Security of payroll records and the staff who work with them is a continuing consideration for payroll administrators and corporate management. Payroll security includes implementing and maintaining confidentiality and security of the payroll records, the payroll department and the payroll staff. The payroll manager, accounting manager or human resources manager may carry the responsibility for payroll security in conjunction with senior management. Creating a highly secure and efficiently organized payroll environment should be the goal of every payroll department.
Organization of the payroll department, staff and processes is vital to payroll security. A clear chain of command, a logical department organizational chart and clear delegation of payroll responsibilities is necessary for secure payroll administration. A manager, a payroll processor, a specialist for special payroll situations such as wage garnishment orders and FMLA and worker’s compensation leaves, employee records clerks and any other payroll staff must be organized in the department for confidential, efficient, secure and legally compliant payroll processing. Everyone in payroll must have clearly defined responsibilities to avoid and eliminate security breaches and loopholes in payroll processing.
All access to payroll paper documents, physical storage files, computers and computer reports and any other kind of access must be strictly controlled and enforced to secure confidential payroll information. Each payroll employee’s responsibilities must be reviewed by the payroll manager to determine what level of access is necessary. Access to physical payroll documents such as timesheets, raise authorizations, bonus and commission paperwork and other payroll documents with sensitive and confidential financial information must be restricted to only those who process the transactions. File cabinets and computers with payroll information, data and archives must be located in secure areas where only those with security clearance can view and work with them. For example, timesheet clerks who only enter labor hours into the computer payroll system must not have access to final submission processes or wage and benefit documentation.
Payroll procedures must be thoroughly documented and enforced to ensure the security of the payroll process and staff. Each payroll employee’s responsibilities must be clearly defined in their job description, in the payroll procedures they perform and in a standard operating manual for the payroll department. Procedures must be adhered to, revised when anything changes and reviewed at least annually if not more often to protect the integrity of processes and avoid any gaps in security.
Physical security of payroll records, files, data and systems, as well as payroll facilities and staff is vital. Payroll security and confidentiality must not be compromised to save money by processing payroll at reception or by making one payroll employee perform duties without a double-check. File cabinets must be locked with limited access. Offices, main frames and desktop computers with payroll data and processing software must not be located in common areas but in secured locations that can be locked easily. Payroll staff must have a working environment secure from employee and visitor traffic and must have easy ways to successfully secure the information they work with so they are not subject to angry or emotional employees. Any payroll errors, discrepancies and grievances should have clear processes and be addressed by managers or supervisors, not directly with payroll staff.