Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Webinar managing highly sensitive employee information


Published on

Piles of sensitive information crosses paths with HR practitioner’s everyday and managing it all can be a daunting task. The communication comes from all sides and in all forms. Topics dealing with health, compensation, employee investigations, harassment claims and related items must be consistently and appropriately managed. Whether it’s a live discussion, e-mail, or telephone call, be prepared when it happens to you.

Review these slides and learn how to manage highly sensitive information with “an everyday practical approach” presented by G&A Partners' HR Advisor, Brittany Cullison.

Published in: Business, Technology
  • Be the first to comment

  • Be the first to like this

Webinar managing highly sensitive employee information

  1. 1. Managing  Sensi*ve  Employee  Informa*on  Bri6any  Cullison,  PHR  
  2. 2. What  to  expect  •  Types  of  sensi*ve  informa*on  and  when  we  commonly  encounter  it  •  Confiden*ality  and  informa*on  management  best  prac*ces    
  3. 3. No*ce  •  I’m  not  an  a6orney  •  This  is  not  legal  advice,  nor  should  the  presenta*on  be  subs*tuted  for  experienced  legal  counsel.    
  4. 4. POLL  QUESTION  
  5. 5. Medical  and  Health  Informa*on  •  Medical  and  health  informa*on  comes  in  many  forms:  •  Doctor’s  notes  with  men*on  of  diagnosis  •  Worker’s  Compensa*on  informa*on  •  ADA  reasonable  accommoda*on  requests  or  ADA  covered  informa*on  •  FMLA  requests  or  documenta*on  •  HIPAA  covered  informa*on*  
  6. 6. ADA    •  Protects  qualified  individuals  with  disabili*es  •  Has  a  physical  or  mental  condi*on  that  substan*ally  limits  one  or  more  major  life  ac*vi*es    •  Has  a  record  of  such  an  impairment  •  Is  regarded  as  having  such  an  impairment    •  Requires  employer  to  make  reasonable  accommoda*ons  UNLESS  doing  so  would  impose  undue  hardship  
  7. 7. FMLA  •  Leave  permi6ed  for:  •  Birth,  adop*on,  foster  care  •  Employee’s  own  medical  condi*on  •  Immediate  family  member’s  medical  condi*on  •  To  handle  qualifying  exigencies  •  Care  for  family  member  injured  in  ac*ve  military    •  service    
  8. 8. FMLA  •  Leave  permi6ed  for  •  Birth,  adop*on,  foster  care  •  Employee’s  own  medical  condi*on  •  Immediate  family  member’s  medical  condi*on  •  Care  for  family  member  injured  in  ac*ve  military  service  
  9. 9. HIPAA  •  Provides  rights  and  protec*ons  for  pa*ents,  along  with  par*cipants  and  beneficiaries  in  group  health  plans      •  Prohibits  release  of  PHI  without  consent  •  Typically  only  applies  to  self-­‐insured        
  10. 10. Medical  and  Health  Informa*on  •  You  receive  medical  informa*on  from  an  employee—  •  Evaluate  the  informa*on  •  Ask  follow  up  ques*ons,  if  necessary  •  Determine  next  steps  •  Keep  confiden*ality  in  mind  throughout  the  process  •  Document  
  11. 11. Medical  and  Health  Informa*on  Confiden*ality  best  prac*ces  with  medical  informa*on  •  Medical  informa*on  in  separate,  confiden*al  file  •  Medical  informa*on  released  on  a  need-­‐to-­‐know  basis:  •  Supervisors  or  managers  that  need  to  be  aware  of  accommoda*ons  •  Safety  personnel  •  State  Worker’s  Comp  office  •  Insurance  purposes  
  12. 12. Inves*ga*ons  •  Inves*ga*ons  can  be  for  a  variety  of  reasons,  including:  •  Discrimina*on  or  harassment  claims  •  Violence  in  the  workplace  reports  •  Other  policy  or  procedural  viola*on  
  13. 13. Inves*ga*on  Best  Prac*ces  •  Receiving  the  complaint/report  •  Get  wri6en,  signed  statements  when  possible  •  Ask  for  witnesses  or  suppor*ng  documents  •  Clarify  that  retalia*on  is  not  tolerated  
  14. 14. Inves*ga*on  Best  Prac*ces  •  Prepara*on  •  Review  informa*on  sources  •  Determine  who  needs  to  be  interviewed  •  Determine  ques*ons  •  Evaluate  if  interim  ac*on  is  necessary  
  15. 15. Inves*ga*on  Best  Prac*ces  •  Conduc*ng  the  Inves*ga*on  •  Keep  thorough  documenta*on  •  Introduc*on  •  Listen  •  Talk  to  everyone  with  relevant  informa*on  
