The System of HR Data Protection in Oasis Hospital: Literature Review
Introduction
The generation of data personnel records is a practice that has run for several decades as both private and public sectors use it for the planning of their staff remuneration schedules, workforce planning and in the monitoring of staff performance (Millar, 2009). Sound and effective human resource management is considered integral in the process of enhancing an organization’s performance with assurances of increased sustainability based on appropriate management of personnel data (Millar, 2009). Properly managed and protected HR records also help enhance management accountability in addition to forming the basis for accurate audits. The protection of human resource records in both electronic and written documents is an issue that should be highly upheld at all times as per the document protection guidelines such that they remain a secret of companies to which the employees are affiliated (Millar, 2009). The human resource information systems have been touted as a great development in the organizational performance based on the available stored employee data though focus has been placed on their ability to violate the employees’ rights to personal data privacy (Lukaszewski, et al., 2016). This literature review reviews the works of different scholars on the system of HR data protection. By discussing different concepts in data management and protection, the researcher identifies the different perspectives taken by different researchers in developing frameworks for human resource data protection. The paper also identifies key legal frameworks and issues of big data in data protection and discusses trending issues in data management.
Data Protection and Retention
HR data protection and retention requires policies to guide the process of handling personal data in various human resource departments. As per the Data Protection Act of 2008, personal data requires handling requires fair and lawful handling to help ensure it is correctly used for the outlined organizational purpose (York St. John University, 2014). Such data management provisions help ensure that human resource departments of various companies stay professionally committed to the protection and management of applicant and employee data within the outlined guidelines to help ensure high degrees of confidentiality.
As per the York University’s data retention policy, personnel data ought to always be lawfully obtained and as per the legal requirements and desires by employees to access such data need to be processed within the provisions of the law regarding data access. Employees access their personal data withheld by an organization via the “making subject access” clause of the 1998 Data Protection Act through which they can access this data though there exist some exemptions for with regard to their stored data access rights. The access to stored data by employees or other legal mandated organs goes through a formal process due to the high sensitivity state of stored personal information by organizations (York St. John University, 2014). In the healthcare sector, health and safety legislations allow for the storage of medical data for a period of up to forty years from the date of last entry, which is a relatively long data retention period (York St. John University, 2014). It is proposed that for safety in data handling, it is important that HR departments create safe data storage facilities such as lockable cabinets to help ensure that personnel data is safely guarded and retained for long periods of time for the sake of meeting various legal requirements with regard to data management and retention.
Further, data retention and protection in various institutions requires the formulation of modern effective data management systems that can guarantee safety and security of personnel data. Reynolds and Small (2015) proposed the use of the Opus system to help in managing institutional data with much consistency and adherence to set needs and regulations. Modern data management and storage systems are required to be very consistent with the set laws and expectations and the reliability of their stored data, security and access need not be compromised. In learning institutions that deal with multiple data from different faculties and student departments, Reynolds and Small (2015) observe that effective handling of such data is rigorous and the Opus system can be best suited in sorting such complex data with guaranteed reliability, consistency, and security.
As per the Data Management Act of 2008, Reynolds and Small (2015) argue that personnel data ought to be of critical focus and its management has to be carefully executed to help ensure that no privacy and confidentiality rules are contravened. However, the researchers observe that fairness; transparency and data ownership concepts are not clearly outlined in various regulations and may at times pose various challenges to implementing various stakeholder shared visions. The complexity of various data handling processes in large organizations like learning institutions requires high level programs such as the Opus program through which multiple data sources can be amalgamated to help provide consistent and highly secure personnel data (Reynolds & Small, 2015).
Therefore, data handling, protection and retention are very important in ensuring strong and sustainable human resource departments. Various legislations target the protection of the privacy and confidentiality of personnel data and this is very important in raising employee confidence with regard to the security of their confidential personal information. To avoid conflicts with the law and enhance employee confidence with the set human resource regulations human resource departments and personnel should be provided with the appropriate programs and equipment to help them appropriately store and manage organizational data.
