How blockchain preserves peace of mind for personally identifiable information

25 June 2019

This article was featured in the July/August 2019 issue of the magazine.

Ian Smith, chief executive officer and founder of Gospel Technology, explains why blockchain can transform the way businesses, HR and payroll work with personal data 

Data is central to business operations and success in today’s digitally-dominated world, and HR and payroll are no exception. From employee bank details to the addresses of next of kin, personally identifiable information (PII) is something that HR and payroll professionals are constantly managing.

With the introduction of the General Data Protection Regulation (GDPR) last year, it is no surprise that this sector in particular is under increased pressure to ensure data stays secure, with trust and compliance being central to both job functions. The implications for not maximising regulatory adherence and consumer data privacy rights now include substantial financial penalties, as well as major reputation damage.

However, this is becoming increasingly challenging due to today’s evolving landscape, which calls for data sharing and digital collaboration to remain competitive and efficient. These demands combined with society’s data hypersensitivity and the growing threat of cyberattacks, highlight the significant challenge that HR and payroll professionals are facing today. 

 

The value of PII data

Data is critical to every industry, and PII constitutes a great deal of this data across all industries. In the last few years we have seen a significant increase in new technologies such as cloud-based software-as-a-service (SaaS) solutions or communication tools that facilitate the collection and sharing of data, to maximise its value and reap the many benefits associated with sharing internal data across different teams and partners. HR and payroll being no exception, where PII is used to identify, contact, locate and interact with individual members of staff, which allows them to provide a personalised and empathetic employee experience.

In today’s highly competitive business landscape, collaboration is essential to maximising opportunities. However, the risk of sensitive information falling into the wrong hands or cyber criminals exploiting loopholes in security processes means businesses are being overly cautious. For many businesses, this has meant deploying zero-trust solutions which restrict access, negatively impacting business agility and collaboration. This approach is proving ineffective as can be seen in the repeated headlines around data breaches – a new approach is needed that secures PII data effectively while maximising its value, and the employee experience.

 

...highlight the significant challenge that HR and payroll professionals are facing today

 

Is it practical to place trust in ourselves? 

It has quickly become clear that employees trust their employers to ensure the ethical use of their data, which means businesses have to deploy the appropriate solutions and processes to protect PII and ensure it is used in the right way. What is often overlooked is that there is a moral obligation (as well as a regulatory need) for HR and payroll professionals to make sure they are keeping sensitive data secure at all times.

As such, many businesses have invested not only in security software, but also in training programmes in an attempt to boost their employees’ security skills and establish best practices to limit human error and reduce internal threats. However, eliminating all human error is very difficult, for example an employee sending an email to someone by accident might not be a problem in and of itself, but if this email included the bank details of all employees a disgruntled employee could then decide to leak this information, which would be a serious issue. It only takes one small mistake for a data breach to occur, making it extremely difficult for HR and payroll professionals to ensure data security in today’s digital landscape.

 

...mitigating the threat of a data breach but also increasing service efficiencies and business agility

 

The key to data security

Like many other sectors, kickstarting change in HR and payroll can be a difficult process. However, with the volume of data being generated in today’s omnichannel digital world continuing to increase, businesses cannot afford not to have the right processes, policies and solutions in place.

When it comes to securely storing and processing employee data, HR and payroll departments need to look further for solutions that will enable them to navigate the new realities of today’s digital workplace. This will likely involve updating the existing technology behind many data processes. For many businesses the problem is that the technology underpinning many data processes was not designed to cope with the exponential volumes of data that are now being generated, alongside the innovation of new applications and communication channels, which when combined result in data inadvertently escaping through the cracks. 

Currently, when businesses do take steps to secure their networks, it’s often a defensive process that involves plugging holes as they appear, rather than being able to deploy proactive measures. On too many occasions, cyber-criminals get to these cracks first, which is why cyber-attacks and data leaks are rarely out of the headlines. If they ever want to escape this cycle, businesses need a proactive data management solution that is designed for today’s digital workplace.

This is where decentralised technology such as blockchain can have a major impact. Distributed ledger technology (DLT) adds a much needed and unprecedented infrastructure layer of data access and security, which can be applied to many of the challenges facing HR and payroll professionals today. 

DLT technology creates a single version of the data which is near impossible to tamper with or corrupt, meaning organisations can be sure that they are accessing the latest single version of the data. Control of this data can then be retained whether shared between employees internally (intra-enterprise) or between partner companies (inter-enterprise).

This architecture creates a network of trust for secure data collaboration, not only mitigating the threat of a data breach but also increasing service efficiencies and business agility. The potential is there for businesses to truly transform the way they work with personal data, increasing the levels of privacy and data compliance, with HR and payroll being at the centre of it.