Here are recommended items to check to see if your HRIS is up to the mark. (It’s just as useful for those considering HRIS).
Records Maintained
Does your system maintain the following personnel records:- Employee personal data?
- Marital status?
- Number of dependents?
- Spouses and dependents covered by other health plans?
- Part-time/fulltime?
- Leased employees?
- Employees’ skills?
- Employees’ education?
- Highly compensated employees?
- Promotions?
- Transfers?
- Training?
- Employees’ schedules?
- Employees’ attendance?
- I–9 forms completed?
- Expiration dates of employee work permits?
- Employee anniversary dates?
- Hours worked per week?
- Overtime?
- Employees exempt from overtime?
- Employees not exempt from overtime?
- Withholding from employee paychecks?
- Pay rate/compensation history?
- Place in range?
- Performance data?
- Employee eligibility for benefits?
- Participants in benefits plan?
- Beneficiaries of benefits plan?
- Cost of benefits plan?
- Employee covered by other health plans?
- Date employee admitted into benefits plan?
- Date of termination?
- Reason for termination?
- Rehire classification?
- Terminated employees entitled to 401(k) distribution?
- Terminated employees entitled to COBRA notice?
- Turnover?
- Total number of employees?
Confidentiality
- Is one person responsible for information system security?
- Are passwords and user IDs required to gain access to your computers?
- Are the passwords changed at least quarterly?
- Are passwords a minimum number of random combinations of letters and numbers?
- Is the area in which you keep your computers secured from unauthorized entry?
- Are screensavers activated?
- Does your system record which user ID and password are used to gain entry into the system?
- Does the system reflect what programs are run or data are accessed with respect to a particular user ID and password?
- Are there varying levels of user access so that individuals only have access to information they need in order to perform their duties?
- Does the first screen that appears when your computer system is accessed state that the information in it is confidential?
- Do you require employees with access to the computer system to execute confidentiality statements?
- If your system allows remote access, have you taken steps to block unauthorized access?
Emergency Planning
- Are certain individuals designated to be on call in the event of a computer failure?
- Do you arrange for access to other computer systems in the event yours is not working?
- Do you maintain a duplicate set of your computer records in a safe off-site location?
- Is identification required to gain access to the computer records maintained off-site?
- Do you maintain a master list of the backup media stored off-site?
- Do you back up information on your computer system at least daily?
- Do you place newly created backup media in an off-site storage area?
- Do you have state of the art virus protection software and update virus definitions at least daily?
- Do you have virus scans set to run automatically on a daily basis?
- Automatically search all e-mails and attachments as well as information down-loaded from the Internet for viruses?
- Do you search for viruses on any media prior to transferring the information to your hard drive?
- Do you annually review your contingency plans for computer failure?
Efficiency
- Do you review:
- The components of the computer system for its efficiency?
- The adequacy of the computer programming at least annually?
- The adequacy of the computer hardware at least annually?
- Do you provide training for employees on the use of the computer system?
- Do you encourage employees to be cross-trained on the use of the different types of databases in your system?
- Do you have an individual on-site who can troubleshoot when there are problems with the computer system?
- Do you have a computer system configured so that even if one or more workstations fail, another can be used?
No comments:
Post a Comment