Employee information should not be disclosed to unauthorised persons. The disclosure of this type of information may be covered by data privacy legislation.

• Employee data which has not been held securely could be stolen or illegally modified .

• All employee data must be under the control of the Personnel department.
• Confidential employee information should be held in a secure area or in lockable cabinets.

• If limits to access and distribution are not defined, confidential employee information may be accessed without authorisation.

• Employee data should only be shared with the employee and with staff directly responsible for the employee.
• Ensure that the Personnel department has a suitable data handling procedure.