This document summarizes the legal rules for electronic personnel records and storage. It discusses the pros and cons of electronic recordkeeping and outlines general requirements for electronic storage systems. Specific laws regarding retention of electronic records are also examined, including the Electronic Signatures in Global and National Commerce Act, Family and Medical Leave Act, Employee Retirement Income Security Act, Americans with Disabilities Act, Fair Labor Standards Act, Occupational Safety and Health Administration requirements, I-9 form requirements, and HIPAA. Record retention periods and security controls are discussed for each law.
For some time, HR professionals have aspired to create a “paperless office” with automated technology to create, store, and manage all of the employee information necessary to run a business effectively. Today the technology exists to turn this goal into reality with a desirable Return on Investment (ROI). Current business trends toward environmental sustainability provide the additional impetus to make the business case for paperless HR today, to help support the workforce of tomorrow.
Increasingly, reducing the use of paper in business processes will become a necessary step toward corporate sustainability efforts. Some global and regional companies are pushing sustainability initiatives not only within their own operations, but also out into the supply chain, encouraging vendors and partners to implement greener business practices. “Going green” is a competitive response to changes in social attitudes and to the expectations of customers, employees, and stakeholders.
Because of the many paper-intensive administrative processes in the Human Resources department, it is a great area to embrace corporate sustainability objectives by eliminating paper. Going paperless also saves costs and increases the efficiency and accuracy of HR functions. It can even help with recruiting and engagement—many sought-after job candidates and top-performing employees are passionate about environmental causes. This white paper provides information on the benefits of a paperless HR department and the technology for putting it in place.
For some time, HR professionals have aspired to create a “paperless office” with automated technology to create, store, and manage all of the employee information necessary to run a business effectively. Today the technology exists to turn this goal into reality with a desirable Return on Investment (ROI). Current business trends toward environmental sustainability provide the additional impetus to make the business case for paperless HR today, to help support the workforce of tomorrow.
Increasingly, reducing the use of paper in business processes will become a necessary step toward corporate sustainability efforts. Some global and regional companies are pushing sustainability initiatives not only within their own operations, but also out into the supply chain, encouraging vendors and partners to implement greener business practices. “Going green” is a competitive response to changes in social attitudes and to the expectations of customers, employees, and stakeholders.
Because of the many paper-intensive administrative processes in the Human Resources department, it is a great area to embrace corporate sustainability objectives by eliminating paper. Going paperless also saves costs and increases the efficiency and accuracy of HR functions. It can even help with recruiting and engagement—many sought-after job candidates and top-performing employees are passionate about environmental causes. This white paper provides information on the benefits of a paperless HR department and the technology for putting it in place.
企業の顧客サービスデザインにおけるHCD/UXD実践の試み。企業では、アカデミックではあまり議論されていない、コスト視点の差別化(ある範囲の切り捨てで全体最適化)と、ある妥協点でのサービス品質の継続性を考慮しなければならない。For designing solution architecture of enterprise communication services based on HCD/UXD.
Josh Gilbertson, Co Founder and Business Development Director at SkyDox, presented the following presentation at the Technology For Marketing & Advertising exhibition from 28th - 29th February 2012 at Earls Court in London.
The presentation discusses how cloud computing can improve client - agency interactions.
21 CFR Part 11
- Introduction
- Part 11: Electronic Records & Electronic Signatures :-
Subpart A - General Provisions
Subpart B - Electronic Records Subpart C – Electronic Signatures Good Manufacturing Practices Quality Management Documentation
- Range of requirements for written procedures Standard operating procedures (SOPs)
- Format for standard operating procedures (SOPs) Forms for recording data
- Master formulae
- References
Thank you !!!
University Institute of Pharmaceutical Sciences is a flag bearer of excellence in Pharmaceutical education and research in the country. Here is another initiative to make study material available to everyone worldwide. Based on the new PCI guidelines and syllabus here we have a presentation dealing with the 21 code of federal regulation Part 11.
Thank you for reading.
Hope it was of help to you.
UIPS,PU team
1ITC358ICT Management and Information SecurityChapter 12.docxhyacinthshackley2629
1
ITC358
ICT Management and Information Security
Chapter 12
Law and Ethics
In law a man is guilty when he violates the rights of others.
