Chat with AI
Deck 14: Risk Management and Worker Protection
Full screen (f)
Question
Question
Question
Question
Question
Question
Question
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/7
Play
Full screen (f)
Deck 14: Risk Management and Worker Protection
1
Data Security
Policing the workplace used to mean reminding employees about personal phone calls and making sure that paper clips did not disappear. But with the computer revolution at work that began in the 1990s, checking on employee behavior at work became considerably more technical. The threats to data security, not to mention other threats for potential lawsuits (e.g., sexual harassment), are now more complex as well. New federal laws pertaining to financial and medical records have put increased pressure on companies to protect their data. But auditing user privacy cannot be done without input and buy-in from HR, notes a senior consultant with an IT security firm in Massachusetts.
Whether the concern is in appropriate Internet usage or transferring files outside the company, HR may be the first to learn of a problem. Although the possibility of outside attacks on the computer network is a real problem, the threat of internal security breaches is even greater. The growing insider problem and the sheer volume of electronic messages coming into and out of a company (a large company easily processes one million e-mails per day) present HR with a challenge on data security policy development, implementation, and enforcement.
HR may be asked to "identify personnel at risk" who might require more stringent watching, such as people who are sending out résumés. In many cases, people leaving organizations take advantage of the opportunity to take intellectual property with them. Security software identifying employee behaviors will always require HR involvement. Policy violations, banned sites, and stealing identity data are examples. Companies look very bad when sensitive customer or employee data are stolen or leaked to the public. Employees can easily resent the security measures and see the security as "Big Brother" watching. However, the growth of identity theft and spyware means that more employees have been personally affected by data security and are more likely to recognize the need for their employers' data security efforts.
At Spherion, HR publishes a "computer and telecom resources policy" that specifies appropriate usage and a code of conduct. Employees must read and sign the policy. The company also has an IT Risk Team with members from HR, accounting, internal auditing, and other departments.
There are, of course, attempts at a purely technical solution to the problem. But it is clear that HR must have a role in balancing employee privacy with company risk management. A simple act, such as a bank's loan officer burning credit information to a CD and selling the data to another bank, can undo all the technical protections. The human side-developing a policy, communicating it, helping people understand why it is needed, and applying it fairly-is the big piece for HR.
QUESTIONS
1. How would you communicate a data security policy that required software checking of employees' emails?
2. What elements should a data security policy for a bank include?
3. Employee data theft most frequently occurs with new employees or when an employee has given notice and is leaving. How would you deal with these two very different issues?
Policing the workplace used to mean reminding employees about personal phone calls and making sure that paper clips did not disappear. But with the computer revolution at work that began in the 1990s, checking on employee behavior at work became considerably more technical. The threats to data security, not to mention other threats for potential lawsuits (e.g., sexual harassment), are now more complex as well. New federal laws pertaining to financial and medical records have put increased pressure on companies to protect their data. But auditing user privacy cannot be done without input and buy-in from HR, notes a senior consultant with an IT security firm in Massachusetts.
Whether the concern is in appropriate Internet usage or transferring files outside the company, HR may be the first to learn of a problem. Although the possibility of outside attacks on the computer network is a real problem, the threat of internal security breaches is even greater. The growing insider problem and the sheer volume of electronic messages coming into and out of a company (a large company easily processes one million e-mails per day) present HR with a challenge on data security policy development, implementation, and enforcement.
HR may be asked to "identify personnel at risk" who might require more stringent watching, such as people who are sending out résumés. In many cases, people leaving organizations take advantage of the opportunity to take intellectual property with them. Security software identifying employee behaviors will always require HR involvement. Policy violations, banned sites, and stealing identity data are examples. Companies look very bad when sensitive customer or employee data are stolen or leaked to the public. Employees can easily resent the security measures and see the security as "Big Brother" watching. However, the growth of identity theft and spyware means that more employees have been personally affected by data security and are more likely to recognize the need for their employers' data security efforts.
At Spherion, HR publishes a "computer and telecom resources policy" that specifies appropriate usage and a code of conduct. Employees must read and sign the policy. The company also has an IT Risk Team with members from HR, accounting, internal auditing, and other departments.
There are, of course, attempts at a purely technical solution to the problem. But it is clear that HR must have a role in balancing employee privacy with company risk management. A simple act, such as a bank's loan officer burning credit information to a CD and selling the data to another bank, can undo all the technical protections. The human side-developing a policy, communicating it, helping people understand why it is needed, and applying it fairly-is the big piece for HR.
