The use of E-Verify requires the collection of personally identifiable information (PII). Employers must protect the privacy of employees who submit information to be processed through E-Verify. It is your responsibility to ensure that all personal information collected is safeguarded and used only for the purposes outlined in the MOU between E-Verify and the employer/user.
E-Verify protects PII in accordance with the National Archives and Records Administration (NARA) records retention and disposal schedule (N 1-566-08-7) by annually disposing of E-Verify records that are over 10 years old. This minimizes security and privacy risks associated with U.S. government retention of PII.
Failure to properly protect employee information can result in identity theft or fraud and can cause considerable inconvenience, harm or embarrassment to the employees or employer affected.
At a minimum, follow the steps in the Privacy Guidelines Overview to protect personal information and comply with the appropriate requirements.
PRIVACY GUIDELINES OVERVIEW
- Allow only authorized users to use E-Verify.
Ensure that only appropriate users handle information and create cases. - Secure access to E-Verify.
Protect passwords used to access E-Verify and ensure that unauthorized persons do not gain access to E-Verify. - Protect and store individuals’ information properly.
Ensure that employee information is stored in a safe and secure location and that only authorized users have access to this information. - Discuss E-Verify results in private.
Ensure that all case results, including Tentative Nonconfirmations (Mismatches) and Final Nonconfirmations, are discussed privately with the employee.