itb-au logo
Story image

Digital optimisation makes HR processes easier - Hyland

30 Oct 2019

Article by Hyland Australia and New Zealand country manager Jamie Atherton and Hyland Asia-Pacific director Eugene Chng

There are no two ways about it - HR departments generate mountains of data and documents.

While most are digitised these days, nearly half of all HR professionals report that they still rely on paper for at least some of their essential processes.

What’s more, a lot of this content creation and collating is still done manually, which is relatively inefficient and leaves it open to human error.

While many aspects of an HR professional’s work life are positive – interaction with employees, staff morale initiatives, training and team-building initiatives – few people, if any, really enjoy filling out and filing paperwork.

That said, tasked with managing and protecting personnel records, HR has the huge responsibility of ensuring sensitive information remains secure at all times.

Although we tend to think of data breaches as the work of malicious hackers, carelessness and mishandling of these documents are just as likely to be the culprit.

Although most HR professionals say that technology helps them do their jobs, 47% still depend on paper for key tasks such as compensation processing.

Manual and paper-based processes in HR are not only inefficient, but they also pose a risk to security and compliance.

HR departments in Australia are responsible letters of induction, leave requests, onboarding staff, direct deposits, policy updates, performance reviews…the list goes on.

Any and all of these areas pose at least some level of risk to employee data, and as such, they pose a security and compliance risk to the organisation.

Tired hands and minds can easily misfile a document, documents and files might even be given the wrong security access level.

How can these risks be mitigated?

Firstly, it is vitally important to know who is accessing personnel files and why.

One of the biggest concerns about paper files is that there is no record of who is accessing the documents and what they’re doing with them.

Even if documents are locked in a filing cabinet, there is simply no guarantee that they remain secure.

If someone accidentally leaves the cabinet open, those files become exposed to theft, tampering and illicit copying, potentially exposing the operation to the threat of legal action.

There is more at stake than the unsafe handling of one individual’s personal details, the whole organisation may be placed at risk.

Content management and digitisation have become essential tools for HR professionals, for these very reasons.

Digitising documents saves paper, tightens security and cuts down on the possibility of human error.

Further to this, intelligent capture takes much of the legwork out of physically digitising those documents, essentially making them ‘live files’ which are able to be tagged and searched as part of an enterprise data pool.

With paper-based records, there is no way to enforce role-based access by users.

In other words, to ensure that a manager only has access to files for the employees who work directly for him or her.

To minimise risk, access to data should be based on the principle of least privilege, which means users should only have the minimum access required to do their jobs.

Digitising these files allows for logical access control solutions to be employed.

This works in the same way as a physical access control solution, only allowing access to users who present the right credentials at the ‘front door’.

This may be in the form of a password, biometric scan, proximity card, mobile phone app, or even Facial Recognition (FR).

Passwords are the least secure method, as they tend to be written down, forgotten, and passed around between employees on demand.

The right content services platform provides visibility into the full history of every user who accesses an employee file, so administrators can see who viewed the document, whether they made edits or amendments, as well as the date and time they accessed it.

Another question to ask is, does the HR department keep records long after they are required?

In the complex world of human resources regulations, how long an organisation hangs onto documents really matters.

GDPR regulations and Australia’s Digital Privacy Act, for example, clearly spell out the employee’s right to be forgotten, which means that the company needs to have procedures and processes in place for deleting data.

Audits that uncover non-compliance with these rules can come with hefty fines—especially if they are charged per document.

Remember too, that GDPR regulations are not limited to the physical countries in the EU - any organisation collecting, processing, or using the data of EU residents is affected.

Content services solutions can be set to automatically ‘end-of-life’ on a document when it has been held for a set period, which reduces the risk of it being overlooked – significantly reducing the organisational risk involved in holding key personnel information.

Additionally, a robust content services platform provides encryption when data is at rest (not actively being used), in transit (moving between servers within the database), and in use (being accessed by authorised users).

Documents entered into the system are automatically identified and assigned a record type with appropriate time or event-based retention policies, which ensures documents are purged when required, minimising compliance risk and removing the burden of records management from HR staff.

Content services platforms can help an HR department move away from paper files while ensuring the compliance and security of information and processes.

As well as mitigating risky practices, it also allows the organisation to speed up processes and focus on the really important stuff – in this case, the company’s most important asset - its people.

Story image
Webinar: TLC for Kids on their usage of Nintex Drawloop DocGen
The charity is using the software to free up resources and enable its team to focus on its mission — which, simply put, is to put smiles back on sick kids’ faces. It does this through its TLC Ambulance, Rapid TLC, and distraction box programs, and its services are used over a million times each year across Australia.More
Story image
Splunk signs agreement to acquire NPM company Flowmill
Splunk has signed a definitive agreement to acquire the Palo-Alto based cloud network observability company, with expertise in network performance monitoring (NPM). More
Story image
GitHub shares 'greatest hits' open source repositories with historic libraries
Barely 12 months after launching an initiative to preserve open source software for future generations, GitHub is now sharing these collections with major libraries around the world.More
Story image
Visual development tools present real opportunity for A/NZ businesses
"It's only natural for enterprises in our region to gravitate towards the dramatic benefits of using visual development tools for building cloud-native applications."More
Story image
Is the 'fast follower' mentality holding back anti-money laundering in Australia?
The decade-old rules-based systems cannot keep up with sophisticated cyberattacks and money laundering threats on their own, writes FICO financial crimes leader for APAC Timothy Choon.More
Story image
AppsFlyer opens Sydney office, expands into A/NZ region
AppsFlyer has opened an office in Sydney, it’s 19th office worldwide and its first in Australia and New Zealand (A/NZ), marking the company’s expansion into the region.More