Companies and their employees are increasingly on edge about the prospect of being hacked.

Cyberattacks that have successfully targeted major corporations, government entities and health care systems have made people realize whatever security precautions they have been taking to protect sensitive information, they probably should be doing much more.

Health records which can be obtained from a health care providers or insurers are a particularly tempting target for hackers, since they provide a variety of information about the individual that cannot be changed: social security number, home address and sensitive medical information. All of these things are hot commodities on the black market that can be used for identity theft.

Recommended For You

For much the same reason as health records, employee documents are also valuable to hackers. That makes HR offices a very likely target for cyberattacks.

However, sometimes the greatest cybersecurity threat is not hackers but human error. Everybody who handles sensitive documents is at risk of accidentally providing them to somebody who should not be seeing them.

In a recent survey of managers and information workers by the Business Performance Innovation Network finds roughly 60 percent say they or somebody they know has sent information to somebody who was not supposed to see it. Just under 90 percent say they believe the risk of document loss is increasing in their organizations due to the access employees have to sensitive information across so many different devices.

Employees polled similarly expressed very little confidence in the efforts their organization is taking to combat document loss or cyberattacks. Fewer than one-third of respondents believe their employer has "effective solutions" to ensure document security and only 43 percent believe their organization even has clear policies on the matter.

The implications of leaking confidential employee documents are potentially devastating for employees and employers alike. Not only does it put the employee at a serious risk of identity theft, but it can become a major legal liability for the employer.

The same goes for those tasked with handling sensitive client information, including insurance brokers, accountants and attorneys. Clients whose confidential information is compromised may sue, arguing that the person providing the service did not take the proper precautions to safeguard their privacy.

However, the top threat from security breaches, according to the respondents to BPI survey, the negative impact on an organization's reputation. That is likely particularly true for an organization whose work is valued specifically due to its promise to safeguard private information for customers or clients, such as insurance companies, banks or attorneys. 

NOT FOR REPRINT

© 2025 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.