Microsoft Provides More Fodder For Those Who Hate Performance Reviews....
The 7 Biggest Lies In Recruiting...

Screw Up Access To Your HR System? Write Up Everyone Who Dared to Take a Look...

Let's face it - there's nothing scarier to an HR pro than a digital error of severe magnitude.  You know the one I'm talking about - the document that goes out to the masses that has too much information in it.  Pay data being slung around a location that was distributed on your watch.  

And of course, wide open access to a HR system that should have been locked down to HR only, but rank and file employees find themselves with access to it.  One employee tests it out (never thinking they'd get in) and presto!  They're in.  

They immediately tell two people.  Those two people tell two people, and well, you know how this is going to end.  The thing mushrooms to critical mass until someone at the top of the mushroom cloud tells someone in HR, who moves in a panic to shut the access down.

Too late.  Angel over in Accounts Payable now knows that your CFO has two garnishments and a court order against him from his first marriage.  That's going to leave a bit of a mark on the creditability of the HR shop.

Think it never happens?  It happens more than we'd like to admit. Check this out regarding the Chicago Police Department from the Chicago Sun-Times:

"More than 1,000 Chicago police officers could face discipline for viewing the arrest reports of two fellow cops accused of assaulting a North Side woman.

Police department officials said Saturday they are investigating why so many officers accessed the arrest reports, and said the officers could face disciplinary action. The police union, however, says the officers did nothing wrong.  According to a memo sent department-wide Wednesday by the Internal Affairs unit, accessing the electronic report constituted “misuse of department equipment.” The memo warned that “access of information for personal or other reasons is strictly prohibited.”

The memo said officers had accessed and printed the reports “without reason or authorization to do so.” It recommended that those officers receive a written reprimand that would stay on their personnel record for a year."

Whoops.  You messed up on access to the system and your first reaction is to...wait for it... write them all up.

Wrong answer.  Good luck with that one, especially with a union involved.  Wipe the egg off your face, do a systems security review and move on.  

Here's the memo on the recommendation to write everyone up.  Classic.  It's them, not us.

Comments

Dwane Lay

Yes, how dare they.

"Don't eat the forbidden fruit."

"Right. Where is it?"

"In this tree right here."

"OK, thanks."

*crunch*

Oldest trick in the book....

John Jorgensen

Gotta love the Chicago way of doing things (said with just a bit of sarcasm).

Joel Kimball

This is so deliciously awesome.

Had a *minor* example of this recently. Handled the internal error in my shop (and the erring person) appropriately, apologized profusely to employees, directed all phone calls of complaint to me personally (I recived over 100 and responded to every....single...one)....and it died out within a week.

Here, Chicago PD, you can borrow my textbook...

Corey Feldman

I'm not sure if the police example is the best analogy. Your not going to limit the police officers ability to access arrest records, since they could need it for their job. It is more akin to an HR person with access to the system pulling the records of various employees simply out of curiosity. If it wasn't job related and they were just trying to find out personal information about coworkers, I don't have a problem with counseling. Its not that they accidently had accesses to something they shouldn't have had, it is that they are abusing their access to satisfy personal curiosity.

The comments to this entry are closed.