Is truly automated benefits administration the key to mitigating cyber security? 

Cyber-attacks and data breaches can result in significant financial and reputational losses.

The threat is now perceived to be both so severe and likely that employers say this is their biggest people risk

Unfortunately, the level of concern is not being met with the necessary level of action. Not only are employers struggling to recruit people with cyber credentials, but ongoing manual handing of employee data leaves this open to hacking and error.

9 out of 10

cyber-attacks are due to human error, according to the World Economic Forum1

$4.45m

is the global average cost of a data breach2

Educating employees, and providers, to create a better culture of security is important. However, the only real way forward is putting automated system controls and technology to mitigate the risk of human error.

Many employers have already attempted to automate their benefits systems, only to discover that suppliers are still having to conduct manual data extraction. Not only does this increase security risks, but it also inhibits real-time data reporting.

Truly automated benefits administration instead swiftly and seamlessly transfers data between HRIS, payroll and third-party provider systems with no human intervention. Thus eliminating the risk associated with manipulating and moving data from one place to another.

This can only be made possible by streamlining, digitizing and automating administration processes, to fully eliminate the need for manual processes.

A sign that this has been done correctly is that the employer should end up with complete control and full visibility of process and audit tracking for strong governance. So that they could administer their benefits schemes themselves, if they so wished. The inability to manage the administration process directly may suggest that the process is not in fact automated, and that human intervention is taking place behind the scenes. 

A truly automated benefits system should also allow for real-time reporting, analytics and data insights, empowering HR to deliver more strategic work. For example, identifying and removing gender gaps in the benefits offering to remove other reputational risks; or reporting on utilisation and costs to increase the return on investments made in benefits spend.

By streamlining and automating these processes, the opportunities for data issues is significantly reduced and the opportunities for employee engagement increased. 

The data centres used to achieve true automation, should also be ISO 27001 accredited and SOC1 and SOC2 compliant and audited yearly. They must also have highly sophisticated anti-virus monitoring and physical security arrangements.

Some questions employers should ask themselves when looking to mitigate cyber security and personal data risks associated with benefits administration are:

  • Can data be transferred between HRIS, the platform, payroll and providers with no human interaction?
  • Will you have complete control and full visibility of the process – from administration and reporting to content editing and communications?
  • Is there ‘real-time’ data reporting, with no opportunity for human error?
  • Are the data centres used to store data ISO 27001 accredited and secure?
  • Can data be automatically imported from virtually any source?

Another motivation for truly automated benefits administration is to improve the employee experience and reduce the amount of incorrect or lost data.

By automating the back-end processes, the front end can also be delivered in a much more consumer-friendly way, such as visually engaging mobile experience. This means employees can have complete, real-time oversight of all the benefits they’re entitled to and be automatically alerted to new benefits linked to a change in their personal affairs.

For example, if an employee’s payroll is altered to accommodate a different tax code following their marriage, the platform could automatically suggest that they might also want to add their new Spouse to their healthcare insurance. Or if they have a period off work due to a musculoskeletal issue, the system could tell them about free physiotherapy they can access. 

By streamlining and automating these processes, the opportunities for data issues is significantly reduced and the opportunities for employee engagement increased. At a time when employees are struggling with the cost of inflation, having a centralised benefits platform tell them about perks they might not know they are entitled to is incredibly valuable.

It also means the system can signpost them towards other services that might also be of interest. For example, confidential access to mental health support or debt advice, without them having to go through their manager or HR to access this. Pro-actively supporting employees in the moments that matter is a key pillar in becoming an employer of choice.

By automating confidential access to benefits associated with sensitive issues, employees will become more confident to use these services. All of which will help to increase employee trust in data privacy at work and keep their most sensitive data safe.

Author
Guy Clarkson

- UK Digital Growth Leader, Mercer Marsh Benefits

Related solutions
Related insights
Related Case Studies
Related products for purchase
Curated