Skip to content

Survey’s In: 4 Factors Impacting the Employee Experience that Employers Need to Take Seriously

Get the INSIGHTS
Home » Platform » Confidentiality and Security

Maximize Your HR Software’s Data Security

HR Acuity maintains the highest standards for 24/7 data privacy, security, efficiency, accessibility and transparency — all while mitigating legal and financial risk. 

Security Header Image

Ensuring Airtight HR Data Security

There are enough risks within employee relations. Don’t make compromising your organization’s sensitive employee data one of them. Our ironclad four-pillar approach to our platform safety is backed by security experts. 

Data Security Icon

Data Security

All information and data is securely hosted within Microsoft Azure to ensure top-tier security.

Application Security Icon

Application Security

Our application undergoes rigorous development testing and processes to ensure the highest level of security.

Network Security Icon

Network Security

Our encrypted network is constantly monitored against key protection protocols and industry best practices.

Authentication Security Icon

Authentication Security

Our authentication options guarantee that users can securely access data meant for their eyes only, reinforcing confidentiality and data access control.

A Deep Dive Into Our Security Protocols

    • Facilities
      HR Acuity partners with Microsoft Azure to provide our data hosting infrastructure at its Tier IV SSAE-16 and ISO 27001 compliant facilities in the United States. Data center facilities are powered by redundant power, each with UPS and backup generators.
    • On-site Security
      Microsoft data center facilities feature a secured perimeter with multilevel security zones, 24/7 manned security, video surveillance, multifactor identification with biometric access control, physical locks, and security breach alarms.
    • Protection
      Our network is protected by redundant firewalls, best-in-class router technology, secure HTTPS transport over public networks, regular audits, and network intrusion detection and/or prevention technologies (IDS/IPS) that monitor and/or block malicious traffic and network attacks.
    • Architecture
      Our network security architecture consists of multiple security zones. DMZs are used between the internet, and internally between the different zones of trust.
    • Vulnerability and Penetration Tests
      At appropriate stages in the life cycle, vulnerability scans are performed for identification of noncompliance or potential vulnerabilities. At higher-level milestones, penetration tests are performed at the application level with a qualified third-party information security expert using both automated and manual testing techniques. 
    • Logical Access
      Access to our database is restricted by an explicit need-to-know basis, utilizes the least privilege, and is regularly audited and monitored. In addition, employees with access privileges are required to use multiple factors of authentication.
    • Security Incident Response
      Our globally distributed HR data security team is on call 24/7 to respond to alerts and emergencies. In case of a system alert, employees are trained on security response processes, including who to connect with and when to escalate.
    • Encryption in Transit
      Communications between HR Acuity and our users are encrypted via industry best-practices HTTPS and Transport Layer Security (TLS 1.2) over public networks.
    • Encryption at Rest
      All HR sensitive data stored with us is encrypted at rest using Transparent Data Encryption (TDE)/AD.
    • Redundancy
      We have put network redundancies in place to eliminate single points of failure. Client data is actively replicated across primary and secondary DR systems and facilities.
    • Disaster Recovery
      Our Disaster Recovery (DR) program ensures that our services remain available or are easily recoverable in the case of a disaster.
    • S-SDLC
      Security and control are paramount to software development, which is why we use the HR Acuity Secure Software Development Lifecycle (S-SDLC). It’s been designed to ensure the software we produce meets compliance requirements and is free of software security glitches (to the greatest extent possible) so confidential data remains that way.
    • Security Training
      Our system engineers regularly participate in secure code training covering OWASP Top 10 security flaws, common attack vectors and HR Acuity security controls.
    • QA
      QA engineers review and test our code base on a regular basis. Test cases that are created to identify code vulnerabilities must pass inspection before the HR Acuity application even hits production servers.
    • Separate Environments
      All forms of testing and user acceptance testing (UAT) environments are physically and logically separated from the production environment. We also make sure no actual client data is used in the development or test environments.
    • Change Management
      Our S-SDLC uses an Agile/Scrum process for managing system development activity. We have also implemented change management and version control software to ensure that all system development changes are sourced from authorized requesters, validated and prioritized on business, technical and security impact. In addition, all changes deployed are scrutinized for revision control.
    • Authentication Options
      Users can sign in to our application using authenticated credentials or SSO login. User provisioning and permissioning are managed by our clients.
    • Single Sign-On
      Single sign-on (SSO) allows us to authenticate users in HR Acuity without requiring them to enter additional login credentials. We partner with Ping One to enable SSO login for our clients via Security Assertion Markup Language (SAML).
    • Password Policy
      We provide clients with the option to define their password change frequency as well as their repeat policy. Password length and password strength are defined based upon industry best practices. In addition, all password reset links are time-based and expire after one use or a certain length of time. We use Password Managers and Key Vaults.
    • Secure Credential Storage
      HR Acuity user credentials are stored in the database using Bcrypt algorithms.
    • Access Privileges and Roles
      Authorized HR Acuity Users are provided with multi-level permissions based upon user and role credentials. The flexible role-based authorization process is governed by each client to ensure data is secure and only made available to those who require access to it.

