Broker Check

Top Seven Obligations for Employee Data Privacy

October 21, 2021

Rehan Jalil of the Forbes Technology Council and CEO of cybersecurity firm SECURITI has posted these obligations on the website. In Jalil's words, there is a "minefield" of personal employee data laws and regulations, and a company needs to know its obligations in each state and country where it operates.

Here is Jalil's list:

  1. Know the privacy laws and create security controls and privacy practices to ensure compliance.
  2. Justify the collection and processing of personal data. It must be necessary and relevant.
  3. Implement formal consent policies and procedures. Discuss how you collect, process and share employees' personal data. Review and update policies regularly.
  4. Data subject rights requests must be fulfilled in timely fashion.
  5. Audit all processing of personal data.
  6. Protect employee data. Notify impacted employees of a breach within time allotted by law. 
  7. Control access to personal information; limit access to authorized users.

The complete article is at