Don’t Allow A Gap In Your GAPP – Part 4

In our journey through the Generally Accepted Privacy Principles (GAPP), hopefully you will discover new and improved ways to protect your employees’ information. They probably won’t notice if you do this right, but they certainly will if you get it wrong! Just one slip up can mean you lose the trust of your workforce; so compliance with best practices for privacy is critical. Here are the next 2 Principles:


For employees to feel that they have control over how their personal information is handled, they need to have access. That way, they can review it for discrepancies and outdated information and make corrections. An Employee Self Service portal is a great example of how this plays out in the employment field. It lets workers securely access their personal data without placing an extra administrative burden on HR. In onboarding, giving new hires the opportunity to review each form for accuracy before signing off on it is a smart practice (and is required by law if you are using electronic signatures). Of course, using Universal Onboarding ensures that forms are filled out without formatting errors or other common mistakes. That makes the final review process even easier!

Disclosure to Third Parties

This harks back to the principle of choice and consent. Once again, only using employee data for purposes of which they have been informed and to which they have agreed is the safest course. The key here is making sure the parties you disclose information to are equally well equipped to protect it. You can still be held responsible to your employees if a poorly conceived privacy policy at one of your partner organizations leads to a data breach.

The news story Jay wrote about last year concerning an I9 vendor accidentally exposing social security numbers and other personal data is a perfect example of a narrowly averted disaster. The employers who were contracting with that vendor had to go through the unpleasant process of notifying employees about a data breach. This could have been avoided with appropriate privacy procedures.

This cautionary tale should prompt all employers to thoroughly evaluate the privacy policies of all SaaS vendors and third parties who will have access to HR data in any form. At Emerald Software Group, we take this topic very seriously. To find out why we are an SaaS provider you can trust, contact us any time. We are happy to provide you with detailed information about the policies and procedures we use to protect your employee data.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s