Payroll information is arguably the most sensitive data handled by your company, but have you ever wondered how safe your information actually is? It is true that when data is processed within encrypted environments like ADP, Paychex, or other payroll providers, it’s protected by a myriad of global and local privacy firewalls – as well as explicit statements and policies covering personal information and data collection. Using a legitimate third-party payroll company is a safe choice. So, what’s there to worry about?
The Human Factor
The issue to consider is the human factor inside your company. I’m referring to people who have access to your personal information and your compensation details. We are all human, and human error is inevitable. Who hasn’t accidentally sent an email meant for a colleague to their boss or, worse yet, to mass distribution?
Embarrassing enough. But what if the accidental email you sent was a payroll report? The thought alone is enough to send chills down the spine. The good news is that this type of error is preventable with solid policies. For example, as a rule, avoid emailing payroll reports and let employees find them on your payroll processing company’s servers instead.
Unfortunately, sometimes information leaks through the very people who are supposed to keep it safe – employees who process payroll or have access to employee files (your social security number, compensation details and even family information). It’s not unheard of to have payroll employees Google your home address and discuss where you live and the cost of your house, at your workplace. Information about bonuses and raises often becomes common knowledge, salaries of new hires and current managers sometimes turn into anecdotal benchmarks.
Larger companies with clear salary levels, seniority, and hierarchal structures aren’t subject to such mishaps as much as the smaller companies without matrixed org charts and subjectively defined salary ranges. However, the structure is not the only differentiator that contributes to this disparity. It’s lack of professionalism that can sometimes prevail in a small business environment.
Lack of Power
Employees in back-office positions often feel that they are not in power. They feel invisible. They are isolated from main business operations and client-facing interactions. They are not the praised heroes at sales meetings. They can sometimes feel that the only way for them to gain attention and popularity is to use their access to information. After all, information is power.
Employees may be upset about the job, about the boss. They do not want to cross the line and do something illegal, like embezzle funds, but they will do something seemingly not as damaging, like sharing someone’s data.
Sharing information seems like a harmless enough act. They’ll confidentially spill some interesting details at lunch with a work friend like “Guess how much this guy makes” or at bonus and raise time, “Guess how much their bonus was this year, yet I couldn’t even get a raise…” The effects of such leaks are incredibly damaging. Everyone loves gossip and hearing juicy details. Everyone. Remember, we are all human and curiosity is in our nature. It spreads like wildfire and quickly becomes the vortex of a rumor mill. This scenario is not something found in a book of fiction, it’s truly inherent in a lot of business environments.
What’s the root of the issue?
When you deal with senior people who have sat through hours and days of conduct training, they understand the meaning of the word “professional.” It’s assumed and expected. Larger companies invest a lot of resources into training their employees and repeat the cycle on a yearly basis. This produces a level of professionalism that is often lacking in small and medium-sized businesses, especially in back-office operations. More often than not, smaller companies lack funding to properly train staff on issues related to compliance and policies. These are considered “soft skills” and will take a back seat to the training of sales reps, for example. In turn, support staff’s training comes from doing the job itself, where they learn to create their own standards and rules of engagement.
How can you prevent this issue from impacting your company?
Make sure that your company has the appropriate policies in place. If you’re on a tight budget, you can find standardized policy manuals through various sources online. Of course, it is always recommended that an employment attorney review your documentation and make suggestions specific to your business. These will include policies on breach of confidentiality in handling personal and confidential information, and will also define grounds for termination.
Training is at the core of combating confidentiality issues. It’s dangerous to assume that your employees know how to handle information they have access to. Common sense means different things to different people, and if they haven’t been trained to know your standards, you can’t assume what they know or how they will conduct themselves. You can look for outside courses or create them internally. Either way, the focus should be on practical implementation. Present real-life scenarios, use role-playing, identify clear definitions of responsibilities, and remind employees that mishandling of confidential information is a serious offense.
In addition, make sure you create an environment that encourages an open door policy. Have conversations with your staff about their concerns, and be available to your employees so they can discuss grievances with you in private, not in a lunch room. Remember, back-office employees are not just support people. The information they handle every day has a great impact on your company’s performance and even profitability. Empower your employees to take pride in the role they play in your organization, acknowledge the impact of their positions, and always remember to give them credit and respect.
Bob Shoyhet is a Chief Financial Officer who’s been helping build businesses from startup to multi-million, multi-national operations for over 25 years. He’s navigated companies through growing pains, and turned them around from the brink of bankruptcy. His expertise places him in a unique position of understanding what businesses should do to get off the ground, how to position themselves to achieve next-level growth, and how to effectively leverage finance to achieve maximum impact on profitability in every organizational department.