Equifax, Marriott, Facebook and Planet Hollywood have one thing in common: They’ve all been hacked. Data breaches have become all too common. And just because we only hear about consumer data being compromised, doesn’t mean employee data is safe.
Companies are recognizing this is a growing risk as they incorporate technology innovations in their workplace operations. Think embedding microchips in workers. You probably remember the story that broke a couple of years ago: Three Square Market in Wisconsin has 80 employees with microchips implanted in their hands. They use them to pay for soda at the vending machine, log in to their computers and enter secure buildings, for example.
But, because so much information is accessible from something as small as a grain of rice, we need to protect the data it holds.
How to Safeguard Employee Data
One of the biggest steps toward protecting employee data is the implementation of Europe’s General Data Protection Regulation (GDPR) in May 2018. GDPR protects the personal data collected from European Union (EU) citizens by strengthening consent requirements, providing right to access, giving right to erasure, requiring privacy by design in data collection systems and mandating breach notifications. It applies to organizations that collect or process data from EU residents and protects anyone residing in the EU.
According to Legal ICT, employers should follow these principles to ensure employees’ privacy at work:
- Minimalize the collection of personal data and only request what’s necessary
- Be transparent about the use, purpose and method of processing data
- Uphold employees’ rights to inspect, correct, erase and restrict processing of their data
- Ensure the length of storage is appropriate for the type of data
- Put in place technical and organizational security measures to protect data
- A representative sample of employees must be used to assess the necessity of any monitoring
Odd Employee Data Usages
According to Glassdoor’s “Job Market Trends: Five Hiring Disruptions to Watch in 2019,” some companies are collecting employee data that raises ethical concerns. Here are a few examples of potentially intrusive employee data collection:
- A Japanese employer collects sleep data to incentivize employees to get a full night’s rest.
- Employers collect fitness information, including steps and visits to the gym.
- Tracking driving behavior and productivity in delivery vehicles through sensors. (You may have used one of these personally to get a discount on your car insurance.)
- Walmart patented a technology that would pick up sounds at checkout, including cashier-customer conversations. The idea is that “content of the conversation,” such as using a specific script or greeting, may be used as a performance metric.