  16. 16. Inves*ga*on  Best  Prac*ces  •  Inves*ga*on  Wrap  up  •  Review  the  gathered  informa*on  •  Make  determina*on  and  develop  ac*on  plan  •  Communicate  decision  •  Prepare  report  
  17. 17. Inves*ga*on  Best  Prac*ces  •  Inves*ga*ons  should  be:  •  Prompt  •  Complete  •  Consistent  •  Objec*ve  •  Credible  •  and  handled  with  confiden*ality  best  prac*ces!  
  18. 18. Employee  Discipline/Termina*on  •  Use  discre*on  when  preparing  for  or  conduc*ng  disciplinary/termina*on  mee*ngs  •  Informa*on  shared  on  a  need-­‐to-­‐know  basis  •  Mee*ngs  held  with  privacy  and  security  in  mind  
  19. 19. Employee  Personal  Informa*on    •  HR  and  administra*ve  offices  encounter  personal  informa*on  on  employees  in  many  different  forms:  •  I-­‐9  Documenta*on  •  New  Hire  paperwork  containing  personal  data  •  Direct  Deposit  •  Payroll  files  •  Includes  customer  informa*on  as  well  •  ID  thea  preven*on  is  cri*cal!  
  20. 20. POLL  QUESTION  
  21. 21. ID  Thea  Preven*on  •  Evaluate  informa*on  security  and  disposal  •  How  easy  is  it  for  someone  to  access  your  office  during  business  hours?    •  How  long  documents  stay  at  the  printer  before  some  one  retrieves  them?  •  Are  documents  that  contain  personal  informa*on  lea  out  una6ended?      •  Are  computer  screens  being  locked  every  *me  someone  leaves  there  desk?  
  22. 22. ID  Thea  Preven*on  •  Are  cabinets  and  drawers  being  locked?  •  Are  emails  that  contain  personal  informa*on  being  sent  securely?  •  Are  documents  properly  shredded  when  no  longer  needed?  •  Who  in  the  office  has  access  to  sensi*ve  informa*on?  
  23. 23. ID  Thea  Preven*on  •  Develop  a  protec*on  plan  •  Conduct  a  “walk  through”  •  Iden*fy  poten*al  risks  •  Create  easy  to  follow  guidelines  and  procedures  •  Educate  your  employees  •  The  importance  of  protec*ng  personal  informa*on.  •  Measure  that  the  company  will  take  to  began  this  process.  •  How  the  process  will  be  enforced.  
  24. 24. ID  Thea  Preven*on  •  Have  a  Breach  Plan  •  No*fy  employee,  law  enforcement  and  possibly  FTC  •  No*fy  credit  bureaus  •  Conduct  internal  inves*ga*on  •  Take  steps  to  minimize  or  prevent  addi*onal  loss  
  25. 25. Company  Informa*on    •  Employees  will  oaen  come  to  HR  or  Managers  with  ques*on  of  upcoming  changes  •  Be  very  careful  of  what  you  pass  to  employees    
  26. 26. Employee  Files    •  Do  you  maintain  a  separate  employee  file  for  confiden*al  informa*on?  •  Medical  records  •  Pre-­‐employment  medical  exam  and/or  drug  screen  results  •  Applica*on  for  Employee  Assistance  Program  •  Any  Private  Health  Informa*on  (PHI)  as  defined  by  HIPAA  •  Any  medical  records  with  personally  iden*fiable  informa*on  (FMLA  requests  forms  if  the  employee  has  disclosed  the  nature  of  his/her  illness)  •  Return  to  work  releases  •  Workers  compensa*on  records  including  First  Report  of  Injury    
  27. 27. Employee  Files  •  Inves*ga*on  Records  •  Discrimina*on  or  harassment  complaints,  including  inves*ga*on  reports  •  Legal  case  informa*on  •  Complaints  of  conduct/policy  viola*ons,  including  inves*ga*on  notes  and/  or  reports  •  Security  Clearance  and  Inves*ga*on  Records  •  Background  check  results,  including  any  arrest  and/or  convic*on  records  and  reports  of  criminal  history  •  Personal  credit  history  
  28. 28. Employee  File  Best  Prac*ces    •  All  personnel  data  should  be  maintained  securely  •  Have  a  locked  file  cabinet  •  Manager  access  only  for  normal  file  •  Upper  level  manager/HR  access  for  confiden*al  file  
  29. 29. General  guidelines    •  Employee  informa*on  should  always  be  treated  as  sensi*ve  informa*on  •  Use  the  “need-­‐to-­‐know”  rule  when  other  guidelines  are  absent  •  Keep  company  confiden*ality  policies  in  mind  •  The  best  approach  is  the  ethical  approach  
  30. 30. Ques*ons?  •  Please  send  all  ques*ons  to: