Privacy and the Human Resources Dept
A human resources department is awash with personal data. There are employment histories, medical records, remuneration packages and all manner of other information relating to people. Because HR personnel have this data within easy reach, it is important that they care deeply about staff privacy and work to protect it.
RecruitmentA worker’s paper trail can be traced back to before they even joined the company, when they first applied for a job. Application forms and CVs are densely packed with personal information: the applicant’s education, their previous work experience and salary expectations. Even their reason for wanting to work for the company is confidential – perhaps their aspirations have since changed.
The company’s data retention policy must include specific measures for dealing appropriately with recruitment information. Facts collected during the application process are intended solely to assist the decision about whether to offer the applicant a job. Once this has been decided, most of the details should be discarded.
Applications that were unsuccessful should be purged, although it may be appropriate to keep a skeleton record to assist the recruitment process if the same person should apply for another job later. When deciding what to keep for this purpose, remember that the Data Protection Act gives individuals the right to request information held about them.
Successful applications will contain useful information that should be moved across to the new personnel files, but anything that is not relevant to their ongoing employment should be discarded. Again, employees have the right to see their records if they wish.
Medical RecordsEmployee files may contain medical histories. Access to such information must be strictly controlled, and released only on a need to know basis even within the HR department.
Financial InformationWorkers in a human resources department are likely to have access to two types of personal financial information: incomes and bank accounts. They may also be privy to other financial transactions, such as redundancy payments, that the recipients would wish to keep private.
Clearly, bank account details must be stored securely. Most staff members in the human resources and payroll departments will not need access to this information at all, and locking it down will reduce the opportunity for fraud. In any large organisation, there will always be some opportunists, perhaps with financial worries, looking to make some extra money – it is better not to put temptation in their way!
Staff AppraisalsIt is common for employees to have regular appraisals, where managers tell them how they are performing and what they must improve. The content of these must be kept private. If workers need to improve, that is a matter between them and their supervisors.
In fact, any matters that an employee discusses in confidence with someone from HR, either directly or through their manager, must be kept private. Everyone has the right to expect help and support without having to worry about other people finding out what has been discussed.