[BreachExchange] Top Five Reasons Why HR Departments Need a Document Management System

Audrey McNeil audrey at riskbasedsecurity.com
Mon Apr 30 19:52:44 EDT 2018


https://www.lexology.com/library/detail.aspx?g=eb18301a-9072-4f97-9ada-
249fe307ea2a

Human resource (HR) departments typically generate and handle copious
volumes of paperwork – employment contracts, appraisals, policies, employee
handbooks, forms, templates and the list goes on. These documents contain
some of the most sensitive and confidential personal data that an
organisation might hold. Of course, many departments in large organisations
deploy HR software such as PeopleSoft, but these systems are designed to
manage data, not documents or emails.

In the current business environment, there are many imperatives for HR
departments to deploy a best-of-breed document management system (DMS) –
driven by efficiency, compliance and technological reasons:

1. GDPR – This regulation is perhaps the number one reason why HR
departments should be considering a DMS.

HR managers need ‘data governance’ capability to manage data stored in
unstructured documents and emails in order to comply with the regulation.
For example, in order to deliver against the ‘right to erasure’ and ‘right
for data portability’, departments need the ability to know where personal
data is stored and track it to meet these requirements quickly and easily.

Similarly, due to the ever-growing security threat, over-retention of data
poses a substantial risk to businesses. Organisations mustn’t hold on to
data that they don’t need to keep! A DMS enables HR mangers to apply
information retention policies. They can also automate and track the
end-to-end process of data that is stored, right from creation through to
disposition, supported by full auditability. It’s worth noting that the HR
departments can apply this approach for governing both physical and
electronic records.

2. Security – Personal data is like gold for cyber criminals.

The infamous Equifax hack last year comes to mind, when hackers stole 15.2
million records in the UK in one fell swoop – including all manner of
personal data, from email addresses to credit card details, dates of birth
and more. HR departments will be able to institute pessimistic security – a
restrictive model that automatically locks down access to data in the event
of unusual activity by a user. For example, a user trying to see a file
without the right password and security clearance. Furthermore, the data on
the system can be segmented, so that in the event of a breach, the exposure
to information is limited to only the person’s whose credentials have been
compromised.

3. Artificial intelligence (AI) – Some of the advanced DMSs offer AI
capability that help HR departments automatically organise, discover and
summarise documents – a facility that can tangibly offer tremendous
efficiency and productivity benefits.

For instance, HR managers can locate sensitive personal data anywhere
within the enterprise and apply the necessary policy-based governance rules
to ensure that compliance criteria are enforced. AI capability can
automatically read, analyse and interpret data from employment contracts,
for example.

4. Integration with Microsoft Outlook – With email being the principal form
of communication and collaboration, Outlook stores a fair amount of
confidential information.

A DMS enables HR managers to manage their emails as well as attachments
from within their email folders. Due to the in-built intelligence in these
systems, a good DMS would even suggest filing locations to the HR managers.
And saving emails and documents is easy – the user simply clicks on the
‘save’ command in Office and/or Office 365 to store the email or document
in the right folder in the DMS. Many people currently store every email
they have ever received or sent in their own inbox folders, which makes
searching and retrieval extremely difficult, especially if they leave the
business. Applying any governance is impossible with this way of working
and with the up and coming GDPR reforms, puts businesses at risk by people
who should be the most diligent custodians of company held data.

5. Mobile access – Often, HR managers are on the move, and use mobile
devices (e.g. smartphones, iPhones, iPads, tablets) to work remotely or out
of the office.

A DMS today offers a consistent user experience, regardless of whether the
individual is on the phone, desktop or tablet. Additionally, a DMS switches
seamlessly between ‘in office’ and ‘on the road’ usage. This too helps HR
executives enhance their efficiency and productivity.

Adoption of a DMS via the cloud is the best option for HR departments. It
can be implemented without any significant support from IT, who are already
burdened with managing the wider technology infrastructure of the
organisation. A DMS in the cloud is highly affordable; there are no
headaches of technology upgrade and maintenance as they are taken care of
by the solution provider; and the department always has access to the
latest functionality, 365 days a year. Most crucially, security is assured
as DMSs comply with audit, data privacy and security standards such as ISO
27001 and HIPAA.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20180430/c17deda5/attachment.html>


More information about the BreachExchange mailing list