In ethics he is guilty if he only thinks of doing so. – Immanuel Kant
1
Objectives
Upon completion of this chapter, you should be able to:
Differentiate between law and ethics
Describe the ethical foundations and approaches that underlie modern codes of ethics
Identify major national and international laws that relate to the practice of information security
Describe the role of culture as it applies to ethics in information security
Identify current information on laws, regulations, and relevant professional organisations
2
Introduction
All information security professionals must understand the scope of an organisation’s legal and ethical responsibilities
Understand the current legal environment
Keep apprised of new laws, regulations, and ethical issues as they emerge
To minimise the organisation’s liabilities
Educate employees and management about their legal and ethical obligations
And proper use of information technology
3
Law and Ethics in Information Security
Laws
Rules adopted and enforced by governments to codify expected behaviour in modern society
The key difference between law and ethics is that law carries the sanction of a governing authority and ethics do not
Ethics are based on cultural mores
Relatively fixed moral attitudes or customs of a societal group
4
Information Security and the Law
InfoSec professionals and managers must understand the legal framework within which their organisations operate
Can influence the organisation to a greater or lesser extent, depending on the nature of the organisation and the scale on which it operates
5
Types of Law
Civil law
Pertains to relationships between and among individuals and organisations
Criminal law
Addresses violations harmful to society
Actively enforced and prosecuted by the state
Tort law (search Tort law in Australia)
A subset of civil law that allows individuals to seek redress in the event of personal, physical, or financial injury
6
Types of Law (cont’d.)
Private law
Regulates the relationships among individuals and among individuals and organisations
Family law, commercial law, and labour law
Public law
Regulates the structure and administration of government agencies and their relationships with citizens, employees, and other governments
Criminal, administrative, and constitutional law
7
Table 12-1a: Key U.S. laws of interest to information security professionals
8
Table 12-1b: Key U.S. laws of interest to information security professionals
9
Relevant U.S. Laws
The Computer Fraud and Abuse Act of 1986 (CFA Act)
The cornerstone of many computer-related federal laws and enforcement efforts
Amended in October 1996 by the National Information Infrastructure Protection Act
Modified several sections of the previous act, and increased the penalties for se.
企業の顧客サービスデザインにおけるHCD/UXD実践の試み。企業では、アカデミックではあまり議論されていない、コスト視点の差別化(ある範囲の切り捨てで全体最適化)と、ある妥協点でのサービス品質の継続性を考慮しなければならない。For designing solution architecture of enterprise communication services based on HCD/UXD.
Josh Gilbertson, Co Founder and Business Development Director at SkyDox, presented the following presentation at the Technology For Marketing & Advertising exhibition from 28th - 29th February 2012 at Earls Court in London.
The presentation discusses how cloud computing can improve client - agency interactions.
21 CFR Part 11
- Introduction
- Part 11: Electronic Records & Electronic Signatures :-
Subpart A - General Provisions
Subpart B - Electronic Records Subpart C – Electronic Signatures Good Manufacturing Practices Quality Management Documentation
- Range of requirements for written procedures Standard operating procedures (SOPs)
- Format for standard operating procedures (SOPs) Forms for recording data
- Master formulae
- References
Thank you !!!
University Institute of Pharmaceutical Sciences is a flag bearer of excellence in Pharmaceutical education and research in the country. Here is another initiative to make study material available to everyone worldwide. Based on the new PCI guidelines and syllabus here we have a presentation dealing with the 21 code of federal regulation Part 11.
Thank you for reading.
Hope it was of help to you.
UIPS,PU team
1ITC358ICT Management and Information SecurityChapter 12.docxhyacinthshackley2629
1
ITC358
ICT Management and Information Security
Chapter 12
Law and Ethics
In law a man is guilty when he violates the rights of others.
