How to avoid 5 restaurant employee privacy breaches
By Derek Jones, VP of business development, Deputy
With an uptick in Predictive Scheduling and Fair Workweek trends sweeping the nation and heated debates around minimum wage, hourly workers' rights are forefront of many conversations. For the restaurant industry, employee rights are a constantly shifting regulatory landscape built atop several basic pillars that include freedom from discrimination, the right to fair compensation and the right to privacy. With a bevy of federal and state enacted laws to protect workers from unsafe work conditions, unfair labor practices and discriminatory treatment including the Fair Labor Standards Act, Family and Medical Leave Act and Occupational Safety and Health Act, it is imperative that your restaurant stays on top of evolving regulations.
In an increasingly digital environment, this means handling restaurant employee data with care. U.S. laws stipulate data protection and privacy rules through a combination of national legislation measures, state regulations and a businesses' self-regulatory actions. Forty-eight states have specific requirements around breach notification processes mandating that businesses must report any unauthorized access of employee's private data. Personal information about an employee and their family is confidential. In the restaurant and food sector, to avoid breaching your employee's privacy, you need to pay attention. The following includes five ways restaurant owners commonly breach employee privacy rights:
1. Using email for all communications
Email is a great tool for communicating with employees but the ease and speed at which you can type and send out an email can create difficult predicaments. Many employers regularly use email as a way to disseminate information like schedules or new restaurant policies, and if discussing sensitive information, can inadvertently copy or forward private information to unintended parties. Additionally, performance feedback and professional development, in particular, are two types of private conversations that should be handled with care.
2. Printing or sharing contact lists
A common misstep for those in the hourly worker sectors like retail and restaurant, many employees print and post employee contact lists for ease in trading shifts. While unlikely, this breach of private information can unwittingly aid in identity theft or even assist a stalker.
3. Unsecured files
Record keeping is never a fun task but it is essential for maintaining books. In the U.S., all businesses must retain payroll tax records for four years and keep records of events like workplace injuries for ten. For the many restaurant owners that deal in pen and paper, this means an archive of information that may not be secured. If not handled correctly, restaurant owners run the risk of liability.
4. Bad housekeeping
The speed of working, owning one restaurant or a chain of franchises in the restaurant industry make the accumulation of employee data inevitable, but what many business operators forget is that retaining out-of-date information beyond legislative timeframes can expose oneself to litigation risks.
5. No data protection enforcement
While you may believe that your restaurant is safe with a compliant data protection policy, no policy is worth any salt unless it is enforced. Any data protection plan needs a soundproof process that enables your business to take into account the particular data you collect and retain. All managing staff and employees need to be educated, trained and held accountable to a standard in a data-rich environment.
In the restaurant sector, digital solutions provide an easy and streamlined way to prevent infringing on your employee's privacy rights. By removing the pen and paper aspect and turning to secure digital files, your business is protected and your employees retain their right to privacy.