How You Can Prepare
Here are some ideas that you can use to prepare for GDPR as well as state and federal data security laws:
1. Determine How Your Outsourced Vendor is Managing Your Payroll Data
Make sure that data is provided securely and discriminately. Some outsourced vendors allow unlimited access to your data from firms such as debt collectors. Is your vendor allowing this? If so, how does your vendor know that the debt collectors systems are secure? If unlimited access is allowed to your data by a customer of your vendor, all of your data is at risk.
2. Learn How You’re Managing Your Payroll Data
If you perform employment verifications in-house, you must ensure that you are securing your data from unrestricted access. You also should be diligent about having an audit trail so you can track all data to know when it was accessed and by whom. In fact, in some cases, the biggest risks to your business security may be your employees.
3. Review Alternatives
Whether you outsource employment verification or not, an employment verification vendor may be able to assist you with your process. For example, your vendor can show you how to utilize employee ID’s instead of Social Security Numbers to fulfill employment verifications.
Your vendor can also show you how to implement additional steps to your process to restrict how data is accessed and by whom. Finally, your vendor can help you securely manage your employment verifications in-house whereby your organization maintains payroll data allowing access to your employment verification vendor on a per-case basis.