Personnel Data Security in the Digital Age
The advent of computers in the past century brought about a massive revolution in the modalities of organizational operations across various industries. The computers and internet use grew in popularity and have literally controlled all organizational systems including the processes of personnel data handling and management (LeClair, Sylvertooth, & Tu, 2015). LeClair, et al. (2015) note that the ever in increasing complex internet interconnectedness has posed a special challenge to the operations governments and other businesses, endangering most of their operations through ineffective cyber security measures especially in developing countries. Massive digitalization of data in the modern world has brought about a great revolution in the manner in which organizations and governments conduct their businesses and operations. However, the main challenge in handling organizational data in computerized systems has met the challenge of security breaches that have ended up exposing confidential data to the public and through cybercrimes (LeClair, et al., 2015).
LeClair, et al. (2015) argue that cyber security is a factor that affects every day operations of various companies and organizations and as a result, recommend that high level security measures be implemented to help reduce instances of cyber security breaches common in the world today. LeClair, et al. (2015) opine that cyber security can be categorized into three paradigms, with the first one being the national security paradigm. Governments need to consolidate efforts to secure their borders through the national security paradigm in a manner previously unforeseen to help organizations confidently use their digitally stored data without the fear of hacking through cybercrimes. Government militaries should develop cyber security measures to help ensure that the cyberspace of various countries is secure from cybercrime attacks.
Through the economic paradigm, it is noted that the internet is the heartbeat of all modern business transactions around the world and to help enhance the internet resourcefulness, it is important that governments provide regulations for internet service providers to eliminate malware infected computers from their systems. LeClair, et al. (2015) propose that companies should be advised to timely report cases of security breaches of their systems and data intrusions by hackers to the right authorities to enable swift action. In the global economy, it is proposed that malware be checked through licensed internet providers to help ensure they meet the safety standards that can guarantee security and confidentiality of personnel data.
Van den Heuvel and Bondarouk (2016) explain that human resource systems have been consistently evolving for several decades now with the advent of computerized technology rapidly shifting the landscape making it difficult to develop evolving data security measures to help keep up with the trend. The manual storage of personnel records was slightly insecure in the past due to the several risks involved with it such as the risk of data destruction through adverse occurrences such as theft or fire outbreaks. The electronic HRM systems are accredited for their diverse abilities that have led to an evolution of HR activities resulting in the development of databases that support organizational decision making and can be secured by passwords and other cyberspace security establishments (van den Heuvel & Bondarouk, 2016).
Through the adoption of systems of data analytics in digital HRM operations, the decision making processes and the formulation of various policies is highly enhanced in a manner that could not be realized in manual systems. Van den Heuvel and Bondarouk (2016) argue that the proceeds of using HR and people analytics have not been sufficiently tapped across various industries due to the lack of empirical and academic knowhow of their management and real benefits. Through effective HR data management techniques, the researchers note that personnel data can be safely guarded and used in the prediction of future trends though sufficient cyber security measures need to be embraced to guarantee seamless operations within the electronic HRM operations.
The state of cyber security is highly wanting especially in developing countries where defense technologies have not been highly modernized to meet counter cyber space attacks. Data privacy is more of like a human want and nobody would feel comfortable with leaked private information. Thus, all organizations should put more effort to help ensure the advent of technology dose not negatively affect the security of personal data.
Legal Framework of Personnel Data Protection
. Friedewald, et al. (2010) note that the privacy is important for human development, though currently faces various challenges from the developments in science and technology. Legal provisions have continued to develop along the line of confidential handling of peoples’ personal information, and regulations have been instituted to help enhance the level of protection of personnel data. According to the Universal Declaration of Human Rights (UDHR) article 12, nobody is allowed to interfere with any person’s privacy and confidentiality and all persons should be effectively protected from any such attacks (Friedewald, et al., 2010). As per the 8th Article of the European Union of Fundamental Rights, the protection of personal data is highly valued and any unauthorized and illegal interference with stored personnel data should be legally addressed (Friedewald, et al., 2010).