In ethics he is guilty if he only thinks of doing so. – Immanuel Kant
1
Objectives
Upon completion of this chapter, you should be able to:
Differentiate between law and ethics
Describe the ethical foundations and approaches that underlie modern codes of ethics
Identify major national and international laws that relate to the practice of information security
Describe the role of culture as it applies to ethics in information security
Identify current information on laws, regulations, and relevant professional organisations
2
Introduction
All information security professionals must understand the scope of an organisation’s legal and ethical responsibilities
Understand the current legal environment
Keep apprised of new laws, regulations, and ethical issues as they emerge
To minimise the organisation’s liabilities
Educate employees and management about their legal and ethical obligations
And proper use of information technology
3
Law and Ethics in Information Security
Laws
Rules adopted and enforced by governments to codify expected behaviour in modern society
The key difference between law and ethics is that law carries the sanction of a governing authority and ethics do not
Ethics are based on cultural mores
Relatively fixed moral attitudes or customs of a societal group
4
Information Security and the Law
InfoSec professionals and managers must understand the legal framework within which their organisations operate
Can influence the organisation to a greater or lesser extent, depending on the nature of the organisation and the scale on which it operates
5
Types of Law
Civil law
Pertains to relationships between and among individuals and organisations
Criminal law
Addresses violations harmful to society
Actively enforced and prosecuted by the state
Tort law (search Tort law in Australia)
A subset of civil law that allows individuals to seek redress in the event of personal, physical, or financial injury
6
Types of Law (cont’d.)
Private law
Regulates the relationships among individuals and among individuals and organisations
Family law, commercial law, and labour law
Public law
Regulates the structure and administration of government agencies and their relationships with citizens, employees, and other governments
Criminal, administrative, and constitutional law
7
Table 12-1a: Key U.S. laws of interest to information security professionals
8
Table 12-1b: Key U.S. laws of interest to information security professionals
9
Relevant U.S. Laws
The Computer Fraud and Abuse Act of 1986 (CFA Act)
The cornerstone of many computer-related federal laws and enforcement efforts
Amended in October 1996 by the National Information Infrastructure Protection Act
Modified several sections of the previous act, and increased the penalties for se.
21 CFR Part 11, commonly referred to as “Part 11” is a set of rules that specifies what is required for electronic records and signatures. The regulatory framework outlines the management of records in Electronic Quality Management Systems for Life Science and other FDA-regulated industries.
Why is it called 21 CFR Part 11?
What is 21 CFR Part 11? CFR stands for “Code of Federal Regulation.” 21 CFR Part 11, in particular, details the criteria under which electronic records and signatures are considered to be trustworthy and equivalent to paper records.
What are the 21 CFR rules?
21 CFR Rules set out guidelines on the usages and management of electronic records as well as electronic signatures. As such, as the user of electronic data records, you are guided by 21 CFR rules so that you can have optimal benefits from the data and also act in integrity.
(a) The regulations in this part set forth the criteria under which the agency considers electronic records, electronic signatures, and handwritten signatures executed to electronic records to be trustworthy, reliable, and generally equivalent to paper records and handwritten signatures executed on paper.
(b) This part applies to records in electronic form that are created, modified, maintained, archived, retrieved, or transmitted, under any records requirements set forth in agency regulations. This part also applies to electronic records submitted to the agency under requirements of the Federal Food, Drug, and Cosmetic Act and the Public Health Service Act, even if such records are not specifically identified in agency regulations. However, this part does not apply to paper records that are, or have been, transmitted by electronic means.
(c) Where electronic signatures and their associated electronic records meet the requirements of this part, the agency will consider the electronic signatures to be equivalent to full handwritten signatures, initials, and other general signings as required by agency regulations, unless specifically excepted by regulation(s) effective on or after August 20, 1997.
www.siroinstitute.com
Siro clinical research institute
Post graduate Diploma in Clinical Research
ALL EYES ON RAFAH BUT WHY Explain more.pdf46adnanshahzad
All eyes on Rafah: But why?. The Rafah border crossing, a crucial point between Egypt and the Gaza Strip, often finds itself at the center of global attention. As we explore the significance of Rafah, we’ll uncover why all eyes are on Rafah and the complexities surrounding this pivotal region.
