Gartner Research

Data Protection and Human Resources: Bridging the Gap Between Privacy Policies and Information Practices

Published: 14 July 2006

ID: G00203192

Analyst(s): Lori Robinson, Mike Neuenschwander, W. Scott Blackmer


Enterprise organizations are increasingly challenged to safeguard sensitive and proprietary data and secure physical facilities. To accomplish this, employers are implementing technologies such as surveillance systems, smart cards, and biometrics which control and monitor employee activity. As a result, employers are confronted with the difficult task of securing the enterprise environment without infringing on their employee's right to privacy. In this overview, W. Scott Blackmer, Esq. details the laws and regulations governing human resource data and outlines considerations for implementing technology and information practices while protecting the rights of the employee.

Table Of Contents



  • Increasing Regulation of Employee Information
    • Worldwide Rise in Personal Information Regulation
  • The Challenges of Privacy Compliance in the Enterprise
  • HR Databases and Data Feeds
  • “Sensitive” Data
  • Outsourcing and Vendors
    • HR Privacy Products
  • Recommendations

The Details

  • The Human Resources (HR) Lifecycle
    • Recruitment
    • Hiring
    • Personnel Administration
    • Separation
    • Categories of Personal Data
    • Data Retention
  • Employee Monitoring and Surveillance
    • Employee Monitoring in the United States
    • Employee Monitoring in Europe
  • Privacy Law and Employment
    • Legal Concepts of Privacy
    • Information Privacy
    • Fair Information Practices
    • United States
  • Canada
  • Europe
  • Data Transferred from Europe
  • Other Countries
  • Standards, Policy Frameworks, and Best Practices
    • OECD Information Security Guidelines
    • ISO 17799/BS 7799
    • ISTPA Privacy Framework
    • AICPA/CICA Privacy Framework
    • Other Sources of Information Security Best Practices
  • Other Resources



©2020 Gartner, Inc. and/or its affiliates. All rights reserved. Gartner is a registered trademark of Gartner, Inc. and its affiliates. This publication may not be reproduced or distributed in any form without Gartner’s prior written permission. It consists of the opinions of Gartner’s research organization, which should not be construed as statements of fact. While the information contained in this publication has been obtained from sources believed to be reliable, Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Although Gartner research may address legal and financial issues, Gartner does not provide legal or investment advice and its research should not be construed or used as such. Your access and use of this publication are governed by Gartner’s Usage Policy. Gartner prides itself on its reputation for independence and objectivity. Its research is produced independently by its research organization without input or influence from any third party. For further information, see Guiding Principles on Independence and Objectivity.

Already have a Gartner Account?

Become a client

Learn how to access this content as a Gartner client.