COVID-19 UPDATE: We are open with some changes to services. Click to learn more.
About Us Events Blog Store Schedule Time to Chat Login

Human Resource Confidentiality: How Does HR Handle Your Business's Sensitive Info

Jun 11, 2018

Every business has confidential information, both in terms of their employees and their clients. Your small business is no exception. Here is what you can expect from an HR professional in terms of human resource confidentiality.


In August of 2017, an employee of an independent State Farm agent was facing multiple charges. It seems she was billing customers of their cash. The initial amount was $38,000.

As a customer-facing employee, the processing of premium payments is standard. And, some of her processing was gracing her checking account.

But, both she and the State Farm agent are not employees of the insurance giant. All agents are independent, and their employees are their responsibility.

The giant State Farm HR department does not work for Independent Agents. So, human resource confidentiality isn't a benefit for them. Soon after her arrest, the office shut down.

The confidential information employees often have access to can, for some, be tempting. And, it's not credit card numbers. Small businesses have client information built over time. This can be a real coup for the competition.

Employee information, in the wrong hands, can drive a wedge in production. How does HR practices prevent sensitive information from making its way into the wrong hands?

For a small business, is there a way to safeguard it?

Here is what solid HR best practices HR can do to help you stay safe from this very real risk.

Pre-Employment Assessments (Tests)

There is a myriad of assessments/ tests available to help establish an employee's fit for a job. And, of course, there are specific laws about what's best to use.

For example, in most cases, ADA requirements do not allow physical testing for a job- unless it is necessary for the position that you are filling (i.e.- physical labor). But, background checks/ screens, behavioral/ personality, drug use, and integrity can be part of the recruiting process.

Having sound HR practices in place will help you to ensure that you are assessing the right things to evaluate candidates. For an example, if you are hiring for an office position that handles confidential information, a background screen and a behavioral assessment will be your best tools in evaluation the right fit for that position.

They are also learned as laws change, so testing won't invite future litigation. Prevention is key. Untoward behaviors found from testing can cut significant problems downstream.

Compliance with the Law

There's no lack of legal protection for employees. But, as a business, you are also responsible for safeguarding your client's information. If you are a merchant who takes credit card information, it must be secure.

And, most small business have other sensitive information about their customers and employees. How you maintain those records should be standard practice. And, secure.

The operation must follow both state and federal law. This process is at the core of risk management. And, one of the more complicated pieces of HR knowledge.

Ongoing Training

Once establishing guidelines for securing information, training for every employee follows. And, changes are inevitable. Ensure that confidentiality practices are a strong component of your culture. Ongoing training will be a vital step in making sure that you are compliant.

And extra measures are critical. Both managers and employees should be aware of changes. And, new employees must have specific training on sensitive information. Small business can be vulnerable.

Every employee may have access to sensitive information daily. It is especially helpful to identify an HR admin, then train them on your organizational confidentiality needs, they can help you see the gaps that need to be filled and help you with ongoing training.

HR Represents Business

Employees can speak to HR about personal issues. Or, complain about coworkers or supervisors. But, it is the job of an HR professional to represent the business. However, if you do not have an HR professional onboard, your designated HR admin can step in and be that ear. In HR Branches, there are a ton of tools to help them to maneuver through these conversations.

And, any sensitive information the employee provides is not confidential. In the case where the data may pose a threat to the business, the HR admin will pass it along.

In fact, it can be illegal if they don't. And, there are cases when an employee admits to wrongdoing. It is HR who can managers to administer the improvement plan or termination.

Employees will talk with an HR admin or the business leader rather than a manager. So, this type of communication is critical.

Maintain a Careful Balance

Sometimes your HR contact intakes a complaint from an employee or client. Then, they must tiptoe the line of confidentiality.

Protecting social security numbers and salary information is a no-brainer. But other information may not be so precise. For example, when a person complains to the HR admin or business owner about harassment.

The business owner may decide an investigation should ensue. The contents of the complaint may contain sensitive information. How much can they share?

What HR Cannot Do

Sensitive information about business plans, future layoffs, or promotions belongs to the business. HR cannot share this type of data with anyone. This information could jeopardize the plans.

HR professionals are well trained in employment laws and securing information. But, they are not legal counsel. If something untoward occurs, they cannot take on litigation or defense.

Let's say there is a severe charge about sensitive information from a client. The report will trigger a communication to the business owner. But, the HR admin is not responsible for deciding next steps. It is up to the business owner to work with legal counsel to determine the next steps.

HR may handle training for sensitive information. But, they are not on the front lines of compliance by employees. Managers and owners must ensure daily work follows the rules.

But, if there are employee mistakes, HR practices can help dictate the next steps and disciplinary actions.

For sensitive medical information, HR representatives cannot divulge employee records to anyone.

But, let's say an employee is out due to a long-term illness. If they divulge to HR that they may not return to work, HR can tell impacted management.

Human Resource Confidentiality and Small Business

We know that large business and corporations have a sea of HR professionals. There are teams to help guard against leaks of sensitive information.

And, many have funds and experts set aside for human resource confidentiality.

Small businesses may not. And, considering their losses can put them out of business, protection is vital.

Small business insurance is crucial, and so is assessing the risk of loss.

Need more tips on how to make sure your business has the protection it needs? We've got great tips on our blog! Or, sign up for our free starter kit.


Stay connected with news and updates!

Join our mailing list to receive the latest news and updates from our team and a FREE gift! We are HR so privacy is how we roll, your information will not be shared.



50% Complete

Two Step

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.