Reducing Privacy & Security Risks for Personal Employee Information

["Kain, Jennifer" <jennifer.kain () UBC CA>]

Good afternoon,

Given the ever increasing frequency of privacy breaches and their associated impacts (such as significant fines and 
reputational damage), we are on a path of continuous improvement at the University of British Columbia to reduce 
privacy and security risks, particularly over personal employee information (that is subject to Privacy Laws) which can 
be valuable to those who wish to commit identity fraud.  We don't want to reinvent the wheel and therefore we are very 
interested in what other universities are doing in the following areas:


1.       What tools do you use to communicate employee personal information in a secure manner, e.g. fully encrypted 
email solutions, encrypted file attachments, file sharing tools such as Sharepoint, etc.


2.       What HR / Payroll systems do you use and do these solutions provide a fully electronic version of employee 
files that remove the need to keep paper based employee files?



3.       How successful have you been in eliminating (duplicate) paper employee files in departments?


We appreciate any input that you are willing to share.

Cheers,
Jen

Jennifer Kain MSc, CRMA, CISA, CGEIT, CRISC, PIIA, QICA
Director, Personal Information Governance & Security | UBC Risk Management Services
The University of British Columbia | Ste. 50 - 2075 Wesbrook Mall
Phone 604 827 1535 | Cell 778 938 1151
Jennifer.kain () ubc ca<mailto:Jennifer.kain () ubc ca>
www.riskmanagement.ubc.ca<http://www.riskmanagement.ubc.ca/>