I have a seasonal job that for whatever reason treats me as a new employee every year.
In the past I’ve been able to able to complete much of the on boarding process from home. This consists of agreeing to many (healthcare field) policies.
The offer of employment comes with link to a company called CareerPlug. I set a password and login. The first page wants personal information, address etc.
AND my social security number. I think to myself why does this third party site need that?
So I move on. The next page wants my direct deposit info, including bank info.
So I stop. I’m just not comfortable giving this data to a company that I don’t have any relationship with.
Am I being needlessly paranoid? Is this SOP these days?
An employer using a third-party firm to do some/all of their HR services, whether it’s just ADP for payroll or something more is actually quite common. With the exception of the insurer themselves, I don’t know of a company that ‘offers’ health insurance; they contract with an outside firm (like Blue Cross, Cigna, Aetna, etc.) to provide it to you.
This case just sounds a bit more transparent to you than giving your info to your company’s HR dept & them entering/forwarding it to CareerPlug. A quick call to your employer’s HR dept will confirm if CareerPlug is indeed their vendor, in which case no issue.
If your employer has outsourced HR, onboarding, or payroll, the “third party” may be legitimately their agent for these functions, so (ideally) giving them PII necessary to fulfill their function is no different than giving that information to an organic part of your employer.
“IF”. I’d double-check back-channel to make sure the offer email is legit, as is the link to this third party. But don’t be surprised if it is.
You need to call your employer and ask if they are using CareerPlug to do payroll. It’s perfectly legit for the company doing payroll to ask for your direct deposit info, naturally.
If CareerPlug is some kind of background check thing, I’d be a lot more suspicious.
Looking online, it seems Career Plug handles the applicant and follow-on screening and on-boarding process. I’m not seeing any mention of payroll capability on their site or else I’m sure they’d mention that. So, I’d ask the company if CareerPlug is handling the payroll as well.
Sounds like they are aggregating information like a credit bureau and will use that for the determination of eligibility for a job.
I haven’t posted back because I’ve been waiting for a call from HR.
Still waiting.
I’m pretty sure this is legit. My main issue with this was the request for sensitive info.
In years past this link was used for mandatory policy agreements and online classes.
These generic things can take 4-6 hours. Screw them. I’ll waste that time on the clock.
I’ll pass on giving CareerPlug the data myself. When it is inevitably hacked and stolen I’ll be pissed off in a useless I told you so kind of way.
You can assume that choosing not to participate in careerplug means not participating in having that job. Which may or may not be OK with you.
*Somebody *is going to have your bank info so they can pay you. Whether careerplug is safer than ADP or your actual employer for that is unknown and probably unknowable.
In years past my wife took a part time hobby-job w a relatively flaky company. Who wanted our banking info for the very reasonable purpose of direct depositing her wages. We thought it was at least plausible they’d make mistakes or “mistakes” and perhaps pull money back out at an awkward time. Perhaps 10x her actual wages.
So we set up a second checking account just for them. They direct deposited to that account, and the next day I e-transferred it from that account to our “real” checking account. They were free to no-notice “repossess” as much money as they could get out of the drop account. Typically $5.
I work for a company that makes HR/Payroll software. We have a module much like you describe - it gathers the required new hire paperwork so the new employee can be set up in payroll system (among other things).
Given that your sensitive information is going to end up in some kind of electronic payroll system anyway, I’m not sure boycotting the info-gathering step is going to buy you much security. When it comes right down to it, to get paid, the company needs this information.
That said, at least for us, we treat this info incredibly carefully. We have in-house security experts that regularly review our systems, and ethical hackers who actively try to steal it. All our developers are sent to security training. We very much know that one data breach could likely bring down the company, and most of us like our jobs, so we do indeed take it very very seriously. That’s not to say that shit can’t happen, but it’s not like we’re sitting around not paying attention. I’m guessing that any company that gathers this info is the same.
It’s stupid for your employer not to have told you, and that the site doesn’t have a little javascript widget next to the field, that you can hover over and it tells you why they need the info.
I don’t think the OP is being “needlessly paranoid” … it’s only paranoia if it’s irrational, all of us have an abundance of good reasons to fear giving out our SSN … for employment and soliciting credit, we have to give our SSN, we take that risk to get the job or mortgage and just hope Experian never gets hacked …
I’ve made it something of a hobby to refuse to give my SSN in all other cases, and in these cases there’s always another way … many of these places are only using your SSN to identify you, rather than generate their own numbering system … I count as a “win” condition when I receive a letter telling me the files were hacked and the hackers have my SSN, when in fact those files never had my SSN … hahahaha …