font=Calibri]How do you track who has access to thatinformation? [/font]

[font=Calibri]3.[/font][font=Times New Roman]      
[/font][font=Calibri]Do you have a policy on who can access employeeinformation?[/font]

[font=Calibri]These are just some of the basic questions we have to startasking ourselves. There are some recommended best practices. The current best practice model suggests that employee information should be separated into at least three files.[/font]

[font=Calibri]a.[/font][font=Times New Roman]      
[/font][font=Calibri]Personnel file – This file contains basicinformation like application, job description, performance evaluations and discipline records.[/font]

[font=Calibri]b.[/font][font=Times New Roman]     
[/font][font=Calibri]Payroll file- This file contains all documentspertaining to the employee’s payroll including garnishment orders, W-4 and bank account information for direct deposit.[/font]

[font=Calibri]c.[/font][font=Times New Roman]      
[/font][font=Calibri]Medical file – This file contains everythingpertaining to any medical issue including medical claim information, applications for benefits and FMLA information.[/font]

[font=Calibri]This brief summary allows us to see that by separating fileswe can limit what others see in an employee file. This system allows us to know that unauthorized individuals cannot have “passive” access to information not needed to complete their particular task. As an example a supervisor completing a performance evaluation has no need to see what is in an employee payroll or medical file.[/font]

[font=Calibri]In addition I recommend that companies do a paper flowanalysis and determine how many times a piece of paper is copied. It is usually an eye opening experience to find out that there multiple copies of very sensitive documents, many times for no reason.[/font]

[font=Calibri]Electronic document retention is allowed. Companies choosingto utilize a paperless system should make sure that they can secure the information. Once again limiting access to payroll information to those who need to see that information is imperative. In addition there are some HR documents that have to be kept hard copy.[/font]

[font=Calibri]In the end we as the employer have to take the necessarysteps to protect employee information. Companies that have failed to protect employee social security numbers and bank account information have found themselves on the wrong end of lawsuits. [/font]
[font=Calibri","sans-serif]If you have questions regarding payrolldocumentation and how to secure and protect employee information let me know at gary@illuminaregroupinc.com.[/font]