Identity theft. Data breaches. Privacy laws. These aren’t things you want to hear or talk about it, but unfortunately, they are top of mind for employers and HR professionals. Given the amount of personal employee information employers receive, it makes sense.
Let’s think about it: In terms of hiring and onboarding alone, employers already have the following sensitive employee information in their hands:
That’s a lot of personal identifiable information – just on day one, and it’s information that can do a lot of damage if it gets into the wrong hands. And that’s just the tip of the iceberg. Employee medical information, specifically, has strict rules around how it’s safeguarded.
There are a number of federal and state laws that have specific mandates around how employers maintain and safeguard employee information.
In fact, the U.S. Equal Employment Opportunity Commission (EEOC) recommends the following:
“Do not place medical information in regular personnel files. Rather, keep medical information in a separate medical file that is accessible only to designated officials. Medical information stored electronically must be similarly protected (e.g., by storing it on a separate database).”
So, if you’re still keeping employee personnel files in a locked filing cabinet, you may want to rethink your trust in that form of security.
Not surprisingly, there are also limitations around who can view medical files. According to the EEOC, employee medical information may only be disclosed under the following circumstances:
Of course, there’s certain employee information that is okay to disclose without fear of breaking confidentiality laws or a potential lawsuit.
According to the Society for Human Resource Management (SHRM), the following employee information can be shared – when and where appropriate:
Employers have a huge responsibility when it comes to protecting employees’ personal information. Even seemingly harmless actions – like sharing someone’s full birth date to a coworker who wants to plan a birthday party for them – can be a breach of confidentiality.
What’s more, it’s up to employers to ensure that personal identifiable information is stored securely and doesn’t get in the wrong hands. One great way to do this? With reliable HR software that can help you easily and securely store and organize employee documents.