Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Dr Shah Miah
HRIS Issues
Today, we will be talking about issues of
HRIS: integration; data integrity, security
and privacy (CHAPTER 16)
 Mainly experienced in HRIS design and
implementation phases
 HR Payroll Integration
 Example: fully integrated app
htt...
Michael J. Kavanagh, Mohan Thite, and Richard D. Johnson - Human
Resource Information Systems: Basics, Applications, and F...
Michael J. Kavanagh, Mohan Thite, and Richard D. Johnson - Human
Resource Information Systems: Basics, Applications, and F...
Michael J. Kavanagh, Mohan Thite, and Richard D. Johnson - Human
Resource Information Systems: Basics, Applications, and F...
Michael J. Kavanagh, Mohan Thite, and Richard D. Johnson - Human
Resource Information Systems: Basics, Applications, and F...
Michael J. Kavanagh, Mohan Thite, and Richard D. Johnson - Human
Resource Information Systems: Basics, Applications, and F...
 OECD/APEC
https://www.privacyenforcement.net/public/activities
Transborder data transfer
 Multinational employer
 New idea – centralised database for HR related data
 Business case template check-box:
 “Meet...
Michael J. Kavanagh, Mohan Thite, and Richard D. Johnson - Human
Resource Information Systems: Basics, Applications, and F...
Michael J. Kavanagh, Mohan Thite, and Richard D. Johnson - Human
Resource Information Systems: Basics, Applications, and F...
Michael J. Kavanagh, Mohan Thite, and Richard D. Johnson - Human
Resource Information Systems: Basics, Applications, and F...
Michael J. Kavanagh, Mohan Thite, and Richard D. Johnson - Human
Resource Information Systems: Basics, Applications, and F...
Michael J. Kavanagh, Mohan Thite, and Richard D. Johnson - Human
Resource Information Systems: Basics, Applications, and F...
Michael J. Kavanagh, Mohan Thite, and Richard D. Johnson - Human
Resource Information Systems: Basics, Applications, and F...
Michael J. Kavanagh, Mohan Thite, and Richard D. Johnson - Human
Resource Information Systems: Basics, Applications, and F...
Michael J. Kavanagh, Mohan Thite, and Richard D. Johnson - Human
Resource Information Systems: Basics, Applications, and F...
Michael J. Kavanagh, Mohan Thite, and Richard D. Johnson - Human
Resource Information Systems: Basics, Applications, and F...
 Effectiveness and efficiency depends on integrity and
accuracy of data
DATA INTEGRITY
 HR data management issues
 Siloed systems
 Inaccurate or outdated information
 Inefficient means of data sharing and ...
 Government reporting requirements
 Basic organisational efficiency
 Credibility of HR function
 Costs
Business critic...
 Automation
 Fragmented systems
 Mix of manual and automated systems and processes
 Manual override
 Bad data
 Outda...
 Best opportunity to fix data
 Identify information needed
 Don’t assume paper based data is accurate – check
 Data au...
 Develop an overall HR technology strategy
 Master system into which all HR data is entered and
resides (e.g. SAP HCM)
K...
 Data integrity results in efficiency, effectiveness and
strategic opportunities.
 Protecting the privacy concerns of in...
 Over the past 3 years, Monster.com has had breaches in
security.
 In your discussion groups search for information abou...
Upcoming SlideShare
Loading in …5
×

HRIS Issues

4,644 views

Published on

Sharing one of the HRIS lectures designed by our Unit Coordinator and Lecturer: Dr Shah Miah from what we have learned through our Master Program. Greatly appreciated of our teachers guidance and support.
"Hopefully, the readers can use this resource for educational purposes and in a good way"

Published in: Technology
  • Sex in your area is here: ❶❶❶ http://bit.ly/39pMlLF ❶❶❶
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Dating direct: ❤❤❤ http://bit.ly/39pMlLF ❤❤❤
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • I still can't believe how great this worked. My drill battery, several AA and AAA batteries, and my camera battery work great again! This is super fun to do too. ➤➤ http://ishbv.com/ezbattery/pdf
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here

