Training is key in electronic record management planning

by on July 8, 2009 · 0 Comment POSTED IN: HR Info Center

Proper training can avert security breaches in your electronic record management process

I started out by telling you what you already knew which is data security is not just an IT issue. And the reality is data security in your electronic record management process rests in the hands of your employees.

The best electronic record management technology can be undermined by a simple user error.
Putting the email address in the TO: line, leaving your laptop in the trunk of your car and it gets stolen. You have a good idea of what you’re obligated to do and what issues you want to look in to further. And you also have several action items that will go a long way towards preventing security breaches.

The first step is to do an assessment of your internal and your external spreadsheet or data. The second step is to develop a technology use and written security policy for employees. Over time, this usually becomes two documents. You start out with the simple policy for employees that all employees will receive and understand. And later on, you might end up with a more technical document for your IT personnel as well.

Keep this simple to start with.
You don’t want to be overly ambitious and not be able to live up to what you’re saying in your policy. It’s very important to have the policy in place and to train employees on the policy. This is really the key.

The value of electronic record management security training cant be overemphasized
The value of training can’t be over emphasized both from the preventive standpoint and preventing breaches. And frankly from litigation defense standpoint as well. If you can show that employees were trained on good data security practices, that provides the same type of value that you have for instance, in a sexual harassment case where you could show that employees received their sexual harassment training. Training is very important as a legal strategy as well as a preventative and good business strategy.

Plan for the worst case in your electronic record management process
Now finally, you also now have a plan for how to prepare for the worst, creating your breach response team up front, knowing the three key questions to ask and then working through each step in the notice process because it is a rather complex process.

It’s training of your HR personnel, of your IT personnel, training of all of your employees and your management to make sure they’re thinking of these issues, that they’re aware to risk and that they have the right procedures in place.

And frankly when it comes to training, who better than HR to take the lead on that?

Edited remarks from the Rapid Learning Institute webinar: “Identity Theft: What HR Can Do To Protect Sensitive Employee Data” by Christine E. Lyon, Esq.

Leave a Reply


Request a Free Demo

We'd love to show you how this industry-leading training system can help you develop your team. Please fill out this quick form or give us a call at 877-792-2172 to schedule your one-on-one demo with a Rapid Learning Specialist.