Friedewald, et al. (2010) observes that the legal concepts of privacy and data protection are closely intertwined though he further asserts that the large scope of data protection differentiates between the two. The set data protection rules in the world today guide the access and use of stored private data to help enhance the confidentiality and use of such information without interfering with the privacy rights of the owners of such information. Thus, the researchers note that legislations with regard to the access of stored personnel data are very important in ensuring that their privacy and confidentiality rights are upheld.
On an international framework, Kuner (2009) opines that the need for increased data protection has increased tremendously with the increase in demand for various individuals and organizations’ data across national borders. The international calls for harmonized laws for personal data protection have been noted to mix both privacy and personal data protection such that there is no clear-cut distinction between the two. Kuner (2009) observes that the international legal framework for data protection provides an avenue for drawing guidelines on how data pertaining persons is to be accessed in addition to drawing essential safeguards to such data.
Kuner (2009) notes that various national and state governments have already instituted binding laws with regard to the access of personal data stored in various organizational databases and effort ought to be put to help ensure that internationally, comprehensive personal data laws are established. The main challenge noted by Kuner (2009) in the establishment of a binding international law is the high level variation of national laws with regard to the personal data handling around the world, hence complicating efforts to amalgamate the laws and come up with a consolidated international law. The main point of consensus in drawing international laws with regard to human rights is basically anchored on tenets such as prohibitions to genocide, racial discrimination, torture and slavery (Kuner, 2009). The researcher proposes that formulation of personal data protection laws at regional levels can be one of the best steps towards the realization of the establishment of consolidated data protection international laws.
Therefore, it can be argued that legal frameworks towards the protection of stored personal data are very critical in the realization of enhanced privacy and confidentiality levels in an economy. It is also important that the international community drafts enabling policies to help ensure that personal data and privacy are legally protected across different national territories.
Big Data Handling and Protection
As noted by Zang and He (2015), personnel data has existed since the birth of humanity and widely exists in the aspects of work and life with major focus on mining big data for various operations in the modern world. In the modern dynamic data handling and management era, it is important that human resource departments engage in big data mining to help effectively manage all personnel data and even predict future patterns (Zang & He, 2015). The human resource departments dealing with personnel data handling have to however stay committed to protecting all employee information and using it for the organization’s desired purpose and for enhancing employee welfare.
Zang and He (2015) note that the use of the traditional manual way of analyzing employee data and statistics is incomprehensive in helping ensure HR professionals predict future trends and as a result require have to use big data. Big data is considered to poses five characteristics which are; high assortment volume, wide variety of data, high velocity of data movement and high content value electronically stored and ready for use. Through big data outsourcing, the HR departments can train talents during recruitments to help enhance their skills and readiness to work, thus making it very essential for company sustainability through quality staff recruitment.
According to Mammadova and Jabrayilova (2016), big data it the process of collecting and handling large volumes of data that is beyond the holding capacity of the traditional database systems through the modern technological applications that are computerized. Mammadova and Jabrayilova (2016) observe that since the 1980’s, big data has been on an exponential growth through much of it has not been analyzed and verified. Mammadova and Jabrayilova (2016) argue that as enterprises grow the volumes of personnel data in the HR departments keeps increasing and the need for such data in the process of employee career growth prompts the need for advanced big data management programs.
The analysis of stored personnel big data is noted to be the leading base of decision formulations in various organizations as companies rely upon such analyses from the HR departments to draw future guidelines. Mammadova and Jabrayilova (2016) argue that through the digital analysis of the diverse employee characteristics as captured in the big data databases, organizations can reliably establish lasting future decisions. Additionally, information captured in big data banks can help in the formulation of operational strategies based on the auxiliary competencies of employees leading to organizational growth. Hence, unlike traditional databases, big data can be highly relied upon to help achieve organizational growth (Mammadova & Jabrayilova, 2016).