HRIS Issues

  1. 1. Dr Shah Miah HRIS Issues
  2. 2. Today, we will be talking about issues of HRIS: integration; data integrity, security and privacy (CHAPTER 16)
  3. 3.  Mainly experienced in HRIS design and implementation phases  HR Payroll Integration  Example: fully integrated app http://www.empower-hr.com/ Integration Issues
  4. 4. Michael J. Kavanagh, Mohan Thite, and Richard D. Johnson - Human Resource Information Systems: Basics, Applications, and Future Directions, 2e © 2012 SAGE Publications, Inc. Confidential information  A great deal of confidential information about employees is captured and stored by organizations  Employee personal details  Pay and benefits history  Medical records  Disciplinary records  Data is stored electronically and transmitted across networks.  Increasing integration of HRIS has made information security management a complex and challenging undertaking 4
  5. 5. Michael J. Kavanagh, Mohan Thite, and Richard D. Johnson - Human Resource Information Systems: Basics, Applications, and Future Directions, 2e © 2012 SAGE Publications, Inc. Information Security in HRIS  Protecting information in the HRIS from unauthorized  Access, use, disclosure, disruption, modification, and destruction  Objectives of information security  Protect confidentiality, integrity and availability of information (Pfleeger, 2006; Wong, 2006b). 5
  6. 6. Michael J. Kavanagh, Mohan Thite, and Richard D. Johnson - Human Resource Information Systems: Basics, Applications, and Future Directions, 2e © 2012 SAGE Publications, Inc. COMPONENTS OF INFORMATION SECURITY  Three main principles of information security  Confidentiality  Integrity  Availability  The HRIS is composed of three components  Hardware  Software  Communications  As mechanisms of protection  Physical  Personal  Organizational levels 6
  7. 7. Michael J. Kavanagh, Mohan Thite, and Richard D. Johnson - Human Resource Information Systems: Basics, Applications, and Future Directions, 2e © 2012 SAGE Publications, Inc. SOURCE: Wikipedia (2007) COMPONENTS OF INFORMATION SECURITY Figure 16.1 7
  8. 8. Michael J. Kavanagh, Mohan Thite, and Richard D. Johnson - Human Resource Information Systems: Basics, Applications, and Future Directions, 2e © 2012 SAGE Publications, Inc. LEGAL REQUIREMENTS FOR INFORMATION TECHNOLOGY  The European Union Data Protection Directive (EUDPD)  Requires that all EU members must adopt national regulations to standardize the protection of data privacy for citizens throughout the European Union.  Singapore  http://www.aar.com.au/pubs/asia/foasia24oct11.htm#Intro 8
  9. 9.  OECD/APEC https://www.privacyenforcement.net/public/activities Transborder data transfer
  10. 10.  Multinational employer  New idea – centralised database for HR related data  Business case template check-box:  “Meets HR Data Privacy Requirements”  Could not be marked because of lack of relevant documentation  Project denied  Data transfer privacy requirements  Risk associated with non-compliance  (Gracen 2008, p.38) HR Data Privacy and Project Metrics
  11. 11. Michael J. Kavanagh, Mohan Thite, and Richard D. Johnson - Human Resource Information Systems: Basics, Applications, and Future Directions, 2e © 2012 SAGE Publications, Inc. THREATS TO INFORMATION SECURITY  Human errors in data entry & handling  Damage by employee  Disgruntled & ill-informed employees: critical role of HR  Misuse of computer systems:  Unauthorized access to or use of information  Computer-based fraud  Viruses, worms & trojans: cyber terrorism  Hackers  Natural disasters 11
  12. 12. Michael J. Kavanagh, Mohan Thite, and Richard D. Johnson - Human Resource Information Systems: Basics, Applications, and Future Directions, 2e © 2012 SAGE Publications, Inc. BEST PRACTICES IN HR INFORMATION SECURITY  Adopt A comprehensive privacy policy  Store sensitive personal data in secure computer systems and provide encryption  Dispose of documents properly or restore computer drives and cd-roms  Build document destruction capabilities into the office infrastructure  Conduct regular security practice training  Conduct privacy “walk-throughs” (Canavan, 2003; David, 2002; Tansley & Watson, 2000) 12
  13. 13. Michael J. Kavanagh, Mohan Thite, and Richard D. Johnson - Human Resource Information Systems: Basics, Applications, and Future Directions, 2e © 2012 SAGE Publications, Inc. ADDITIONAL BEST PRACTICES IN HR INFORMATION SECURITY  The careful selection of staff with regard to their honesty and integrity  Raise information security awareness and ensure employees understand corporate security policies  Institute measures to address the personal problems of staff, such as gambling and drug addictions, which might lead them indulge in abuse for financial gains  Provide access to effective grievance procedures since the motivation for much computer abuse is retaliation against management Kovach, Hughes, Fagan, and Maggitti (2002) Grundy, Collier, and Spaul (1994) 13
