The NASPP Blog

Tag Archives: HR

June 9, 2011

Automation 1-2-3

Automation is essential for data management because of its efficiency and accuracy. Any time a person is tasked with manual data entry, there is a significant risk of error. That risk increases exponentially as the data volume increases. These are the three basic steps to building and executing a project plan to incorporate automation into your daily routines.

  1. Identify


    2. The first step towards automation is to identify the data sets that require regular manual manipulation as well as the databases or software systems where the information resides. Processes could be either data entry/transfer (e.g., entering employee demographic information) or the processing and interpretation of data (e.g., share usage projection). This is the time to really brainstorm. Every single process you do can go on your list; each process may include several steps that should be broken down into individual opportunities for automation. Take your list and create a spreadsheet with a list of each process, where the data originates, where it needs to be transferred to, and what departments or outside service providers are involved.

    Take time at this step to get to know each of the database or software systems that your data touches because this knowledge will carry forward to each piece of automation you build. Drill down each system’s capabilities for formatting output of data and accepting data as an upload. If you are manipulating data for analysis, it may be possible to build data output reports that either reduces the manual processes for analyses or provides the data in a format that requires no further manipulation. When starting your automation project plan, you are only looking to understand the potential from each of your data systems; you don’t need to detail the entire business specification at this point.

  2. Prioritize and Build

    3. Once you have identified which data processes are candidates for automation, it’s time to prioritize. A good place to start is to eliminate the processes that require data output formats that your systems can’t accommodate at this time. These items can take a different route as topics to approach with the database architects, whether they are internal or external contributors. Rate the remaining processes on how easy each is to automate as well as how significant the process is. Significance is the more difficult to define because it could mean processes that impact the highest volume of data, represent the highest risk of error, or are components of the most visible data outputs. This helps when determining which pieces of automation to tackle first.

    Once you’ve established your project priorities, build your automation. You don’t need to tackle projects one at a time. You may find that some pieces may build on each other because they use the same original data. Additionally, you may be able to oversee more than one automation project simultaneously if the process requires time commitments from separate groups.

  3. Bust

    4. The final step for automating a process is to break the automation. Well, at least try your hardest to break it. Take each piece of the automation and think of as many situations as you can where data will feed into or come out of that process, even if it’s not what the process was originally intended for. Don’t limit yourself to using correct data, either. It’s important to know what will happen if incorrect or incomplete data sets are used so that you can recognize these problems if or when they happen in the future. Remember, you may not be the only one using the process and it could be the platform for further automation in the future.

-Rachel

Tags: , , , , , ,

April 28, 2011

Data Privacy

California is serious about privacy–so serious that it’s an “inalienable right” in the California constitution. This should give consumers–and employees–in California an extra bit of confidence that their own personal information won’t fall into the wrong hands. It does, however, create some rather frustrating experiences when a California resident actually wants his or her personal information to be transferred out of the state. For example, if you are a resident of California you may find yourself at an out-of-state bank branch talking to a perfectly nice teller who insists you don’t have an account until you admit you are from California at which point he will say, “Oh…California. Why didn’t you say so?” In this respect, California may have more in common with the EU or Japan than with the rest of the United States.

Aside from the quirky anecdotes that data privacy laws provide, there are serious considerations for companies with international (or California) subsidiaries. HR, payroll and equity compensation practices must ensure that the very essential, but also very private, employee data is transmitted without violating applicable laws. Payroll considerations can be accomplished with relative simplicity compared to equity compensation by virtue of local payroll processing. The distinct difference for HR and stock plan management is that most companies want to house relevant information in one central location or database.

Consent

Just like my fun bank experience, this is an instance when employees should want to have their information transmitted–after all, it’s going to create a tangible asset for them. But, operating on the idea that you have a right to access the necessary information to create and manage grants for your employees isn’t enough. In many locations, employees must actually consent to have their personal information sent to you and also sent on to the broker who will ultimately facilitate transactions for them.

Compliance

The burden for ensuring your company policies compliant with data protection laws hopefully falls on your legal team. However, ensuring that equity compensation practices adhere to the policies is an ongoing consideration for stock plan management teams. Here are three important areas to consider when it comes to data privacy:

Incoming data -exactly what information about employees you collect and house in your stock plan administration database and how you access that information

Outgoing data – each instance where individual private information must be transmitted out of the stock plan administration database

Communications practices – when and how you are sending personal information back to your employees

Once you have established that your current practices are compliant, keep data protection in mind any time you are going to engage in a one-off situation involving the transmission of personal information. If you are in a merger situation, have opened a new office, or are partnering with another department to perform a data audit, these are all examples of situations where taking a moment to confirm that you are maintaining compliance with data privacy laws is a good idea.

Resources

The NASPP’s Global Stock Plans portal has several matrices that include data privacy issues companies should consider internationally. They can be found along the left column of the portal. We also have an update from Latham & Watkins on data privacy and protection in Germany, the UK, and Spain prompted by the draft Federal Data Privacy Act being considered in Germany. The Act could place more tringent qualifications on obtaining employee consent to collect and distribute personal information.

-Rachel

Tags: , , , ,