Many Different Types of Personnel Work with Classified Information
In a recent survey, 76% of respondents said they use email as a primary way to share HR employee records with 3rd parties, such as outside counsel or auditors. Sharing them is not the issue – in fact it is a critical piece of the job. Being able to quickly react to requests from counsel or auditors is a common challenge HR departments face. In fact, in our survey 34% said these requests come at least once a month. Eleven percent of respondents answer these requests at least once a week!
Sharing Confidential HR Employee Records Via Email: A Common, But Scary, Practice
The issue isn’t the fact that these employee records are being shared. Instead, it’s how these records are being shared. HR employee records are incredibly sensitive by their nature, and employees expect them to be protected and only shared with people that absolutely need them. If these sensitive documents are being shared through email, once you hit “Send” you no longer have control.
While the intended recipient may be a trusted individual, when the documents arrive via email, it is natural to download them onto a local, or network drive. Often, they are also forwarded to others.
Now, instead of the one copy that is protected in the HR office, there are many copies of these sensitive employee files outside of your domain, out of your custody. You are reliant on outsiders to protect and guard your employees’ records with the same care you do, and you are hoping that the emails are secured. We all read the stories about bad things happening to emails.
HR Files Record Management:vHow to Securely Share HR Records with Others
Sharing HR records via email is a risky practice that needs to end.
This is why, in CartaDC for HR Professionals, we give our clients a way to quickly and easily find the documents they need, and then securely share them with others.
With CartaDC for HR Professionals, only a secure link is sent to the 3rd party; they never receive a copy of the document. What they are permitted to do with the documents can be restricted to view only, and there is a full audit of who accessed the documents and when.
Next time, before you hit “Send,” think again.
Contact us if you have any questions. We would love to hear your feedback.