Many companies know they should ask the question, “what’s our historical archiving strategy?”. However, too often it ends there being added to a long list of “to-do’s” which never get done. The move to cloud providers and constant shuffle in HR and Payroll software has resulted in more and more orphaned systems, data and documents. At the same time global governments are passing more data sovereignty and retention laws. Data breaches and identity theft are on the exponential rise. Many HR and Payroll departments are now feeling the pain associated with all these forces coming together. There are many advantages to putting the archiving strategy in front of new and old system conversions:
- US Federal legal record keeping requirements dictate keeping HR + Payroll data and documents for anywhere from 1 year for basic documents and data to up to 30 years (for OSHA specific data). With multiple systems, countries and retention policies long term data management becomes even more complex. See the white paper below for the detailed list of links to compliance rules.
- Security: Legacy system security protocols are outdated. In addition, organizations too often consider Excel, Access, and “flat files” as potential options for archiving data which is highly insecure and not suitable for sensitive PII in HR and Payroll data. Google “hack [xls, pdf, mdb] password” to discover how many tools are readily available to access these files even when secured with password protection. Many legacy systems are not up to par with security protocols like TSL (versus SSL) and comprehensive usage of encryption over HTTPS or at-rest encryption options.
- Compliance & Security: Compliance laws protecting data privacy rights are rapidly expanding not just at the global and national level, but even now at the state level in the Unites States creating a multi-level compliance web of policies to navigate. In addition to EU GDPR impacts, the State of New York DFS is the first to pass local laws regarding cyber security and data handling.
- Harmonization, Consolidation: Archiving offers opportunities to harmonize and consolidate multiple, even global legacy data and applications; it’s like “zipping up” or compressing your landscape and data for historical reporting purposes.
- Don’t wait until HR and Payroll resource bandwidth is tied up in implementations, year-end activities, etc. to handle data validation efforts. Most ASP, SaaS, and hosting contracts only allow 60-90 days maximum for data reclamation before systems are taken down and data access lost.
- Alternatives; Build in-house, do-nothing (keep paying full ASP, SaaS, hosting licenses and support/maintenance)…companies who choose to do nothing often end up paying full license and support costs which can be $100,000-500,000 annually. Building in-house most often results in a loss of functionality in data access, security, and reporting options. Building in-house simply adds another system to your internally managed landscape where it could be offloaded to the cloud.
Cloud options offer a way to proactively retire data and systems slowly over time according to retention policies so Compliance, IT and HR all get what they need:
- all data and document history in a single system for quick reference for HR and Payroll without IT support dependency
- no new IT landscape additions or support to manage out systems and data
- centralize & reduce the risk exposure to growing cybersecurity and data privacy/ retention Compliance regulations globally.
Think of it as a slow moving shredder for digital enterprise data, documents and applications.
Define your strategy… download the full whitepaper from SHRM