Frequently Asked Questions

  • HR Security is a function of Human Resources that not only looks at employee performance and productivity before, during and after their employment, but also ensures that confidential employee and client data remains protected.

  • Ensuring HR data security is critical because human relations professionals often deal with highly sensitive information about employees. When it comes to HR, sensitive data can include personal data such as Social Security numbers as well as privileged information concerning medical histories and more. Protecting this information is critical, making data privacy and HR security extremely necessary and important.

  • HR data can be kept more secure by: 

    • Making sure HR and IT work hand-in-hand 
    • Encrypting appropriate data 
    • Updating relevant HR and ER software regularly 
    • Maintaining periodic data security training 
  • The best way is to start with an established and proven employee relations software solution. Besides being indispensable to your ER team, HR Acuity’s software solutions were designed from the ground up with data privacy and HR in mind, so you know your information is being handled properly, including: 

    • Configurable permissions that give you the power to control who sees what information and who does not. 
    • Centralized documentation that allows for more efficient and secure HR data storage. It allows all team members to be on the same page, while easily accessing the right information at a moment’s notice. 
    • Four levels of data protection that let you know you can be confident your information is safe and secure. We protect you at from every angle: From the servers to the software to the network to authentications, you can rest easy knowing that we take HR data security as seriously as you do. 
Security FAQ Image

Leading Brands Trust HR Acuity

  • AbbVie logo
  • American Cancer Society logo
  • Bill.com logo
  • Children's Mercy Hospital logo
  • Alclear_logo
  • Dana-Farber Cancer Institute logo
  • docusign logo
  • Dow Jones logo
  • handshake logo
  • Indeed logo
  • Instacart logo
  • lyft logo
  • Lyra Health logo
  • MGM Resorts International logo
  • Nasdaq logo
  • New York Life Insurance logo
  • Phillips 66 logo
  • Robinhood logo
  • Roblox logo
  • RWJBarnabas Health
  • Shopify logo
  • Snowflake logo
  • Sony Music Entertainment logo
  • Splunk logo
  • Texas Children's Hospital logo
  • Weill Cornell Medicine logo
  • WEX logo

Our Customers Are Our Biggest Fans

Hear from just some of the people who have benefited from the cutting-edge HR software that HR Acuity has to offer:

  • “HR Acuity truly is the best ER case management and investigation software solution on the market.”

    Christina Myers

    Executive Director of HR Compliance

  • “I can easily discover trends and metrics that help the organization to be more proactive and get ahead of issues. I can see areas of concern and then make decisions on how we will handle them.”

    Christopher Vogelheim

    Associate Director of HR & Employee Relations

  • “Workplace violence issues, harassment, discrimination, and retaliation are our top concerning risks. HR Acuity allowed me to manage hotspots and dig in with valid information of where things are really happening.”

    Jennifer Solecki

    HR Director, Employee Relations

  • “With others, you have to adapt your process to use the tool; with HR Acuity, the process IS the tool. It walks us through, it helps keep it consistent with all of our investigators around the world, and it creates the guardrails for how we run our employee relations cases and investigations.”

    Katie Wilson

    Senior Director, Employee Relations

  • “We are now able to clearly see trends and gaps and can take a proactive approach to our ER. We could never do this type of analysis before we had HR Acuity.”

    Kelly Byrne

    Head of Employee Relations & HRBP NA

  • “HR Acuity gives me the visibility to be able to use the insights and trends to take proactive actions, as well as manage our cases on a day-to-day basis.”

    Sam Tyers

    Senior Director, Employee Relations

  • “HR Acuity has everything we need to handle employee issues consistently, confidently and compliantly. It’s an ER solution that’s built by ER professionals for ER professionals.”

    Stephanie Miller, JD, MBA

    Head of Employee Relations

Is HR Acuity’s Employee Relations Software Worth It? Run the Numbers.

Use our ROI Calculator to quantify the actual value of our software to your employee relations and your organization.

Ready to get started?

Need more information? We’d love to hear what’s on your mind!