Skip to the main content.
FAQs

Frequently asked questions.

Videos

Instructional videos about Horizon and working with our solutions.

Downloads

Helpful downloads and eBooks to empower your business.

Tax & HR Alerts

Helpful tax and HR alerts to help keep your business compliant.

Forms & Documents

Payroll and tax-related forms and documents.

Blog

Horizon's blog provides valuable insight into payroll, compliance, human resources, and more.

Success Stories

See our client success stories for a case study on how we can help your business.

Featured blog post

How Long Should Employee Onboarding Take

Featured blog post

Tips For Success With Seasonal Employees

Our Team

Payroll and HR strategy requires intelligent technology, personal attention and specialized expertise in the needs and nuances of your business. 

Clients & Industries

We provide payroll and tax processing services for businesses from 1 to 1,000 employees or more. Today, we have nearly 1,000 customers in 40 states.

6 min read

Is It Illegal for an Employer to Give Out An Employee's Personal Info?

Employee privacy is a critical aspect of any workplace, and it is essential for employers to handle personal information with care and compliance with the law. Employees have a reasonable expectation that their personal and private information will remain confidential and not be disclosed without their consent.  

While it isn’t explicitly illegal for an employer to give out an employee’s personal information, there are state and federal laws in place to ensure what type of information is shared and why.  

A Quick Overview of Employee Privacy

Employee privacy encompasses the protection of an employee's sensitive personal information from unauthorized access, use, and disclosure. Personal information can include various types of data, such as personal identifiers, medical information, bank account numbers, financial data, and biometric information. Understanding what constitutes personal information is crucial in determining the legal obligations and limitations regarding its disclosure. 

Can An Employer Share An Employee's Information?

Employers have a legal and ethical obligation to protect their employees' private information. However, there are circumstances where sharing employee information may be permissible or even required, depending on the context. Here's what you need to know:

When Can an Employer Share Private Information?

  1. With Employee Consent
    Employers may share private information if the employee has provided written consent. For example, sharing contact details with a third-party benefits provider is usually done with employee approval.

  2. Legal Obligations
    Employers may need to share information to comply with laws or legal proceedings, such as:

    • Responding to a court subpoena.
    • Reporting income to the IRS or local tax agencies.
    • Complying with safety regulations, such as OSHA reporting.
  3. Business Operations
    Certain information may be shared internally for legitimate business purposes, like processing payroll, administering benefits, or conducting performance reviews. For example, a manager may need to discuss an employee's work performance with HR or another supervisor to address performance issues.

  4. Emergencies
    Employers may disclose limited information in cases of emergency, such as contacting a family member if the employee is involved in a workplace accident. If there is a workplace safety concern or legal requirement, certain information may need to be disclosed.


Risks of Sharing Without Proper Justification

  1. Legal Risks: Violating privacy laws, such as the General Data Protection Regulation (GDPR) or state-specific laws (like California's CCPA), can result in fines.
  2. Employee Trust: Sharing private information inappropriately can damage employee morale and trust in management.
  3. Potential Lawsuits: Disclosing private details without a legitimate reason can lead to claims of defamation, invasion of privacy, or discrimination.

NewImage14

What is Considered Personal Information?

So, what exactly is considered “personal information” when it comes to employees? You may be surprised to learn that some of the data that is considered “personal” is actually eligible for an employer to share! What’s also important to note is that the rules can vary depending on what state an employee resides in. Let’s find out more about personal data as it pertains to what an employer can share and why.  

Personal Data or "Identifiers" (Name, Birthdate, SSN, etc.)

Personal identifiers are considered personal data, such as an employee's name, birthdate, Social Security Number (SSN), or any other unique identifier. This data is used to verify employment eligibility and conduct a background check. Employers must handle this information with utmost care and only disclose personnel files when necessary and lawful. 

Medical Information and Records

Medical information, including an employee's health condition, history, and medical records, is highly sensitive and protected by privacy laws. No employer should share information regarding any medical conditions of employees with anyone, internally or externally.  

Employers should only disclose medical information if required by law or with the employee's explicit consent. Examples of when medical information and records could be released would be for ADA (Americans with Disabilities Act)-related reasons like ensuring reasonable accommodations for the employee’s disability.  

Bank Account Numbers and Financial Data

Bank account numbers, financial records, and any other financial data are also considered personal information. There are rare instances where these records are used in background checks. Employers should take explicit measures to ensure the security of such confidential information and should not disclose it without a legitimate need or legal requirement. 

Any Biometric Information

Biometric information, such as fingerprints, facial recognition data, or retina scans, is unique and highly personal. Some employers collect biometric information for building access, timecards, and computer access. Employers must obtain consent before collecting and disclosing biometric information and handle it cautiously. 

