4th April 2016
A number of recent data leaks have demonstrated the need for businesses to ensure they have a secure payroll management system. In one recent incident, Snapchat revealed some of its payroll data had been exposed after an employee was duped by a scam phishing email which appeared to come from the company’s CEO, and forwarded information to a bogus address. Entertainment giant Sony was also famously targeted by hackers in the past, with some stars’ salaries being revealed as a result.
The Need to Keep Data Secure
Payroll departments are now having to handle more data than ever before, as payroll legislation and pay systems become increasingly complex, providing real time information to HMRC. For instance, they have to include potentially sensitive information such as sickness records, all kinds of deductions and participation in salary sacrifice schemes.
Under the Data Protection Act, businesses have a responsibility to protect personal data – and this means payroll departments need to ensure details of pay are handled securely. Most organisations which store and handle personal data are required to register with the Information Commissioner’s Office (ICO), but there is an exemption for organisations which process this data only for purposes of payroll and staff admin.
However, despite the exemption, companies are still required to comply with the principles of the Act. These include keeping information secure and taking any measures which are needed to protect it. If a data protection breach does occur, the ICO can serve an enforcement notice and there can also be financial penalties, up to a maximum of half a million pounds for the most serious incidents causing substantial damage.
Ways to Protect Payroll
Cyber-security is increasingly vital for payroll departments. You need to ensure that people can only see their own information and there is no risk of them accessing other people’s payroll data. This means using systems with features such as passwords, secure servers and firewalls.
Also in the area of cyber-security, it is important for staff to be constantly alert to the risk of scams, as the Snapchat incident demonstrated. Payroll managers need to ensure that all staff are thoroughly trained on how to deal with external requests for information, verifying that people are who they say they are before any personal details are handed over.
Another security consideration is the layout of the payroll department. For instance, you need to make sure that any members of staff coming into the office with queries cannot see other people’s information lying about or displayed on screens. As well as keeping all digital files secure, all sensitive paper documents need to be locked in cabinets.
As part of managing records properly, old information should be destroyed when no longer needed. Keeping records for as long as they are required is obviously important, but once the information is no longer needed it should be removed from your systems.
Getting Help from Payroll Experts
Keeping track of payroll security can be a difficult and time-consuming task for businesses, so it is helpful if you can turn to experts to advise you and choose payroll software which has the security features you need built in. For example, an audit trail can show not only when any alteration was made to any file within the system but also which employee made the changes.
Other features helping to improve security include employee self-service and online payslips, which are growing in popularity. Instead of being given a paper payslip in a thin envelope, which could all too easily be mislaid, employees can feel safe in the knowledge that their information can only be accessed by logging in via a secure server.
Two factor authentication can add a further layer of protection, ensuring that, in addition to a password, a user also has to provide another item giving ID. For instance, this could be a mobile phone where a text message can be sent giving a code which needs to be input before accessing your payslip.
If you are looking for a secure payroll solution, IRIS FMP offers a number of professional software packages. IRIS FMP Payrite is HMRC approved software which includes a whole range of security measures, such as a comprehensive audit trail logging every keystroke.
IRIS FMP Teamspirit is integrated HR and payroll software which also has state-of-the-art security features, including a highly secure self-service system which ensures that employees can only access their own information.
Another integrated software solution combining HR and payroll is IRIS FMP Amity, which is cloud-based and designed to be used on the move. In line with IRIS FMP’s focus on keeping your data safe, it also has a number of built-in security features, with all communication taking place over an encrypted connection.
If you choose a hosted payroll solution from IRIS FMP HR & Payroll, your data will be securely stored with 24-hour monitoring, in an environment with security guards and CCTV.
If you would like more information about which IRIS FMP payroll management system is more suitable for your business, contact us now.
Payroll Management System – Click to find out more about IRIS FMP Payrite payroll bureau software. It is currently available at a 15 per cent discount for new payroll bureaux or accountancy customers, if activated before September 1 2016.