x Want to participate? Join the group to interact
  • State Not Answered
  • +1 person also asked this people also asked this
  • Replies 4 replies
  • Subscribers 15 subscribers
  • Views 327 views
  • Users 0 members are here
Browse Forums
Announcements
298
topics
217
replies
General Discussion
1k
topics
4k
replies
Prevash_BP365

Questions about Employee Verification Announcement

Posted By

Good morning 

I responded to the announcement  on Thursday  02/11/2023 -  Employment Verification Services Overview  . I think the post might have been removed as I should have not responded to an announcement. I have taken the liberty of adding this to the general discussion.

Thanks for the shared document. We have noticed the prompt for SageId  login since Pastel Payroll 2024 Update 2 was released and installed. 

Your document however does not outline a few concerns for our clients, maybe you can elaborate so we have transparency.

  1. When an Employer activates Employee Verification and although information is not shared at this point , it is however hosted in a location(database) before being shared again with for example a financial institute , in terms of POPIA, does the employee need to consent to this before this step is processed? I do understand consent is given to the financial institute to query this information later on.
  2. What information for each data entity is collected ?
  3. If Employment Verification is disabled on the employee masterfile, is all the employee records removed or will the record just stop appending?
  4. If Sage sees it fit to request permission from employees , we might require a consent form shipped with the system.

Thanks again for your document, however I preempt that questions like these will follow this document when we send it out to clients.  As clients have become more aware of POPIA , behavior around employee data is starting to become more disciplined.

Hope to hear from you soon

  • 0

    Good day Prevash

    Trust you are well

    Please forward your request to the support email so it can be sent to our Dev for feedback 

    Kind regards 

  • 0 in reply to Gilbert Rampou

    Good Day Gilbert

    Thanks for your acknowledgement. I will do so.

    I do however think more people would benefit from the response, if was made on this platform.

    Kind Regards

    Prevash

  • 0

    Good day Prevash

    The answers are as follows:

    1.  When an Employer activates Employee Verification and although information is not shared at this point, it is hosted in a location(database) before being shared again with for example a financial institute, in terms of POPIA, does the employee need to consent to this before this step is processed? I do understand consent is given to the financial institute to query this information later on.

    The information is not shared when an employer signs up with Sage ID. The information is stored on a secured server and nobody has access to the data until it is queried by the third party upon instruction from the Financial Service Provider.

    2.  What information for each data entity is collected?

    There is a variety of data artifacts that are being stored that are relevant to the confirmation of employment and pay information, but again, as stated above – the information is not collected and shared and therefore we do not make the list of data fields publicly available. I will discuss this with the relevant teams and see if there is more information we have to share on this.

    3.  If Employment Verification is disabled on the employee Masterfile, are all the employee records removed or will the record just stop appending?

    The server only stores 3 months’ worth of information. Based on this, any information stored is organically removed in a 3-month cycle.

    4.  If Sage sees it fit to request permission from employees, we might require a consent form shipped with the system.

    Please refer to Q1. The consent is given when the information is requested to be shared.

    I trust the answers are in order

    Regards

    Gilbert

  • 0 in reply to Gilbert Rampou

    Hi  

    Thanks for the response, much appreciated.

    1. The answer to question one is a reiteration of what we understand and not an answer, if you could relook at that one please. 

    2. In Terms of POPIA a data entity  has to be informed of what data is collected in order for them to consent and obviously make sure that the data is correct and an example would be something as simple as a telephone or number or address.  Would we be able to exclude fields ? should the employee not want to share some information?

    3. Thanks for this.

    4. Please refer to statement 1.

    Thanks for your prompt response,

    Much Appreciated

*Community Hub is the new name for Sage City