Does all personal payroll data need to be encrypted?
The Data Protection Act makes it a requirement that the transmission of personal data should be encrypted. In fact, there have been some high profile cases where fines and sanctions have been levied on companies where unencrypted data has been lost.
Where payroll services are outsourced to a third party the outsourcing business is still the Data Controller under the DPA and so has responsibility for ensuring the transmission of its employees data is encrypted.
Given that the most common method of transmitting payroll data is by email then an outsourced payroll provider should be offering encryption of emails, or at least of the file attachments, as standard practice.
At Payplus we take the security of our clients’ data very seriously and provide free to use encryption software to secure the transmission of data.
- Find out about Payplus’ best practice approach to information security