INTRODUCTION
What makes Rafah so significant that it captures global attention? The phrase ‘All eyes are on Rafah’ resonates not just with those in the region but with people worldwide who recognize its strategic, humanitarian, and political importance. In this guide, we will delve into the factors that make Rafah a focal point for international interest, examining its historical context, humanitarian challenges, and political dimensions.
Responsibilities of the office bearers while registering multi-state cooperat...Finlaw Consultancy Pvt Ltd
Introduction-
The process of register multi-state cooperative society in India is governed by the Multi-State Co-operative Societies Act, 2002. This process requires the office bearers to undertake several crucial responsibilities to ensure compliance with legal and regulatory frameworks. The key office bearers typically include the President, Secretary, and Treasurer, along with other elected members of the managing committee. Their responsibilities encompass administrative, legal, and financial duties essential for the successful registration and operation of the society.
A "File Trademark" is a legal term referring to the registration of a unique symbol, logo, or name used to identify and distinguish products or services. This process provides legal protection, granting exclusive rights to the trademark owner, and helps prevent unauthorized use by competitors.
Visit Now: https://www.tumblr.com/trademark-quick/751620857551634432/ensure-legal-protection-file-your-trademark-with?source=share
Matthew Professional CV experienced Government LiaisonMattGardner52
As an experienced Government Liaison, I have demonstrated expertise in Corporate Governance. My skill set includes senior-level management in Contract Management, Legal Support, and Diplomatic Relations. I have also gained proficiency as a Corporate Liaison, utilizing my strong background in accounting, finance, and legal, with a Bachelor's degree (B.A.) from California State University. My Administrative Skills further strengthen my ability to contribute to the growth and success of any organization.
Synopsis On Annual General Meeting/Extra Ordinary General Meeting With Ordinary And Special Businesses And Ordinary And Special Resolutions with Companies (Postal Ballot) Regulations, 2018
In 2020, the Ministry of Home Affairs established a committee led by Prof. (Dr.) Ranbir Singh, former Vice Chancellor of National Law University (NLU), Delhi. This committee was tasked with reviewing the three codes of criminal law. The primary objective of the committee was to propose comprehensive reforms to the country’s criminal laws in a manner that is both principled and effective.
The committee’s focus was on ensuring the safety and security of individuals, communities, and the nation as a whole. Throughout its deliberations, the committee aimed to uphold constitutional values such as justice, dignity, and the intrinsic value of each individual. Their goal was to recommend amendments to the criminal laws that align with these values and priorities.
Subsequently, in February, the committee successfully submitted its recommendations regarding amendments to the criminal law. These recommendations are intended to serve as a foundation for enhancing the current legal framework, promoting safety and security, and upholding the constitutional principles of justice, dignity, and the inherent worth of every individual.
How to Obtain Permanent Residency in the NetherlandsBridgeWest.eu
You can rely on our assistance if you are ready to apply for permanent residency. Find out more at: https://immigration-netherlands.com/obtain-a-permanent-residence-permit-in-the-netherlands/.
The Electronic Personnel File: Legal Rules for the Paperless HR Office
1. Parsons Behle & Latimer IDAHO EMPLOYMENT LAW SEMINAR
THE ELECTRONIC PERSONNEL FILE:
LEGAL RULES FOR THE
PAPERLESS HR OFFICE
J. Kevin West
kwest@parsonsbehle.com
WEDNESDAY, OCTOBER 21, 2015 | BOISE CENTRE
parsonsbehle.com
3. 3
Electronic records reduce the need for
physical storage space.
Documents can be retrieved instantly.
Multiple people can view the same
document from different locations and
devices at the same time.
Pros of Going Paperless
4. 4
Cons of Going Paperless
New security threats from both inside and
outside the office.
Portable devices generally come with very
little security.
Costs of maintaining and storing electronic
records.
5. 5
Generally, so long as your office ensures
security for electronic records and systems,
the pros of going paperless highly outweigh
the cons.
6. 6
General Requirements for
Electronic Storage Systems
1. Must have an accurate and complete
scanning/conversion of hardcopies (i.e.
paper) to electronic storage systems.
2. Must be able to index, store, preserve,
retrieve, and reproduce the electronic
records.
7. 7
3. Must include a retrieval system that
includes an indexing system.
