1.1 PRIVACY AND SECURITY STATEMENT
The use of E-Verify requires the collection of personally identifiable information (PII). Employers must protect the privacy of employees who submit information to be processed through E-Verify and ensure that all personal information collected is safeguarded and used only for the purposes outlined in the MOU.
E-Verify protects PII in accordance with the National Archives and Records Administration (NARA) records retention and disposal schedule (N 1-566-08-7) by annually disposing of E-Verify records that are over 10 years old. This minimizes security and privacy risks associated with U.S. government retention of PII.
Failure to properly protect employee information can result in identity theft or fraud and can cause considerable inconvenience, harm or embarrassment to the employees or employer affected.
At a minimum, follow the steps in the Privacy Guidelines Overview to protect personal information and comply with the appropriate requirements.
Privacy Guidelines Overview
- Allow only authorized users to use E-Verify.
Ensure that only appropriate users handle information and create cases.
- Secure access to E-Verify.
Protect passwords used to access E-Verify and ensure that unauthorized persons do not gain access to E-Verify.
- Protect and store employee information properly.
Ensure that employee information is stored in a safe and secure location and that only authorized users have access to this information.
- Discuss E-Verify results in private.
Ensure that all case results including Tentative Nonconfirmations (TNC) and Final Nonconfirmations are discussed in private with the employee.
- Ensure that all personally identifiable information is safeguarded.
- Provide all clients with training on E-Verify processes, policies, and procedures.
- Provide ongoing E-Verify training as needed to clients.