  14. 14. Michael J. Kavanagh, Mohan Thite, and Richard D. Johnson - Human Resource Information Systems: Basics, Applications, and Future Directions, 2e © 2012 SAGE Publications, Inc. INFORMATION SECURITY MANAGEMENT FOR HRIS  ISO/IEC 27002  Administrative/Procedural  Logical/Technical  Physical Controls 14
  15. 15. Michael J. Kavanagh, Mohan Thite, and Richard D. Johnson - Human Resource Information Systems: Basics, Applications, and Future Directions, 2e © 2012 SAGE Publications, Inc. INFORMATION PRIVACY  Comprises ethical, moral, and legal dimensions and has assumed greater importance with the increased adoption of the internet and Web 2.0.  Privacy is A human value consisting of four elements (Kovach & Tansey, 2000):  Solitude: the right to be alone without disturbances  Anonymity: the rights to have no public personal identity  Intimacy: the right not to be monitored  Reserve: the right to control one’s personal information including the methods of dissemination of that information. 15
  16. 16. Michael J. Kavanagh, Mohan Thite, and Richard D. Johnson - Human Resource Information Systems: Basics, Applications, and Future Directions, 2e © 2012 SAGE Publications, Inc. CONTROLLING ACCESS TO HR DATA  Administrative controls  Logical (technical) controls  Physical controls  Security classification for information  Access control  Cryptography  Defense in depth 16
  17. 17. Michael J. Kavanagh, Mohan Thite, and Richard D. Johnson - Human Resource Information Systems: Basics, Applications, and Future Directions, 2e © 2012 SAGE Publications, Inc. INFORMATION PRIVACY AND HRIS  Concerns  Types of employee information that can be collected and stored in the system  Who can access and update the information (Noe et al., 1994; Sadri & Chatterjee, 2003)  Considerations  Collect and store information based on sound and valid business reasons (Hubbard Et Al., 1998)  Collect only information which is necessary, lawful, current, and accurate (Camardella, 2003) 17
  18. 18. Michael J. Kavanagh, Mohan Thite, and Richard D. Johnson - Human Resource Information Systems: Basics, Applications, and Future Directions, 2e © 2012 SAGE Publications, Inc. HRIS SECURITY BEST PRACTICES 1. Train users on how to securely use and handle the equipment, data, and software. 2. Train employees to “log off” personal computers after they are through using them. 3. Do not allow passwords to be shared. Change passwords frequently. 4. Run software through a virus-detection program before using it on the system. 5. Ensure that backup copies, data files, software, and printouts are used only by authorized users. (Noe et al., 1994; Pfleeger, 2006) 18
  19. 19. Michael J. Kavanagh, Mohan Thite, and Richard D. Johnson - Human Resource Information Systems: Basics, Applications, and Future Directions, 2e © 2012 SAGE Publications, Inc. HRIS SECURITY BEST PRACTICES 1. Make backup copies of data files and programs. 2. Ensure that all software and mainframe applications include an audit trail (a record of the changes and transactions that occur in a system, including when and who performed the changes). 3. Use edit controls (such as passwords) to limit employees' access to data files and data fields. 4. Employees take responsibility for updating their employee records themselves via the self-service system. (Noe et al., 1994; Pfleeger, 2006) 19
  20. 20.  Effectiveness and efficiency depends on integrity and accuracy of data DATA INTEGRITY
  21. 21.  HR data management issues  Siloed systems  Inaccurate or outdated information  Inefficient means of data sharing and transmission  Resulting in  Delays in decision making  Missed opportunities  Preventing movement to strategic role  Costs millions of dollars each year HR Data Availability, Quality and Integrity (Sopoci & Keebler 2005)
  22. 22.  Government reporting requirements  Basic organisational efficiency  Credibility of HR function  Costs Business critical issues (Sopoci & Keebler 2005)
  23. 23.  Automation  Fragmented systems  Mix of manual and automated systems and processes  Manual override  Bad data  Outdated data Why data becomes bad (Sopoci & Keebler 2005)
  24. 24.  Best opportunity to fix data  Identify information needed  Don’t assume paper based data is accurate – check  Data audits Conversions (Sopoci & Keebler 2005)
  25. 25.  Develop an overall HR technology strategy  Master system into which all HR data is entered and resides (e.g. SAP HCM) Keeping it clean (Sopoci & Keebler 2005)
  26. 26.  Data integrity results in efficiency, effectiveness and strategic opportunities.  Protecting the privacy concerns of individuals requires a combination of law, processes, procedures and technology.  Organisations must ensure:  Collection, maintenance, use and dissemination of personal information is necessary, lawful, current, and accurate  Maintenance of high ethical standards (Wong & Thite 2009, p.404) Conclusion
  27. 27.  Over the past 3 years, Monster.com has had breaches in security.  In your discussion groups search for information about this security breach  Prepare a short presentation on this and include some analysis of the data integrity implications. Web based exercise

×