The IRS calls payroll security a “critical concern” and has once again provided advice to payroll professionals on how to secure data, avoid identity attacks, create a security plan and report breaches and thefts when they happen.
A company’s payroll department holds a wealth of information, which could yield a rich payday for cybercriminals, if compromised. Social Security numbers, banking account numbers, details on family members and dependents and all sorts of other personally identifiable information could be at risk. It’s all a thief needs to file a fake tax return and get away with someone else’s tax refund – and that’s just one of the schemes making the rounds.
That’s why the IRS Security Summit, in its report to Congress this past summer said it aims to integrate the payroll community into its war on identity theft by adding a payroll subgroup to its advisory panel. The Security Summitis a collaborative effort led by experts in both the public and private sectors.
For all the concern about electronic data and cybercrime, don’t forget to take steps to secure physical records.
Talk to employees who handle documents (e.g. copies of Social Security cards, driver’s licenses) about the importance of not leaving these unguarded.
And, if your company has been around long enough, there may be some old file boxes filled with personnel files. It’s a good idea to either secure them, or safely destroy those old physical records.
• Physical record destruction advice from the Society for Human Resource Management
• Simple steps to protect client data
• Creating a cyber theft recovery plan
• Signs you are a cyberthief’s victim
• Steps to avoid being phished