How HR can help prevent data breaches

HR can play a key role in preventing disgruntled employees stealing company information, one lawyer tells HC

How HR can help prevent data breaches
In order to combat the threat of employees stealing information, HR really needs to work closely with their IT teams, says Lynne Lewis, partner, intellectual property at law firm Minter Ellison.
In particular, it’s important to ensure that there are comprehensive systems in place so that employees doing the wrong thing can be tracked, Lewis told HC.
Employers have the option of accessing technology which allows them to see if an employee has been downloading onto USB keys. Moreover, they can see if staff have been taking their computer home, hooking it up to devices and downloading from it or printing from it.
However, Lewis has come across organisations, quite often large ones, that don’t have sound IT systems in place.
For example, there may not be any logs kept of USB keys that are plugged in and out of workplace computers.
“If I’m running a case, I want to be able to show that the night before someone actually departed or the night before they hand in their resignation that a USB key was inserted into their work computer and that XYZ was copied over onto that,” Lewis said.
“HR must work with the IT teams to get good tracking and lockdown technology in place ahead of time.”
HR teams also need exceptional internal communication in place whenever an employee resigns, added Lewis.
“I’ve seen many circumstances where the information doesn’t necessarily get told to the correct people who might notice that something unusual is happening with people’s access to premises or documents during that period of time,” said Lewis.
“Had they known that person had resigned then they might have actually spoken up about seeing some strange things happening.”
It’s also important to be careful with document destruction policies because sometimes important information can be lost, said Lewis.
She cited one of her clients who introduced a 30-day policy whereby everything disappears after 30 days. “That can be really hard to recover,” she said.
“But they can put in place an exemption to that if they’ve got a basis for it in their system.” 
Related stories:

Spies, lies and thieves: Stopping IP theft                                    

Are your staff suffering from ‘tech fatigue’?                                    

SAI Global sues worker for raiding database before quitting

Free newsletter

Our daily newsletter is FREE and keeps you up-to-date with the world of HR. Please complete the form below and click on subscribe for daily newsletters from HRD Australia.

Recent articles & video

How has COVID-19 impacted men's mental health?

Why COVID-19 is aggravating leadership burnout

Fun Friday: Happy marriages spark creativity at work

COVID-19: Mental wellbeing in the new normal

Most Read Articles

What will the workplace look like post-COVID-19?

How has COVID-19 impacted your company’s digital transformation?

Can industrial relations change for the better post-COVID-19?