Home
Protect Your Employee Data
Posted: December 1, 2009
Follow These Simple Security Tips
The Federal Trade Commission estimates that as many as 9 million Americans have their identities stolen each year. Using unsecure media, such as e-mail, flash or “thumb” drives, diskettes and compact disks (CDs) to send or store sensitive information puts your employees at risk of identity theft.
To reduce the risk of losing valuable member records, VRS will no longer accept unencrypted disks that contain sensitive information. Employers must use the VRS WebER application. WebER allows for a secure electronic transfer of payroll files. If you are using disk submissions, VRS will contact you shortly to provide you with more information on WebER. Coming in 2011, VRS’ Modernization Program will provide even more ways to communicate sensitive information securely.
Here are additional tips for keeping VRS customer data secure:
- Never use e-mail to send sensitive information regarding individual employees to VRS. For assistance, call VRS toll free at 1-888-VARETIR (1-888-827-3847) to speak with an Employer Advisor (select menu option 3) or contact your Employer Representative. VRS will send only non-confidential replies.
- Encrypt files containing sensitive employee information before e-mailing them to VRS.
- Never copy sensitive information to storage media or devices such as flash or “thumb” drives, diskettes or CDs.
- Use an industry-accepted standard for the encryption algorithm such as AES. Many encryption packages will support this algorithm, such as WinZip, MS Office 2007 or PGP software. Earlier versions of MS Office have a weak encryption algorithm that is easy to break. Your local IT support representative should be able to assist you with your encryption options.
What is Sensitive Information?
Sensitive information is any data, such as a Social Security number, driver’s license number, medical information, financial information or retirement account information, where the release or loss of such information could adversely affect an agency, its programs or individuals.
