HR Analytics Security: Navigating Risks and Protecting Sensitive Data in HR Analytics

HR analytics, also known as people analytics, involves the collection and application of talent data to enhance crucial talent and business outcomes. Leaders in HR analytics enable HR teams to generate data-driven insights that inform talent decisions, enhance workforce processes, and foster a positive employee experience. In recent times, there has been a growing trend among companies to increasingly adopt people analytics in areas such as recruitment and selection, performance management, and training and development.

While the benefits are significant, there is a notable risk that has the potential to disproportionately outweigh these benefits, such as increasing employee concerns and exacerbating trust issues.

The Risks of HR Analytics

HR data analytics involves some of the employee’s most personal information alongside sensitive HR information. Managing and restricting access to this data, on a need-to-know basis, is a key pillar for ensuring employees trust in the HR analytics and the HR process.

Privacy requirements are addressed within the framework of privacy regulations such as GDPR, PDPA, and others. However, additional requirements such as data sovereignty, data secrecy, healthcare regulations, and more necessitate that organizations take a comprehensive approach to protect HR analytics data. This involves considering the regulatory frameworks in conjunction with real-life business processes and associated risks to ensure robust data protection measures are in place.

According to Verizon’s 2021 Data Breach Investigations Report, 85 percent of all data breaches involve the human element. Internal risks, such as employee misconduct and credential abuse, can have a significant negative impact on the company’s brand image, value, and employee relationships.

Simultaneously, an increasing number of organizations are leveraging rapidly advancing AI and ML services to automate and enhance HR analytics, thereby amplifying the risks associated with processing sensitive information and the sensitive information generated through such processing. Additionally, the utilization of unproven data security and data privacy software further compounds these risks.

In conjunction with hybrid or work-from-home employment models, which result in 16% of employees choosing to work in public spaces such as coffee shops, and considering that 17 percent of all sensitive files are accessible to every employee (Varonis, Cybersecurity statistics), organizations must prioritize safeguarding sensitive data when HR employees access and process it remotely.

The Way Forward: Secured HR Analytics

Entitlement, Access Control & De-Identification

Unauthorized access to data is a common privacy breach. Companies can prevent this by implementing an integrated Data Access Entitlement Model, encapsulating both Attribute Access Control (ABAC) and Role Based Access Control (RBAC) to enable real-life data access scenarios, without compromising business operations and data security.

The capability to precisely define the access rights of a particular “role” extends beyond application functionality and encompasses the restriction of access to sensitive data itself. Determining which individuals are assigned specific roles and have access to such data is crucial for securing sensitive information in HR analytics processes. For instance, a talent manager may possess a role that grants access to appraisal data, talent data, and succession data of employees throughout the entire company, while being restricted from accessing salary data, home address data, or personal phone numbers.

Another key pillar of HR analytics is ensuring data is also protected from IT staff, managing the infrastructure for the HR business unit. The IT organization may employ third-party contractors to support the operations, resulting in further risk to the organization. IT staff has direct access to the datastore where HR analytics data is stored and to the processing applications and services, which means that data needs to be protected from IT admins with additional layer of security, namely de-identification of data, both at-rest and in-use.

De-identification is a broad term, encompassing an extensive set of methods to protect data, including Dynamic Data Masking (DDM), Physical Masking, Encryption, Tokenization, Pseudonymization, Anonymization, and more. Enforcing de-identification on data at-rest ensures that access to the data is restricted for everyone, while allowing only selective users with a valid purpose to gain access to the data. This ensures that DBAs, administrators, cloud providers, and other third-party contractors cannot access sensitive data, even at the infrastructure layer.

De-identification becomes increasingly crucial (and complex) for multinational organizations that seek to utilize cloud data platforms as centralized HR analytics platforms across their operations. Global operations encompass not only GDPR and other privacy regulations but also considerations of data sovereignty. In such cases, the concept of de-identification is further strengthened by the necessity of implementing Segregation of Duties and Key Segregation, two vital elements at the heart of data sharing and global data operations.