QUESTIONS
1. How would you communicate a data security policy that required software checking of employees' emails?
2. What elements should a data security policy for a bank include?
3. Employee data theft most frequently occurs with new employees or when an employee has given notice and is leaving. How would you deal with these two very different issues?
Data security has become an important function of the HR as the threat like stealing data, hacking databases, misuse of internet and other office facilities happens in an organization. Here the organization is going to implement software which checks the emails of the employees. Checking or auditing the emails of the employees can also irritate the employees and can affect their morale.
Hence the communication of such data security activities is very essential. A circular can be sent to all departments before implementing this data security measure. The department heads can be advised to provide some briefing to the employees about it and its importance. This can enable the employees to prepare themselves for the audit.
Hence the communication of such data security activities is very essential. A circular can be sent to all departments before implementing this data security measure. The department heads can be advised to provide some briefing to the employees about it and its importance. This can enable the employees to prepare themselves for the audit.
2
How does one go about controlling workers' compensation costs, and why is that important?
The compensation costs of the workers of an organization are considered as a major issue in almost all organizations. The main reason for this increase in the compensation cost is the medical and litigation expenses. So, the employers should be more careful while formulating the compensation plans primarily the health benefits.
The management can monitor the actual cause of taking leaves and accidents that can happen in the organizations. This can help an organization to get rid of the fraudulent activities associated with the compensation of workers. Monitoring the workers compensation expenses should also be done periodically.
The management can monitor the actual cause of taking leaves and accidents that can happen in the organizations. This can help an organization to get rid of the fraudulent activities associated with the compensation of workers. Monitoring the workers compensation expenses should also be done periodically.
3
Due to an increase in recent employee layoffs because of economic conditions and the increased risk of workplace violence, as well as an increase in domestic restraining orders that several employees have recently obtained against former spouses, company management has decided it is time to take a proactive position and develop a workplace violence action plan. There are many factors to consider, as your company has three locations and more than 500 employees. For information to assist you in identifying workplace violence categories and prevention strategies, visit the website at www.fbi.gov/publications/violence.pdf.
Which workplace violence categories are of most concern to your company?
Which workplace violence categories are of most concern to your company?
The work place violence category which is mostly seen in this organization is coworker violence and domestic violence. Some complaints are received from the new employees that they are being harassed by the old employees.
Diversity, ego, prestige issues etc are the major reasons. Forcing the usage of drugs during office hours, threatening the employees etc have become some major issues. Some domestic issues like harassment from the spouse, family issues etc are also privileging in the organization.
Diversity, ego, prestige issues etc are the major reasons. Forcing the usage of drugs during office hours, threatening the employees etc have become some major issues. Some domestic issues like harassment from the spouse, family issues etc are also privileging in the organization.
4
What should an employer do when facing an OSHA inspection?
Unlock Deck
Unlock for access to all 7 flashcards in this deck.
Unlock Deck
k this deck
5
Due to an increase in recent employee layoffs because of economic conditions and the increased risk of workplace violence, as well as an increase in domestic restraining orders that several employees have recently obtained against former spouses, company management has decided it is time to take a proactive position and develop a workplace violence action plan. There are many factors to consider, as your company has three locations and more than 500 employees. For information to assist you in identifying workplace violence categories and prevention strategies, visit the website at www.fbi.gov/publications/violence.pdf.
What steps and provisions do you need to include in your workplace violence action plan?
What steps and provisions do you need to include in your workplace violence action plan?
Unlock Deck
Unlock for access to all 7 flashcards in this deck.
Unlock Deck
k this deck
6
As the HR manager of a distribution and warehouse firm with 600 employees, you plan to discuss a company wellness program at an executive staff meeting next week. The topics to cover include what a wellness program is, how it can benefit the company and employees, and the process for establishing it. To aid in developing your presentation to the executives, consult the website www.welcoa.org and other applicable websites you can locate.
Unlock Deck
Unlock for access to all 7 flashcards in this deck.
Unlock Deck
k this deck
7
What should be included in disaster planning for a big employer in New York City that is concerned about terrorism attacks that might shut down the company and part of the city?
Unlock Deck
Unlock for access to all 7 flashcards in this deck.
Unlock Deck
k this deck
Unlock Deck
Unlock for access to all 7 flashcards in this deck.
