4 Questions You Should Ask about Data Security
4 Questions You Should Ask about Data Security

4 Questions You Should Ask about Data Security

When considering an HR or payroll provider, security is paramount. To handle your HR functions and to process your company’s payroll, the provider has all of your employees’ most confidential and crucial data. You should be asking, “What do they do to protect it?” Here are four key questions you should ask any potential providers about security.

1. Do you have an outside review of your systems such as a SOC 1 or SOC 2? If so, how often and when was the most recent?

Service organizations that affect the financial statements of their clients are often asked to provide a SOC 1 or SOC 2 audit report. These voluntary audits are performed by outside firms and assess the security of the service provider. Examples of companies that typically have SOC 1 or SOC audits include payroll processors, data centers, medical claims processors and Software as a Service (SaaS) companies. For example, Paycor does a SOC 1 audit annually.

2. What are you doing to protect your systems against attacks from the outside or inside the company?

Attacks from the outside can compromise your sensitive data. The provider should conform to best practices to protect their infrastructure and your data. Some defense measures include:

* Layered network security
* Network traffic encryption according to industry standards
* Network traffic monitoring to identify suspicious-looking activity
* Auditing and notification capabilities
* Regular third-party penetration tests and security assessments

To prevent attacks from the inside, or from the service organization’s employees, ask them if they have confidentiality policies and regular mandatory training for all employees about how to keep client data secure.

3. What are you doing to protect against fraudulent activity?

Many of the defense measures listed above also come into play when it comes to protecting against fraudulent activity. However, best-in-class service providers may also implement the following in order to detect and prevent fraud:

* Internal auditing and quality assurance practices
* Secure document shredding services
* Independent reviews and audits
* Employee reference checking
* Clear policies and standards for employees

4. What is my role as a client or user, and what are my responsibilities when using your product?

Clients and providers must work together to protect sensitive employee data. It doesn’t matter how many controls the provider has in place if the client leaves passwords where anyone could find them, or does not have processes to catch errors or fraudulent activity on the part of their employees. Many data security mishaps can be avoided if clear expectations are set from the beginning.


Want to learn more about keeping your data secure? Connect with a Paycor representative to discuss how we protect your most sensitive information.

More to Discover

Payroll for Restaurants

Payroll for Restaurants

When you’re a small business owner running a full-service restaurant, you can’t afford to make financial missteps. It’s especially important for small businesses to keep an eye on their labor costs. As all restaurant owners well know, restaurant industry payroll is highly complex making it more prone to errors. Not only do you have to figure out wages for your tipped employees, but you also have the added complication of figuring out shortfalls and calculating your FICA tip credit. That’s a lot of computing—and a lot to potentially mess up. State Minimum Wage Laws States’ minimum wage requirements vary, but federal law dictates that if you operate in a state that uses the Federal Labor Standards Act (FLSA) federal minimum wage, your...

Industry Spotlight - Restaurants: FLSA Compliance

Industry Spotlight - Restaurants: FLSA Compliance

The headlines recently reflect many of the concerns over how restaurants pay its employees. The federal wage and hour law addresses non-exempt, tipped, and exempt employees. This webinar will sort through those definitions and clarify a restaurateur’s compensation plan options. Join Julie Pugh, a partner with the law firm of Graydon in Cincinnati, Ohio, as she discuss what has changed, what hasn’t, and some of the biggest mistakes that can be made when paying restaurant employees. Speaker: Julie Pugh Julie’s practice at Graydon Law focuses on client counseling, employment litigation, and dispute resolution. She routinely represents clients before the EEOC, OCRC, DOL, and federal and state judges. She also worked as a human resource...

Case Study: Diaz Foods

Case Study: Diaz Foods

After receiving tax notices and little support from their HR & payroll provider, Diaz Foods made the switch to Paycor and couldn’t be happier. Not only is the HR department more efficient, but employees have more access and visibility to benefits and HR data than ever before. Discover how Paycor provided the right technology and reliable service Diaz Foods needed to create a better experience for their people.

1099 Overview

1099 Overview

Join us as Paycor's compliance experts do an overview on 1099 employees. Speakers: Arlene Baker and James Schwantes Arlene is a Sr Compliance Analyst with over 40 years of payroll and tax experience. Arlene is a member of the National Payroll Reporting Consortium focusing on IRS compliance. Arlene has been a member of the national and local APA for 25 years and is an active member of the American Payroll Association Hotline and SPLTF Hospitality Industry Subcommittee. She was the recipient of the 2003 Ohio Payroll Professional of the Year award. James is a Compliance Analyst with a legal and tax background. Prior to working at Paycor in the Tax and Compliance departments, he served as an attorney in Cincinnati focusing on antitrust,...