4. Must have the ability to reproduce legible
and readable hardcopies of electronic
records.
General Requirements for
Electronic Storage Systems
8. 8
General Requirements for
Electronic Storage Systems
5. Must have controls to ensure the integrity,
accuracy, and readability of the electronic
storage system.
6. Must have controls to prevent and detect
the unauthorized creation of, addition to,
alteration of, deletion of, or deterioration of
electronically stored records.
9. 9
Specific Laws Regarding
Retention of Electronic Records
There are a number of federal laws and
regulations laying out specific requirements for
the retention and storing of electronic
employment records.
These laws include:
1. Electronic Signatures in Global and National Commerce Act
2. Family and Medical Leave Act (FMLA)
3. Employee Retirement Income Security Act (ERISA)
4. Americans with Disabilities Act (ADA)
5. Fair Labor Standards Act (FLSA)
6. Occupational Safety and Health Administration (OSHA)
7. I-9 Form Requirements
8. HIPAA
10. 10
1. Electronic Signatures in Global
and National Commerce Act
Applies to all electronic transactions.
States that electronic signatures and
contracts are valid, legally binding, and
enforceable.
15 U.S.C. § 7001
11. 11
Electronic Signatures in Global
and National Commerce Act
Consumer must consent to the use of an
electronic record.
Consumer must be provided with a “clear and
conspicuous” statement informing the consumer:
– (1) They have the option of having the document
made available for them electronically or on paper.
– (2) They have the right to withdraw consent for the
use of an electronic record.
– (3) Must describe how the consumer may withdraw
consent.
– (4) Must inform consumer how he can obtain a paper
copy of an electronic record and whether he will be
charged a fee for the copy.
15 U.S.C. § 7001
12. 12
Electronic Signatures in Global
and National Commerce Act
Must inform consumer that the consent
only applies to that particular transaction
or “to identified categories of records that
may be provided or made available during
the course of the parties’ relationship.”
15 U.S.C. § 7001
13. 13
2. Family and Medical Leave Act
Covered employers must keep FMLA
records for at least three years.
Records kept in the computer must be
made readily available for transaction or
copying.
29 C.F.R. 825.500
14. 14
Covered employers must maintain records that
disclose the following:
– Basic payroll and identifying employee data.
– Dates FMLA leave is taken by FMLA eligible
employees.
– The hours of FMLA leave if leave is taken in
increments of less than one full day.
– Copies of employee notices of leave furnished to
employer.
Family and Medical Leave Act
29 C.F.R. 825.500
15. 15
Covered employers must maintain records that disclose
the following:
– Any documents describing employee benefits or
employer policies and practices regarding the taking
of paid and unpaid leave.
– Premium payments of employee benefits.
– Records of any dispute between the employer and an
eligible employee regarding the designation of leave
as FMLA leave.
Family and Medical Leave Act
29 C.F.R. 825.500
16. 16
Records and documents relating to
certifications, recertifications, or medical
histories of employees and employees’
family members:
– Must be kept confidential.
– Must be kept in separate files from the
“regular” personnel files.
Family and Medical Leave Act
29 C.F.R. 825.500
17. 17
3. Employee Retirement Income
Security Act (ERISA)
Employers must maintain sufficient
records to explain, verify, and clarify what
is in a government filing and to determine
the benefits due or which may become
due.
Must keep these records for at least six
years after the filing date.
29 U.S.C. § 1027, 29 U.S.C. § 1059
18. 18
Electronic recordkeeping systems must
have reasonable controls to ensure the
integrity, accuracy, authenticity, and
reliability of the records.
Records must be maintained in
reasonable order, and in such a manner
that they may be readily examined.
Employee Retirement Income
Security Act (ERISA)
29 C.F.R. 2520.107-1
19. 19
The electronic system must be capable of
indexing, retrieving and reproducing the
electronic records.
Records must be readily convertible into
legible paper copy.
Employee Retirement Income
Security Act (ERISA)
29 C.F.R. 2520.107-1
20. 20
Adequate records management practices must
be implemented by employers. For example:
– Providing a secure storage environment.
