The cyber security initiative just launched by the CIPD in the UK is a timely reminder that HR has a particularly tricky security challenge. On one hand, you have a legal responsibility to make sure that confidential employee information is kept safe. On the other, your business would certainly grind to a halt if you don’t make it available to those who need it.
When it comes to managing HR data, keeping control over who can see what can seem daunting, especially if you have employees working overseas — where you also need to take into consideration EU and local data protection requirements.
Here’s how Cezanne HR can help….
Behind the scenes, Cezanne HR controls access to data using roles. Every person in the system has a role, and every role has permissions which determine what they can see or do in the system. Roles also define the span of control: a line manager, for example, will be able to see the records of the employees that report to them, whereas an employee only ever sees their own information.
Not only does this give you control over who can access what information, but it makes setting up security in your Cezanne HR system significantly easier. You won’t need to configure a new role for every individual employee, but simply allocate them to the role that’s appropriate for their position – and know that the system not only takes care of what information they can see, but the reporting relationships that drive your approval and reporting processes.
But that doesn’t mean you are stuck with a handful of standard roles: Cezanne HR lets you create new roles and configure them to fit your specific business requirements.
For example, with Cezanne HR you’ll be able to:
- Cope with local differences
Whether your workforce is international, or just in the US, chances are you won’t want everyone in your HR team to have the same abilities to view or change the data. In Cezanne HR, you can set up restricted HR roles, each with their own permissions based on location, company, or division.
That means you could give a regional HR manager control over employee records for just their country, or division, or ask a junior HR administrator to update employee contact information, but block them from seeing any sensitive information, such as salaries or performance reviews.
- Be an HR super hero!
As an HR pro, you know there’s always a lot to do. If it’s tricky for just one person to manage all of the tasks and notifications that come their way, roles can be a big help in spreading the load. Just set up an HR team role in Cezanne HR and relate it to a shared HR mailbox. That way you can ensure that important HR processes don’t stall just because one person is away, or busy on another task.
- Support functional specialists
Another strength of roles in Cezanne HR is that you can set them to provide access to a narrow band of information. The most common use among our customers is to allow their payroll provider to run their own data extract of just the relevant payroll information, and then upload final payslips to the employee records.
However, the value goes much wider than that. We have customers who have defined roles for their training and development staff, their benefits providers, their facilities managers and even for their chefs – so they can check the dietary requirements of the employees they cater for.
- Provide alternative approval routes
For most companies, the HR team or line manager is the usual approver for events such absence requests or sickness notification. However, sometimes you may want to let a team leader approve a request for time off. In this situation, you can provide a modified employee self-service role that allows them to approve a holiday request, but not see any of the sensitive information.
In every case, Cezanne HR provides access to just the information that’s relevant to that role. It’s an enormously powerful, yet flexible approach.
Roles-based security is just one of the ways that Cezanne HR works to keep your data safe. Read more here.