6 Ways to Improve HR Data Privacy Compliance in Google Workspace

See GAT Labs
in action

Table of Contents

From Social Security numbers (SSNs) to salary details, background checks, health care and retirement plans and more — employers today store and process huge amounts of private employee data.

That’s why employers need to fully ensure HR data privacy compliance to avoid penalties, fees, or even legal action. 

For Chief information officers (CIOs) that means rethinking every HR administrative process that involves employee data, right from the hiring stage.

In this blog post we’ll show you SIX ways to protect employee data and improve HR data privacy compliance in Google Workspace, so tune in!

 

Employee Data Compliance in Google Workspace


6 WAYS TO IMPROVE HR DATA PRIVACY COMPLIANCE IN GOOGLE WORKSPACE

 

1. CREATE SEPARATE ORGANISATION UNITS (OUs)

Create separate OUs across your Google Workspace domain to separate users who manage private employee data and users who don’t. 

Let’s explore that in a HR setting:

Your HR department manages personal/sensitive employee data, but only a subset of your HR users actually need access to such sensitive data.

Here you need to configure a separate HR OU for these users with the security settings outlined in the subsequent points configured appropriately. 

*Read more on how the organizational structure works here.

 

2. ENSURE ONLY APPROVED ACCESS TO SENSITIVE DRIVE CONTENT 

Rule of thumb: Only those who truly need private employee data should be able to access it.

After creating your separate OUs, you need to know who has what Drive access levels to files and folders that contain private employee data.

Make sure the right employees (and third-part vendors) have just the right level of access to employee data.

In Google Workspace that means:

  • Building the right Shared Drive structure for your HR teams ground up.
  • Securing access rights to folders that contain private employee data.
  • Reviewing file sharing exposure regularly for files that contain sensitive employee data (and auditing how they’re being shared across your domain). 
6 Ways to Improve HR Data Privacy Compliance in Google Workspace 1

 

3. STREAMLINE DATA RETENTION SCHEDULES FOR LEAVING GOOGLE USERS

How (and when) you handle the private data of leavers in Google Workspace is pivotal. 

Establishing a workflow for data retention minimizes compliance risks and makes things way easier for HR teams.

In Google workspace that means sticking to a timely offboarding workflow that covers the following areas:

Note: Restrictions on how long an employer can keep private employee data of leavers on record vary from one country to another.

DATA SUBJECT ACCESS REQUESTS (DSAR) IN GOOGLE WORKSPACE

This workflow will also help you handle any DSAR requests more efficiently by covering all essential bases in Google Workspace.

 

4. TRACK WHO ACCESSED WHICH CONTENT IN GOOGLE WORKSPACE

You need to understand who accessed which content and when for compliance reasons. 

This will get your back covered when data compliance claims are made and you need to further investigate to understand (and prove) what actually happened.

6 Ways to Improve HR Data Privacy Compliance in Google Workspace 2

 

 

5. REPORT ON SENSITIVE CONTENT IN REAL TIME 

Time is of essence when it comes to HR data privacy compliance. 

Your data breach response plan needs to be spot on. This requires ongoing data auditing and analysis measures to stay on top of everything 24/7.

Review and update your current plan for Google Workspace and make sure you:

  • Beat the clock with real-time alerts for sensitive employee documents in your domain.
  • Configure daily/weekly DLP reports for private employee files in Google Drive.
  • Set up an alert every time anyone in the domain downloads a certain number of files from your domain or sends outside x number of emails to any given domain or email address.
  • Have the ability to run a Domain-wide live Drive files and emails content search to look up for any sensitive information being accessed or shared from any unauthorized user.

This way if even a data breach does occur, you’ll get instantly notified and can ACT FAST.

*Get granular with Drive DLP Regex Alert rules for PII (personally identifiable information) using GAT+.

 

6. ALLOW EMPLOYEES TO EASILY CORRECT/OR DELETE THEIR PRIVATE INFORMATION

Don’t forget that ‘Right to rectify’.

When it comes to GDPR for HR (or other data protection law), it’s important to remember employees also have the right to access, obtain, rectify and request the deletion of their personal data.

Which in Google Workspace translates to:

  • Establishing a friendly Drive workflow that allows each individual employee to easily view and amend his/her private data at any time.
  • Deploying powerful filtering across your domain to find ALL private data on record for any employee fast.

 

Important note 💡

Make sure HR employees have a clear understanding of  your organisation’s employee data privacy compliance and governess requirements under GDPR, or any other data privacy laws.

That’ll help you identify which data needs to be protected and align your Google Workspace environment accordingly.

Stay in the loop

Sign up to our newsletter to get notified whenever a freshly baked blog post is out of our content oven.

Related Posts

Try this Life-Changing Google Workspace Admin Hack
Admin

Try this Life-Changing Google Workspace Admin Hack

Here’s the one hack every Google Workspace admin needs to know: Automate all the things – Why waste time and effort on tasks that can …

Read More
Admin, are you Monitoring these Cloud Security Risks?
Cloud Security

Admin, are you monitoring these cloud security risks?

Do you know which are the most significant cloud security risks and how to deal with them? In a cloud-centric world of instant data sharing …

Read More
Quick guide to Data Loss Prevention for Google Chrome (1)
Chrome browsing

Quick guide to Data Loss Prevention for Google Chrome

Why is Data Loss Prevention for Google Chrome important — and how can admins get it right? In a browser-centric world of perpetual data sharing, …

Read More
Common Google Drive Problems for Admins
Sites

[Solved] 3 Common Google Drive Admin Problems

Make these Google Drive admin problems simpler with smart fixes Google Drive has completely changed the file sharing, storage and collaboration game over the past …

Read More