The SAP HR system often inadvertently exposes sensitive information. Follow this procedure to keep employees’ personal information such as Social Security numbers and other unique identifiers out of the wrong hands.
The key data that you must protect from exposure is known as personal identifying information (PII). This consists of an individual’s name, address, unique identifying number (such as a Social Security number or its international equivalent), and date of birth. This is familiar data to anyone who has ever had a job, applied for a loan, or participated in any health care activity. Over the past few years, the general public has begun to understand the intrinsic value of PII data. The increase in fraud is a less desirable consequence of the tremendous advances in collecting and processing data to provide enhanced value.
Recent stories in the news highlight the rise of identity theft and the increase in the number of data breaches at organizations around the globe. This correlation of events in the eyes of the public and legislative bodies has given rise to new laws and regulations that affect core HR data. The majority of the legislation relates primarily to the US. However, other areas (most notably the Asian and Pacific regions) are examining actions related to protecting personal data.
SAP HR professionals face the challenge of limiting the exposure of personal identifying information (PII) data within their own organization. New laws will soon require that organizations only useindividuals’ Social Security numbers (SSNs) for payroll and a few other narrowly defined purposes. Several US states no longer use the SSN as a key for personnel identification for non-payroll information. IBM is one of the most visible and significant examples of the trend in securing SSNs with its mandate that all benefits providers use some other unique identifier.