Data Defense: HR Staff on the Frontlines


The threat of data breaches and data phishing is real. And, if they’re looking for social security numbers and other juicy stats on your employees, they’re going to come for your human resources department. Your HR and Payroll departments are the vault. And, the way in is through verification requests. Now, many of the verification requests that these departments deal with day-in and day-out are valid requests — requests from lenders, insurance agencies, government agencies and the like. But some requests are not genuine. Some requests that come across your desk look valid but are created by a person or a company that wants to use the information for their own personal gain. Sending such sensitive data to the wrong recipient can cost your company tons of money in legal and recovery fees.


Defending Data Like It’s Your Own


How do you arm your staff to best defend the sensitive data they’ve been entrusted with? First, you need to teach them to value every employee’s data as if it were their own. That means they need to look over every request carefully. If it’s an email request, they should confirm that the sender’s email address matches the company the sender claims to represent. And, if someone calls asking for a verification, they should do a search on the number and see if it comes up fraudulent before giving any data. Being diligent to double check who you are exchanging data with can help keep your data secure.


However, a more user friendly and secure option is utilizing an employment verification service. With an employment verification service like Verifent in place, the person making the verification request, makes the request through Verifent. And, Verifent determines the authenticity of the request rather than your staff.


HR and Payroll departments hold a vault of sensitive data. And, requests for verifications flow into their departments daily. Responding to verifications can yield costly mistakes, but it doesn’t have to. You can train employees how to spot fraudulent requests. Or, the simpler and more compliant solution is to use a secure and cloud-based solution like Verifent.