Policy Example for employees who have access to SSN?

I am working for a company who outsources HR services. The employees of this company have access to social security numbers of the clients that purchase our product to help train and troubleshoot issues with the product. I wanted to see if anyone has any experience of policy or documentation to protect both the company and the client from a rogue employee who may try to acquire this information for malicious use? Does anybody out there have any experience or suggestions for policy or documents the employee would need to sign that you have used? Thank you in advance!

Comments

  • 1 Comment sorted by Votes Date Added
  • I think a confidential information policy would work best for you and can cover any and all information that the person may have access to.  One thing I like to make sure is in these policies is the requirement that any documents containing customer information MUST be shredded after it is no longer needed.  You don't want any of that ending up in the trash and someone else getting their hands on it.  You would be amazed at the number of people that don't think about those things.

    I would also put something in your employee handbook about confidential information and shredding documents and make sure this is talked about during new employee orientation.

    Here is some language that should get you started:

    Employee recognizes and acknowledges that during Employee's employment with the Employer, Employee occupies a position of trust and confidence.  Employee shall not, during Employee's employment with Employer or at any time thereafter, either directly or indirectly, personally use or divulge, disclose or communicate to any other person or entity in any manner whatsoever any Confidential Information. "Confidential Information" means all information about the Employer or any of its clients, including but not limited to, client lists, product and service information, billing and bidding procedures, plans of operations, lists of employees, information provided by customer about the customer's operations or employees, that was revealed to or learned by Employee in the course of Employee's employment with the Employer.  Furthermore, Employee acknowledges that Employee has not made and shall not make copies of any information or records, including but not limited to personnel records of the Employer, financial, bidding, and/or billing information, Customer information and/or information related to employees of the customer, and any other business records of the Employer, except for use on the premises of the Employer.

     

Sign In or Register to comment.