Therefore, big data is a great development in the HR evolution with the advent of technology and forms a very strong base for predicting future organizational growth. Big data can effectively capture diverse employee information including their behavioral and skill characteristics, hence, important for future planning.
Conclusion and Recommendations
Human resource departments deal with large volumes of personnel data especially in the modern era when big data use is a popular phenomenon. However, careless handling of employee and organizational data may lead to the breach of the legal provisions for personal data and privacy. Digitalization of human resource operations helped pool a wide array of personnel information in big data banks, which forms a basis for future planning and organizational decision making once the people analytics are availed to the decision and policy makers of an organization.
The distinction between privacy and personal data is not explicitly outlined in most legal data protection laws since the two terms are largely correlated though their focus is understood to be based on the security of personal data. International and national laws need to amalgamate to help provide a conclusive global regulation for personal data to help enhance the focus on personal data. Overly, it is the obligation of all human resource personnel tasked with the handling of employee data to ensure the available data is confidential and well-guarded from unauthorized access. The study recommends that international laws with regard to personal data protection be swiftly instituted to help enhance and clarify the personal data protection guidelines. Additionally, it is recommended that all human resource computers be verified screened consistently to help avoid using computers with malware that can risk the security of stored data through cybercrimes.
Research Questions
Thus, the main objective of this paper is to establish the system of HR data protection in Oasis Hospital and determine how best to improve it. To meet the objectives of this paper, this dissertation will seek to answer the following research questions:
- What are the current measures used by Oasis Hospital for data protection?
- Why is it important to guard personnel data in Oasis Hospital?
- What legal provisions are provided for the security of personal data and privacy?
- What measures can Oasis Hospital institute to help enhance the security of its personnel data in the HR databases?
- What are the benefits and challenges of using digital programs in managing personnel data?
References
Friedewald, M., Wright, D., Gutwirth, S. & Mordini, E. (2010) Privacy, data protection and
emerging sciences and technologies: Towards a common framework, Innovation: The European Journal of Social Science Research, 23(1), 61-67. doi:10.1080/13511611003791182
Kuner, C. (2009). An international legal framework for data protection: Issues and prospects.
Computer Law and Security Review, 25(2009), 307-317.
LeClair, J., Sylvertooth, R. & Tu, M. (2015). Cyber security. National Cyber Security Institute
Journal, 1(3), 1-68.
Lukaszewski, K.M., Stone, D.L. & Johnson, R.D. (2016). Impact of human resource information
system policies on privacy. Transactions on Human Capital Evolution, 8(2), 58-72.
Mammadova, M.H. & Jabrayilova, Z.G. (2016). Opportunities and challenges of big data
utilization in the resolution of human resource. Problems of Information Technology, 2016(1), 33-40.
Millar, L. (2009). Managing personnel records in an electronic environment. International
Records Management Trust, London, United Kingdom.
Reynolds, C. & Small, H. (2015). Who owns faculty data?: Fairness and transparency in UCLA’s new academic HR system. iConference 2015 Proceedings. Retrieved from https://www.ideals.illinois.edu/bitstream/handle/2142/73436/136_ready.pdf?sequence=2
Van den Heuvel, S. & Bondarouk, T. (2016). The rise (and fall) of hr analytics: a study into the
future applications, value, structure, and system support. Article submitted for the 2nd HR Division International Conference (HRIC). Sidney, Australia
York St. John University. (2014). HR Data Protection and Document Retention Policy, 1-5. Retrieved from https://www2.yorksj.ac.uk/pdf/Data%20Protection%20&%20Document%20Retention%20Policy%20(Nov%202014).pdf
Zang, S.Y. and Ye, M.L. (2015). Human resource management in the era of big data. Journal of
Human Resource and Sustainability Studies, 3, 41-45. http://dx.doi.org/10.4236/jhrss.2015.31006