– Creating back-up electronic copies.
– Selecting an off-site storage location.
– Retaining paper copies of records that cannot
be clearly and accurately transferred to
electronic form.
Employee Retirement Income
Security Act (ERISA)
29 C.F.R. 2520.107-1
21. 21
Original paper records may be disposed of
after they are converted to electronic form.
Original records may not be discarded if
the electronic record would not constitute
a duplicate or substitute record.
Employee Retirement Income
Security Act (ERISA)
29 C.F.R. 2520.107-1
22. 22
Tomlinson v. El Paso Corporation
42 Emp. Benefits Cases 1429 (U.S. District Court Colorado 2007)
Employees sued company and asked for
pension plan records in discovery.
Company said that Mercer kept the
records, that it did not “control” the records
and that Mercer’s electronic system was
proprietary.
A Case In Point
23. 23
The Court disagreed:
ERISA imposes upon the Defendants the duty to ensure that the
“recordkeeping system has reasonable controls” such that its employee
benefits records are “accessible…in such a manner as they may be
readily inspected or examined.” While the Defendants claim they have
no control over information concerning the “computerized
infrastructure” (recordkeeping system) Mercer uses to administer the
Plan and maintain its benefit records, such claim is contradicted by the
plain language of §2520.107-1(b)(1). Defendants cannot delegate their
duties to a third party under ERISA… Consequently, Defendants are in
possession, custody or control over the requested data, within the
meaning of Fed. R. Civ. P. 26(a)(1)(B), such that they have, or should
have, the authority and ability to obtain the requested data.
A Case In Point
24. 24
Any request for reasonable accommodation must be
preserved for one year after the date of making the
record or the personal action involved, whichever is later.
Where a discrimination charge is filed, the employer
must preserve all personnel records relevant to the
charge or action until the action is settled.
Employee medical records must be kept confidential and
separate from personnel files.
4. Americans With Disabilities
Act (ADA)
29 C.F.R. 1602.14
25. 25
Reproductions must be clear and identifiable by
date or pay period.
Payroll records and other records containing
employee information and data must be
preserved for three years.
Collective bargaining agreements, plans,
employment contracts, and similar documents
must be preserved for three years.
5. Fair Labor Standards Act (FLSA) –
Records to be Preserved for Three Years
29 C.F.R. 516.1, 29 C.F.R. 516.5
26. 26
Basic employment and earning records, such as
time cards, must be preserved for two years.
All tables and schedules of the employer which
provide the rates used in computing earnings,
wages, salaries, or overtime compensation shall
be preserved for two years.
Fair Labor Standards Act (FLSA) –
Records to be Preserved for Two Years
29 C.F.R. 516.6
27. 27
Employers must keep records of fatalities,
injuries, and illnesses that are work
related.
Must save the OSHA 300 Log, the privacy
case list, the annual summary, and the
OSHA 301 Incident Report forms for five
years following that end of the calendar
year that the records cover.
6. Occupational Safety and
Health Administration
29 C.F.R. 1904.4, 29 C.F.R. 1904.33
28. 28
Electronic storage system must have
reasonable controls to ensure the integrity,
accuracy, and reliability of the system.
Storage system must have controls
designed to prevent and detect the
unauthorized or accidental creation of,
addition to, alteration of, or deletion of
electronic I-9 forms.
7. I-9 Requirements
8 C.F.R. 274a.2
29. 29
Storage retrieval system must have an
indexing system that permits searches by
any data element.
Must be able to produce legible paper
copies.
I-9 Requirements
8 C.F.R. 274a.2
30. 30
Forms must be retained for three years
after the date employment begins, or one
year after the date employment is
terminated, whichever is later.
Copies of I-9 forms must be made
available on three days’ notice for
inspection by U.S. Immigration and
Customs Enforcement.
I-9 Requirements
8 C.F.R. 274a.2
31. 31
Requires most employer-sponsored health
plans to implement comprehensive
safeguards for employee health
information maintained, created or
transmitted in electronic form.
“Protected Health Information”: individually
identifiable information that is created or
maintained as part of an employee health
benefits program.
