Delegating Confidential Information to New Payroll Staff

Payroll and confidentiality go hand in hand. Payroll staff execute tasks necessary to pay employees and operate the business legally, while protecting both employee and employer data required for the payroll process. Employee information includes names, addresses, social insurance numbers, dates of birth, pay rates, bonus and commission information, relationship status, health and insurance benefits, savings, bank account information, tax deductions and sometimes mandatory wage garnishment. Employer information includes payroll liabilities, business taxes, employer amounts for benefits and pension, and in some cases, the employer’s bank account information. Failure to protect and secure confidential information can lead to irreversible damage to credibility and trustworthiness, and a loss of business and/or clients. So when, how and what confidential information should be shared with new payroll staff?

1. WHEN?

The process of protecting information begins before the first day on the job. It starts with hiring the right people with a track record of discretion, and making use of best practice prevention and deterrence processes such as confidentiality and non-disclosure agreements. By virtue of the information they have access to, payroll staff are held to a higher standard for safeguarding confidentiality than most employees. New hires need to know that violating a confidentiality agreement has consequences such as disciplinary action up to and including termination.

Having a written confidentiality policy is not enough. Train new hires on the company’s policies and procedures with respect to handling of confidential information, and ensure they have an opportunity to ask questions. No detail is too small – from shredding or storing documents, to the use of email, keys and passwords. Treat the topic with the importance it deserves. Train all payroll staff on the proper procedures for releasing personal information – to employees themselves and to their spouses or family members.

Our feature continues below contact form…

Do you have a question about Canadian Payroll or other Payroll Management issues?

On the other hand, unless you have a large payroll department, it is virtually impossible not to delegate confidential information to new payroll staff early on, in order for them to do their jobs. Which begs the next question:

2. WHAT?

To the degree feasible, delegate confidential information on a ‘need to know basis’. You can gradually increase responsibility for handling sensitive data as new hires prove themselves capable and trustworthy. You can limit security access for specific payroll tasks based on job assignments. For example, if a new hire’s tasks involve handling only time sheets and tax withholding forms, his or her system access should be limited to those tasks. If you keep spreadsheets of payroll data, ensure that you limit access to those drives or folders and/or password protect them. It may be best, at least initially, for more senior staff to handle senior management and executive pay data. Likewise, ensure that more senior staff handle the release of confidential information to non-payroll people (e.g. senior managers, internal or external auditors). New hires are often eager to please and easily influenced by requests from senior managers and auditors.

3. HOW?

Document procedures and policies and train new hires on them. Leave adequate guides for ready reference by the new hire after the initial information overload period. Ongoing supervision through the probation period is important. Log off payroll software before leaving the room, and teach your new hires to do the same.

Good security should be part of any common sense approach to running payroll departments. Store hard copies in a locked location and limit key access to those requiring access to do their job. Even if you have only one payroll person, he or she should work in a confidential location, with good visual and audio privacy. Only senior payroll staff and a restricted number of upper-level managers should have the access code or key to the payroll department. If you use an outsourced payroll provider, ensure that the provider sends payroll data securely, in confidential envelopes or encrypted electronic formats to a designated senior person onsite.

An investment of time and attention early on will produce results by speeding up the onboarding time for your new staff to become a fully functional and trusted team member.