4 Questions You Should Ask about Data Security
4 Questions You Should Ask about Data Security

4 Questions You Should Ask about Data Security

When considering an HR or payroll provider, security is paramount. To handle your HR functions and to process your company’s payroll, the provider has all of your employees’ most confidential and crucial data. You should be asking, “What do they do to protect it?” Here are four key questions you should ask any potential providers about security.

1. Do you have an outside review of your systems such as a SOC 1 or SOC 2? If so, how often and when was the most recent?

Service organizations that affect the financial statements of their clients are often asked to provide a SOC 1 or SOC 2 audit report. These voluntary audits are performed by outside firms and assess the security of the service provider. Examples of companies that typically have SOC 1 or SOC audits include payroll processors, data centers, medical claims processors and Software as a Service (SaaS) companies. For example, Paycor does a SOC 1 audit annually.

2. What are you doing to protect your systems against attacks from the outside or inside the company?

Attacks from the outside can compromise your sensitive data. The provider should conform to best practices to protect their infrastructure and your data. Some defense measures include:

* Layered network security
* Network traffic encryption according to industry standards
* Network traffic monitoring to identify suspicious-looking activity
* Auditing and notification capabilities
* Regular third-party penetration tests and security assessments

To prevent attacks from the inside, or from the service organization’s employees, ask them if they have confidentiality policies and regular mandatory training for all employees about how to keep client data secure.

3. What are you doing to protect against fraudulent activity?

Many of the defense measures listed above also come into play when it comes to protecting against fraudulent activity. However, best-in-class service providers may also implement the following in order to detect and prevent fraud:

* Internal auditing and quality assurance practices
* Secure document shredding services
* Independent reviews and audits
* Employee reference checking
* Clear policies and standards for employees

4. What is my role as a client or user, and what are my responsibilities when using your product?

Clients and providers must work together to protect sensitive employee data. It doesn’t matter how many controls the provider has in place if the client leaves passwords where anyone could find them, or does not have processes to catch errors or fraudulent activity on the part of their employees. Many data security mishaps can be avoided if clear expectations are set from the beginning.


Want to learn more about keeping your data secure? Connect with a Paycor representative to discuss how we protect your most sensitive information.

More to Discover

Case Study: Rochester University

Case Study: Rochester University

Michigan based Rochester University relied on their own payroll processing for nearly 60 years. But when their payroll administrator decided to retire, they turned to Paycor to help them save time and resources. “In the three years we’ve been a Paycor customer, I’ve never had a problem reaching my dedicated support team. I always get a call back and most of the time it’s on the same day. If I have an emergency, I know I can trust Paycor.” – Ginny May, Director of HR With Paycor, Rochester University has significantly transformed how they manage HR and process payroll with Paycor Time, Paycor’s Mobile App and ACA filing. By eliminating manual work, their staff has more time to focus on strategic initiatives like finding the right faculty...

4 Common Payroll Mistakes and How to Fix Them

4 Common Payroll Mistakes and How to Fix Them

Overtime Pay, Pay Equity, Workers’ Comp, Payroll Taxes Topics Covered Missclassifying Employees Pay Equity Workers' Comp Payroll Taxes Dump Your Payroll Provider Payroll Compliance: More Complex Than You Think From FLSA, EPA, Workers Comp and more, there are lots of federal laws to keep track of, and state and local taxes only add complexity. That’s why HR and business leaders need to have processes in place to consistently apply pay policies, accurately calculate overtime and streamline leave policies. If you don’t and your company is audited or sued, you won’t have the proper controls in place to quickly provide accurate records and audit trails. Here are four common Payroll mistakes you might be making: Misclassifying Freelancers and...

Webinar: How Paycor Can Take Blackbaud's Payroll 7 Clients To The Next Level - 12/11/2019 @2pm ET

Webinar: How Paycor Can Take Blackbaud's Payroll 7 Clients To The Next Level - 12/11/2019 @2pm ET

Blackbaud’s Payroll clients have been asking for a more robust payroll offering and we’re excited to announce a new partnership between Blackbaud and Paycor.An industry-leading HR and payroll provider with nearly 30 years of experience serving small to medium-sized businesses, Paycor will not only deliver more robust payroll functionality, but also a suite of products and services to help Blackbaud clients better serve their mission.Join us on December 11th as Paycor Senior Vice President, Rick Chouteau, and Blackbaud Partner Development Leader, Craig Suppin, showcase why Paycor can be chosen to replace the Payroll 7 module, helping your organization improve operational efficiencies while reducing risk.In this webinar, we’ll share: • A...

DOL Final Overtime Rules: Quickstart Guide for Employers

DOL Final Overtime Rules: Quickstart Guide for Employers

On September 24, 2019, the Department of Labor issued its final overtime rule to increase the minimum salary threshold for executive, administrative and professional exemptions from $455 per week ($23,660 annually) to $684 per week ($35,568 annually). The new rule goes into effect January 1, 2020.As your organization considers how to prepare and comply, we’ve created this guide which outlines the new ruling, provides tips to manage impacted employees and offers a checklist of key details to follow to mitigate risk. Click below to instantly download the guide.