8. HIPAA
32. 32
Cloud storage and computing systems
– Costs
– Security
Choosing an electronic record keeping
vendor
Preservation of document metadata
– Identity of author, when the file was created,
and information in calendar-keeping software
could all be crucial to litigation.
Other Issues to Consider
33. 33
Security, both internal and external.
– Systems need to be secure from outside
intruders through use of passwords, firewalls,
and encryption
– Systems need to be secure from insiders who
shouldn’t have access to certain documents
Just as with paper personnel files, electronic
personnel files must have separate folders with
access granted on a “need to know” basis.
Other Issues to Consider
34. 34
Readability and accessibility of data over
time.
Saving data permanently –
– Maintenance of databases
– How secure is the database long term?
– What if it crashes?
– Is there a backup?
– Does the company know how to retrieve data
from backup?
Other Issues to Consider
35. 35
Yes, you can get rid of all your paper
records if it is done correctly.
Conclusion
36. 36
J. Kevin West
208.562.4908
kwest@parsonsbehle.com
Thank You
Editor's Notes
Many offices have on-site and off-site paper storage spaces. Paper, obviously, takes up a lot of space, and switching over to electronic records can greatly reduce the need for physical storage space.
Rather than having to send someone to the basement to sort through documents, a document can be looked up instantly, in a matter of seconds, when it is on a computer. This can save time and hassle for an HR department.
When your office switches over to electronic recordkeeping, multiple people can view a document at once from either an online database (Netdocs at PBL) or from a universal drive that everyone in the office has access to. Although, usually only one person can edit a document at a time, but this could very well be evolving, as multiple people can edit a document on, for example, GoogleDocs.
Going green is a national trend that your office may want to become a part of. Not only does going paperless reduce waste, it can also save time and money.
Security is one of the biggest issues to keep in mind when going paperless. Now, instead of having confidential records kept in a locked room, these records can exist on a computer in plain sight. HR professionals need to ensure that their screens and passwords are kept private, as well as ensuring that confidential and private records are encrypted to protect from inside security threats. Computers are also highly susceptible to getting hacked by outsiders, which can lead to the loss of thousands and thousands of confidential documents and records, including your employees’ health records, social security numbers, and more.
Portable Devices – Portable devices, such as your iPhone, do not come with the security of a computer. Emails and data on your phone can contain confidential information, and ensuring that this is protected is very important. For example, having a 6 digit passcode, instead of the preset 4-digit code, can make is much harder to gain access to your phone should you loose it. Also making sure that when you dispose of a laptop hard-drive or your phone that everything is completely wiped of information. (Story of Chinese orange man, attached)
This law made switching over to electronic records much easier because now nearly nothing needs to be signed in a person’s handwriting.
Cloud storage systems – When you upload something to “the cloud,” it really goes to a massive computer somewhere in the middle of nowhere. That computer now forever has a copy of that document, and permanently deleting it from cyberspace can be very difficult. As such, it is very important to invest in a secure cloud storage system. For example, Google offers free storage on its cloud, but then everything that you upload is subjected to Google’s data mining, profiling, and analytics, which would not be okay for your confidential documents. Google’s paid cloud storage system, however, does not subject your documents to any of that. Make sure that when you are picking a cloud storage system you ensure that it is secure and confidential, which may come at a steeper cost.
Preservation of Document Metadata – Metadata is essentially the history of a document. For example, Outlook may capture certain information about when events took place that could be crucial to litigation. IT departments routinely wipe hard drives that departing employees had used, which can delete all the metadata from that computer. It would not be good if, five years down the road, your company was sued, and the metadata needed to prove a piece of your argument was deleted years ago. Additionally, a paper document that is scanned into Word and then later converted to a PDF filed can also loose its metadata. Make sure that people dealing with records that need to be maintained and retained know how to adequately ensure that metadata isn’t lost along the way.
I was thinking that if this presentation needs to be longer, I could do some case law research on electronic records. You could then have stories to tell of when an HR department’s failure to adequately protect records was the basis for costly litigation. Or, on the other hand, when an HR department’s success in retaining records helped the company get out of a big case. We could put the cases at the end or after a couple of the different laws to break up the legal section.