HR and Data Collection Law

Data collection is becoming a dirty phrase in the 21st century. As soon as it’s spoken, people’s hackles go up, they tense, and it makes them uncomfortable. When it comes to a business’s HR department, whether they’ve got cabinets full of folders or have implemented software like that offered by xcdhr.com, they are collecting data on staff, past and present. It’s unavoidable, but must be kept legal, and this is where some troubles have cropped up.

At the moment it’s not too big an issue, but as data crimes become more and more prevalent, you can bet your bottom dollar that companies and their HR departments are going to come under serious scrutiny…


Location

First thing: laws on data collection (like anything else) vary geographically, whether it’s by country, or continent – or even, if you’re in the US, by state to state. It’s important you learn what’s legal for your area, so make sure you find out the information from the correct sources. For example, the majority of Asian companies are legally allowed to store employee’s age data (date of birth etc.), however, in the United States it is prohibited by law. You don’t want to read wrong information on the internet that’s correct for Europe or Asia, when you’re based in the US and have different laws. It might be worth consulting with a business lawyer.

Know What You’ve Got

If you have unified software, like I mentioned earlier, then this is simpler. If, however, you have some employee information in a computer folder, some on paper, some in the cloud, some locked away in a vault under the sea and guarded by a kraken, then you need to know what’s contained within each one of those documents at all times. To be able to ensure the privacy of your staff, you need to have a complete and accurate inventory of all your HR information to hand at all times.

Employee Access

Data protection is complicated. Some of your staff are going to need to have access to the information stored there, but herein lies the problem: who gets access? You can’t give access to everyone, because if there is ever a security breach or leak of information, it will fall on your head. It’s best to keep it all under one person. Have a HR manager have access to the information and no one else (except yourself). Some countries (the US and Canada, for example) will require the government be allowed access, that’s normally because they have stated what information you can and can’t collect and so might want to do an audit to make sure you are following their laws.

Employee Awareness

Finally, you need to inform your employees what information you are storing from them and why. You must assure them that their information is kept private and even make them sign a document stating that they have read and understand how you are storing and using their data. The vast majority of people will be completely fine with it, if you let them know beforehand, that is.