Are your HR records safe on paper? With GDPR round the corner, maybe it’s time to make the switch to a digital HR solution.
For any small business, keeping on top of your employee’s records is difficult. Squeezed out by the other priorities while you keep your business running smoothly. Most small businesses keep all their employee information on paper – and why not? Paper HR systems have worked for hundreds of years. Arguably thousands. But, in May 2018 the General Data Protection Regulations (GDPR) are introduced and you may find your paper based system is no longer up to the job.
GDPR is not just for computer data.
Yes, GDPR was designed to meet the threat to individual privacy from the growth of electronic data storage and cyber-attacks – but the regulation applies to information held on paper as well. You’ve the same obligation to protect your employee’s privacy. Ironically, reforms designed to meet the data protection challenges of a digital economy are more difficult to apply to paper-based information.
Of course a random teenager can’t hack your filing cabinet from the other side of the world.But paper does have very real security risks. Let’s take a look at two fictitious but typical examples of small business, paper-based HR.
Tom has five employees and keeps all their information in a big folder in his desk. But, for quick access, he keeps a note of their contact numbers by the telephone.
Barbra runs a team of twenty five. Every employee has an individual file in a large filing cabinet – and there’s a handy address book to make contacting staff quick and easy for her line managers – and a peg with all the employee updates waiting to be filed.
Tom and Barbra are busy people. They need to keep some employee information handy, but struggle to keep on top of their HR admin. Of course they’d never want their employees’ details to get into the wrong hands, but you can see how easily it could happen. And they are not alone. Every paper-based system develops its own idiosyncrasies as its owner tries to make it easier to use.
But as a small business, you’d be forgiven for thinking you’re not a target. And in a way you’re right. Your records are probably safe from all-out attack. A filing cabinet being “hacked” won’t make headline news anytime soon. But only one employee’s private information getting into the wrong hands is enough. Enough to lose the trust of your employees. Enough to breach GDPR (and the fines are hefty).
Take a step back. Look at your own employee records system. Are staff details held in multiple places for convenience? And who can see them? Do you know how many copies there are? Information on paper can have multiple lives as copies are made. Have you carefully destroyed every piece of redundant information? There are no surviving copies anywhere? Nothing was dumped in the trash? No traces in your address book?
Keeping track of paper isn’t easy. Information slips through the cracks of even the strictest security policy. Give yourself five minutes to count how many ways your employee’s privacy could be compromised. Either by malicious intent, carelessness or accident. It’s a sobering exercise.
The cloud makes data storage more secure and convenient than any paper-based system. No system is foolproof, but a digital HR system gives you control with the information you need at your fingertips. Staff access to data is on an individual basis, so everybody can see the information they need – and no more. Employee data is truly private.
Making the transition to a digital HR solution doesn’t have to be difficult. It comes down to choosing the right software for your business. And that software must be GDPR ready.
Further information on GDPR from this excellent article by Jessie Day on Simply Business