"Personal Information" Can Vary By State Laws

It is important to note that laws regarding employee privacy can vary from state to state. Some states have specific legislation in place that offers greater protection for employee privacy rights. Employers must familiarize themselves with the applicable laws in their jurisdiction to ensure compliance and avoid legal repercussions. A trusted HR consultant will know the laws for each specific jurisdiction and be able to counsel on a legal approach to disclosing an employee’s sensitive information.  

Why Would Employers Disclose Personal Information?

Employers have a legal and ethical responsibility to protect employee privacy and handle personal information with care. An employer must have legitimate reason to disclose personal information and can only do when absolutely necessary. It is generally illegal for an employer to give out an employee's personal information without a legitimate reason or legal requirement. 

Here are a few reasons why employers would disclose personal information.  

Required by Law (During a Criminal Investigation, etc.)

In certain situations, employers may be legally obligated to disclose personal information. For example, during a criminal investigation, law enforcement agencies may request access to employee records if it is relevant to the case. Employers should carefully evaluate such requests and comply with the law while safeguarding employee privacy to the extent possible. 

Legitimate Need to Do So Within the Company

Employers may have a legitimate need to disclose personal information within the company. For instance, HR departments may require access to certain employee information to manage security risks, ensure compliance with regulations, set up IT, or facilitate payroll processing. However, even in such cases, employers should strictly limit access to personal information to authorized personnel and take steps to protect confidentiality. 

woman-reviewing-business-tax-credits

Best Business Practices for Employee Personal Information

How you collect and store data is critically important as a business. When it comes to personal employee information, there are a few best practices to keep your business safe from risk and protect your employee’s privacy.

Collect and Process Employee Data with Transparency

Employers should collect and process employee data transparently, informing employees about the purpose and scope of data collection. Employees should be made aware of how their personal information will be used, stored, and protected. This transparency fosters trust and helps employees understand their privacy rights, and lowers risk for you, the employer.  

Only Collect Personal Data That Has a Purpose

To protect employee privacy, employers should only collect personal data that is necessary and directly relevant to the employment relationship or specific business purposes. Collecting excessive or unnecessary personal information can increase the risk of unauthorized disclosure, security breaches, or misuse. Employers should have clear policies and procedures in place regarding the collection and retention of employee data. There should also be clear whistleblower policies in place to ensure employees at every level are responsible and feel compelled to report when information is being mishandled.  

Prioritize the Security of Employee Records

Employers must prioritize the security of employee records to prevent unauthorized access, use, or disclosure. This includes implementing robust security measures such as secure data storage, encryption, firewalls, and access controls. Regular security audits and training programs can also help ensure that employees understand their role in safeguarding personal information. 

Keep Data for Only as Long as It's Necessary

Employers should establish retention periods for employee data and only retain it for as long as it serves a legitimate business purpose or legal requirement. Keeping personal information beyond its necessary period increases the risk of data breaches and unauthorized access. Once data is no longer needed, it should be securely deleted or destroyed. 

bald-man-working-new-open-office-graphic-designer

 

Frequently Asked Questions 

 

Horizon is a Professional Partner for HR Processes

When it comes to managing employee personal information and ensuring compliance with privacy regulations, partnering with an experienced HR service consultant like Horizon can be very beneficial! Horizon has been providing HR support and consulting services since 1997; with a team of knowledgeable professionals, we can assist businesses in implementing best practices, handling sensitive employee data, and navigating complex legal requirements. 

Providing HR Support and Consulting Since 1997

Horizon has a long-standing reputation for delivering comprehensive HR solutions. Their services include HR consulting, payroll administration, employee benefits management, and compliance support. By partnering with Horizon, businesses can focus on their core operations while entrusting their HR processes and employee personal information to a trusted and experienced partner! 

Contact Us Today for More Information

If you are seeking reliable HR support and consulting services, contact our team today. Horizon’s experts will provide tailored solutions to meet your business needs while ensuring compliance with employee privacy regulations. Safeguarding employee personal information is essential, and Horizon is committed to helping businesses maintain the highest standards of privacy and data protection! 

Employee Social Media Posts: Should You Go There?

5 min read

Employee Social Media Posts: Should You Go There?

“Social media has irreparably blurred the line between one’s personal persona and one’s professional persona,” says Jon Hyman in Workforce...

Read More
Which Laws Apply Once You Have 15 Employees?

4 min read

Which Laws Apply Once You Have 15 Employees?

Congratulations! Your business has grown to 15 employees! Since your very first hires you’ve complied with labor laws like the Immigration Reform...

Read More
Payroll Records & Employee Files: What to Keep and How Long to Keep Them

9 min read

Payroll Records & Employee Files: What to Keep and How Long to Keep Them

Managing payroll records and employee files can be one of the more daunting and complicated aspects of running a business. From ensuring you have all...

Read More