© 2003 SHRM

SHRM Weekly Online Poll: March 9, 2004

QOTW - Identity Theft

• Analyzing 340 responses of 1656 emails sent, 1628 received (response rate = 20.9%).

• Fielded March 9-16, 2004; presentation generated on March 16, 2004.

• Margin of error = +/- 5.4%

© 2003 SHRM

SHRM Weekly Online Poll: March 9, 2004

What measures is your organization taking to protect employee information and guard employees against identity theft? (Please select all that apply)

7.4%

1.8%

20.6%

23.5%

48.8%

54.4%

94.7%

Other

Outside firm

Company policy ifcompromised

Educatingemployees

Background checks

Written privacy policy

Locking employeefiles

© 2003 SHRM

SHRM Weekly Online Poll: March 9, 2004

What measures is your organization taking to protect employee information and guard employees against identity theft? (Please select all that apply)

Choice Count Percent of

Sample

Background checks on employees who will have access to employee files

166 48.8%

Company policy on what to do in the event employee information is compromised

70 20.6%

Contracting with an outside firm that will help employees who are victims of identity theft

6 1.8%

Educating employees on fraud prevention 80 23.5%

Locking up employee files and limiting access to them

322 94.7%

Written privacy policy safeguarding employee data

185 54.4%

Other 25 7.4%

© 2003 SHRM

SHRM Weekly Online Poll: March 9, 2004

• Internal Controls• Background checks on all new hires• Taking SSN off of all forms other then where it is absolutely required for

hiring purposes. We found that we often include it when it is not required.• Our industry requires background checks on everyone to be employed.• Photo identification upon hire• None of the above• Changes to reduce use of SSN ex. computer log in, time sheets, etc.• Limiting access to employee files by type (HR, Health, Comp, Benefits, etc.)• Changed from use of soc sec number as employee ID.• Nothing that I know of!• Not transmitting confidential info (SSN) through email to benefit vendors.• No longer have SS# on payroll check• We don't use employee social security numbers• HIPAA signature forms before HR researches employee benefits information• Not sure what we have in place other than limited access to employee data• Remove SS# & Address from paycheck• Background checks for certain positions

What measures is your organization taking to protect employee information and guard employees against identity theft? Other - specify

© 2003 SHRM

SHRM Weekly Online Poll: March 9, 2004

• Data Privacy Program• Changing ID numbers for health, etc. so they don't show social security

numbers• Background checks on ALL employees• Access to employee files limited to employee, manager, functional VP and

select HR staff• Removing SS# from payroll reports, timecard and Leave Slips• Making access to computer passwords more difficult and changing

passwords more often• HR employees sign confidentiality statement• Deleted SSN from check stubs

What measures is your organization taking to protect employee information and guard employees against identity theft? Other – specify, cont’d.