Why is security around HR tech and tools such a pain?

Your crappy UX isn’t a state secret.

Just because your product or website is hard to use doesn’t make me a scammer.

Listen, I get it. UX design is hard. Especially when privacy and security are a big part of what you do.

But if you have a product or agency that was created to manage private and sensitive data, it is incumbent on YOU to create processes and tools to help users handle that information properly.

(If you don’t know, UX = user experience. In other words, how easy or hard your thing is to use.)

If your tools and processes suck, people will mess up the thing that your organization is supposed to be the steward of.

Let’s take admin permissions. 

Yes. It makes sense to add some friction to make sure that users don’t accidentally give access to someone who shouldn’t see it.

But people with a lot of responsibility are busy.

If they can’t figure it out in a minute or two, they’re going to delegate figuring it out to someone with the time. 

If that person can’t figure it out, they’ll call you for guidance. 

No. They can’t get The Boss on the phone.

We got here because The Boss didn’t have time to deal with your BS or sit in your call queue for an hour (only to have the call drop half the time).

If you need The Boss’s permission, that’s fine. Describe the steps that they need to follow so the delegate can walk them through it at a time that's convenient for The Boss.

You’re not protecting anyone by refusing to describe the steps.

A help center article isn’t a top-secret asset.

A quarterly password reset requirement is no good if the notification goes to spam and everyone gets locked out.

And why in the world should phone permissions be different from login permissions? That’s stupid.

Stop it. 

Just stop.

I specialize in payroll, benefits, and compliance. I make a living by treating sensitive information with care.

I’ve been trusted with thousands of people’s secrets over the course of my career. Tens of thousands, maybe. Uncountable, really.

Social security numbers

Financial data

Taxes

Health information

Personal tragedy

Conflict

It’s a big responsibility. I take it seriously.

In fact, that’s why they hired me to figure your nonsense out for them. 

So please cut the sh*t and tell me where in your menus the admin permissions live.