Companies collect and store a considerable amount of Personally Identifiable Information (PII) of employees. However, this poses a serious risk of data being potentially leaked or stolen. With GDPR and similar regulations worldwide, it's now a serious obligation for companies to ensure that PII data privacy is maintained through encryption, during transit and at rest.
Sensitive Personal Identifying Information (SPII) is required in a number of situations in greytHR. We collect SPII data from employees, review it and store it during the onboarding process. The SPII data is required in statutory reports like Form 24Q, Form 16, PF ECR submission, etc. As SPII data usage is dispersed throughout the platform, we've developed a facility that can store data in a centralized manner.
Introducing greytHR PIVault
greytHR PIVault is an advanced security solution that prevents data from unauthorized access. It stores all of your SPII data in a dedicated storage facility and uses a multi-layered encryption system to protect it. Here are some of the features of greytHR PIVault:
- Centralized service that encrypts, decrypts, and manages your SPII data.
- Unique storage facility for storing your employees’ Aadhaar data (Aadhaar vault).
- Centralized storage of all your SPII data.
- UUID reference tokens instead of SPII data to prevent dispersion.
- Masked data for convenient handling of application and MIS reporting.
- Advanced encryption using AWS KMS.
- Bulk data processing facility for easy imports and report generation.
The SPII data will not be automatically visible to everyone on the greytHR platform
The data will be masked throughout to ensure there is no leakage of information
The data is masked even in downloaded files and reports
However, in special circumstances, you can use the 'reveal' option to grant permission to
users to view and modify the SPII data selectively
1. Data Privacy
greytHR PIVault uses a rigorous screening process that reveals information only on a need-to-know basis.
greytHR PIVault uses a high-grade encryption technology that is supported by AWS KMS. AWS KMS is powered by advanced FIPS 140-2 validated Hardware Security Modules (HSMs) which generate and protect keys.
3. Data Security
A multi-layered encryption system ensures your data is secure during transit and while at rest.
greytHR PIVault gets you compliant with major data privacy laws like the Aadhaar Act and GDPR.
Compliant With Aadhaar Act
According to the guidelines set by the Aadhaar Act, if you are storing your employees’ Aadhaar data, you will need to create a unique storage facility for it (Aadhaar vault). Which means you cannot club any of your other SPII data along with the Aadhaar numbers. greytHR PIVault is designed in a way that lets you store your Aadhaar data in a separate database without compromising on the security or accessibility.
greytHR PIVault is a free upgrade to a secure data storage environment. If you are an existing customer, the system will automatically migrate your SPII data to greytHR PIVault’s database when the feature is rolled out.
In an increasingly interconnected world with a continuous exchange of information, it’s essential to have control over how you manage your data. If your organization collects Aadhaar or any other SPII data, it is your responsibility as an employer to establish a process that is secure, transparent, and compliant with global privacy laws.
Need help with implementing Aadhaar vault? Reach out to us: firstname.lastname@example.org