As a department, HR holds probably the most sensitive data in your entire organisation. From contact details to National Insurance numbers, bank details and dates of birth; failing to keep this data under lock and key can land you in hot water with the ICO (Information Commissioner’s Office) and a fine of up to €20 million under the rules of the GDPR.
With so many of us still working from home – with many more still transitioning to a 100% remote model – maintaining the integrity of HR data has become challenging. HR leaders must ensure the data they collect on their employees is accurate, complete, consistent and, most importantly, secure and compliant with data protection legislation.
Keep an audit trail
An audit trail provides a simple, chronological log of events, changes, edits and additions to any of your HR records. From changes made to documents or policies to employee information changes; a robust audit process will allow you to track the history of your HR data over time.
Audit trails are a powerful process to have in your data integrity arsenal. They allow you to identify any events or changes which have taken place, which user made this change and the time and date the event occurred.
HR data audits can also validate employee data, confirm whether data is optimised for its intended uses, and help prepare for legislative and compliance reviews.
An audit trail is especially crucial while we are working from home due to the simple fact that we are distanced from our colleagues. While your HR team is physically apart, users are able to identify any recent changes that have been made to your HR data, by whom, at what time.
Limit system admin access
This is a critical part of maintaining the integrity of your HR data. By simply limiting the access of your users to precisely those who need admin and edit rights; you can save yourself the risk of users accidentally changing, or worse still, deleting pertinent data.
Human error is one of the biggest contributors to poor data integrity. We have all mistakenly edited, deleted or changed files that we didn’t mean to; it is important that admin rights, or modification rights, are only assigned to those members of your HR team that absolutely need it. Granted, your users (i.e. your employees) should be able to readily access their own HR file via self-service in your HR software, but they should not be able to edit or delete those records of any other employee – other than what is necessary (such as work phone numbers, emails, department, job role etc).
Allow employees to self-serve
The accuracy and completeness of your employees’ personal data hinges largely on them making any edits when they move house, change bank accounts, update contact details etc.
Giving your employees ownership of their own personal data will ensure that records are regularly updated and accuracy is as near to 100% as possible. HR software makes this entire process easier as your employees will be able to self-serve and access their employee record from anywhere, at any time. Encourage your employees to routinely check their employee record in your HR software and update any incorrect or missing information.
Keep only what’s necessary
HR departments and companies as a whole collect all manner of people data: absence records, rates of pay, T&A data, training, and not forgetting personal and confidential data.
Under UK legislation, businesses have an obligation to retain some data sets on file for defined periods of time. The introduction of the GDPR and Data Protection Act 2018 back in May 2018 tightened the duties of organisations with regard to data protection.
Data must not be kept any longer than is required by law and any that are no longer required should be immediately (and securely) destroyed. Statutory retention periods for datasets vary depending on the type of record being stored. The CIPD has a comprehensive factsheet that details the retention periods required under UK law for each type of record, from accident books to first aid training and income tax records.
While working from home, most HR leaders are relying heavily on the use of cloud-based software to retain and safeguard their employee records. HR software, like Natural HR, allows users to categorise documents into folders, restrict access where necessary and set reminders that notify you of a document’s expiration date or when you are able to delete records that are no longer needed. Robust privacy controls mean you know who has access to what and monitor who uploaded or viewed documents.