Confidentiality in payroll matters is routine, expected and often legally mandated. But that doesn’t mean confidentiality problems can’t occasionally rise up. Your business needs to be aware of the rules governing payroll information and to take steps to protect employee and company data.
The information included in payroll records is both personal and sensitive. It generally can be divided into two categories:
1. Employee information. This includes personal data such as employee names, addresses, dates of birth, Social Security numbers (SSNs), pay rates, regular and overtime wages, salaries, bonuses, commissions, wage garnishes, 401(k) contributions and health insurance premiums. Possibly most sensitive — and most lucrative for criminals — is the bank account numbers your company uses to directly deposit paychecks.
2. Employer information. This category is comprised of items such as your company’s payroll liabilities (for example, Medicare, Social Security and unemployment taxes), amounts you pay for employee fringe benefits such as matching 401(k) contributions and health insurance, your business’s bank account numbers and other proprietary information.
As you can see, payroll records hold information that could enable criminals to steal and perpetrate identity fraud. Even partial data, such as an employee’s SSN could help a thief crack otherwise protected financial accounts online. What’s more, information leaks can cause strife between employees. Consider what would happen if two workers with the same or similar jobs and experience learn that they’re paid disparate salaries. The lower-paid individual may become resentful and even take action to sabotage your business or file a discrimination suit against it.
No Foolproof Method
When you factor in the human element, there’s no foolproof method for ensuring payroll records remain secret. For example, there’s nothing preventing employees from sharing their own salary information with coworkers. Nevertheless, there are steps you can take to protect payroll data.
First, address the need for confidentiality in your employee handbook. Although you can’t formally forbid wage discussions, you can request that employees be discreet. Include any information about state laws that might concern employee confidentiality. Also explain how your business determines compensation and what steps are taken to prevent discrimination.
Second, take internal and external security measures. Work with your IT department to ensure payroll software and files are password-protected and cybersecure. Keep in mind that your accounting department may retain some hard copies for back-up purposes. Access to these must be limited to a few designated staffers who need them for their work. Also, payroll employees should work in areas separate from other employees, preferably in offices that can be locked. For further protection, have payroll workers sign confidentiality agreements when they’re hired. If leaking payroll data can result in termination, make sure this policy is clearly spelled out for employees.
If you outsource your payroll function, you’ll need to authorize one or more employees to act as liaisons between the service and your accounting department. But contractors and employees should only be given access to information they need. Someone in upper management should routinely monitor communications and distributions between your accounting department and payroll services to ensure protocols are followed.
Information Sharing Rules
Employees, understandably, may want to know what their employer does to keep their information private. Explain what information you keep on file and who has access to it, including third-party payroll services, your business’s outside auditors and government agencies. If a government agency (such as the IRS) requests information about an employee, consult legal counsel and comply as quickly as feasible. Typically, such requests are made in writing via letter or email.
If employees ask to view their own payroll records, you generally have to comply within a stated period of time, depending on your state’s laws. Also know that you shouldn’t share an employee’s payroll records with his or her spouse without the employee’s consent. If you encounter other situations where you aren’t sure whether payroll records should be shared — or if an employee shares records without permission — talk to your attorney.
Confidentiality remains the bedrock of an effective and efficient payroll function. Employers must take this seriously or risk financial losses, legal trouble, employee departures and bad publicity. If you have questions, consult your financial and legal advisors.
PKS & Company, P. A. is a full service accounting firm with offices in Salisbury, Ocean City and Lewes that provides traditional accounting services as well as specialized services in the areas of retirement plan audits and administration, medical practice consulting, estate and trust services, fraud and forensic services and payroll services and offers financial planning and investments through PKS Investment Advisors, LLC.
© Copyright 2021. All rights reserved.
Brought to you by: PKS & Company, P.A.