5 Easy Tips for Protecting Employee Data

Labor & Employment

If you handle or maintain personal information about your employees, such as social security numbers and payroll information, you should take steps to protect that data.

If personal information about your employees is obtained by an unauthorized third party, you may be legally obligated to notify individuals and government regulators.  Additionally, your expenses for investigating, remediating and defending lawsuits related to the matter can quickly add up.  By taking steps to better secure your employee data, you can help protect your organization from the expenses, headaches and reputational harm that flow from a data breach.  While there are many proactive steps you should consider, here are 5 practical tips you can use today to better protect your employee data:

1. Train Your Employees on Cybersecurity Risks.

Well-meaning employees can be the weak link in your organization.  Employees want to help, and they want to get things done, and that's what makes them a great starting point for hackers.  If your employee unwittingly gives up her login credentials in response to a "phishing" email, the bad guys are on their way to accessing some sensitive employee information.

2. Require Strong Passwords.

In an attempt to streamline their work, employees may be tempted to establish authentication credentials that are simple and easy to remember.  That can also make them easier for the bad guys to guess!  Requiring strong passwords, and requiring employees to periodically change their passwords, is a good way to further secure your systems and data.

3. Limit Collection and Access.

Collect only the data you need, and allow access only by those individuals who need it for the work they do.

4. Require Your Vendors to be Secure.

Your perimeter defenses won't matter if one of your vendors with access to your systems or data has lax security.  Require your vendors, by contract, to maintain appropriate security.

5. Terminate Access on Termination.

When someone's employment ends, you should terminate their access and require that they return all company confidential information in their possession.

If you'd like to understand more about your data security risks and obligations, and take steps to minimize the risk to your organization, please contact one of our Cybersecurity and Technology Team members.

Download "5 Easy Tips for Protecting Employee Data" in PDF Format

Subscribe for Updates

Subscribe to receive useful articles, legal updates and firm news to keep you informed and up-to-date on important issues and trends.

Sign Up

Media Contact

Rachel Lufkin
804.783.6799

Email Rachel 

Jump to Page

Sands Anderson Cookie Preference Center

Your Privacy

Necessary cookies enable core functionality such as security, network management, and accessibility. You may disable these by changing your browser settings, but this may affect how the website functions.

Strictly Necessary Cookies

Always Active

Necessary cookies enable core functionality such as security, network management, and accessibility. These cookies may only be disabled by changing your browser settings, but this may affect how the website functions.

Functional Cookies

Always Active

Some functions of the site require remembering user choices, for example your cookie preference, or keyword search highlighting. These do not store any personal information.

Form Submissions

Always Active

When submitting your data, for example on a contact form or event registration, a cookie might be used to monitor the state of your submission across pages.

Analytical Cookies

Analytical cookies help us improve our website by collecting and reporting information on its usage. We access and process information from these cookies at an aggregate level.

Powered by Firmseek