What's On Your Mind?

Posted on January 27, 2012 by Joseph Lazzarotti

In recognition of Data Privacy Day (January 28, 2012) and to facilitate a more interactive experience for our readers and subscribers, we want to extend to you the opportunity to tell us what is on your mind in the world of data privacy, social media and information management.

For the last two years, we have brought you developments on a wide range of issues concerning these topics. We realize many of you might like us to report on or provide information concerning certain issues/topics that we have not covered before. If so, please tell us!

To submit a topic, you can email us at informationrisk@jacksonlewis.com, or reach out to us through our Workplace Privacy Report on Facebook and Twitter. Feel free to “Like” our Facebook page and “Follow” us on Twitter by clicking on the corresponding buttons on the right below. If we select your topic, we will reach out to you privately to see if you would like us to identify you in the responsive post.

Of course, what would any communication from a lawyer be without a DISCLAIMER?

We look forward to hearing from you!

Tags: ,

Second Social Media Report From NLRB Acting General Counsel

Posted on January 25, 2012 by Joseph Lazzarotti

Today, the NLRB's Acting General Counsel posted a second report concerning social media issues and the National Labor Relations Act. The cases discussed in this report should provide further guidance to employers struggling with developing strategies for using social media in their business, developing employee policies regulating activity in social media, and enforcing those policies. Look for follow up analysis from us and our Labor partners.

Check out our prior reporting on related developments.

Tags: , , , , ,

Social Media Guide for Hospitals

Posted on January 21, 2012 by Joseph Lazzarotti

The ECRI Institute recently published an excellent summary of key issues for hospitals concerning social media (registration required), a valuable read for any hospital administrator, risk manager or human resources director. ECRI reports that approximately 4,000 U.S. hospitals own social media sites and that number is sure to grow significantly. One of the reasons for this growth will likely be due in significant part to the increasing number of people looking to social media to research health decisions. According to a National Research Corporation survey cited in the summary, 41% of nearly 23,000 respondents said that they used social media for this purpose.

The summary discusses critical areas for healthcare organizations to consider concerning social media, which can be applied to most other industries:

  • Understand the medium - what is social media, what are the different venues (Facebook, LinkedIn, FourSquare etc.), what is the competition doing, what new media is coming.
  • Determine desired uses - promotion of services/sales, recruiting, reputation management, community involvement, education, and so on. 
  • Assess risks - privacy, network security, employment, reputation, regulatory, malpractice, and protecting the brand.
  • Develop policies and procedures - control company message and regulate employee activity.
  • Implement and train and reevaluate - limit the number of employees who can speak for the organization, train employees on legal risks (such as with HR looking up applicant/employee background information on line), determine whether social media plan is producing desired results

Businesses in all industries are "going social," and should be developing a comprehensive plan before doing so. The ECRI summary provides a good starting point for thinking through some of the issues, particularly for those in healthcare.   

Tags: , , , , , , , , , , , ,

Mere Placement of Surveillance Cameras in Restroom Sufficient for Iowa Invasion-of-Privacy Claim

Posted on January 3, 2012 by V. John Ella

An invasion-of-privacy claim against an insurance agent brought by his former employee should proceed even where a surveillance camera placed by the agent in the workplace’s unisex bathroom was faulty, the Iowa Supreme Court has ruled. Koeppel v. Speirs, No. 08-1927.

The district court dismissed the invasion-of-privacy claim on summary judgment because there was no proof that the equipment was operational or that the employer had actually viewed any recordings of the employees. The Court of Appeals reversed the dismissal, and on December 23, 2011, the Iowa Supreme Court affirmed the reversal and remanded the employee’s common law privacy claim to the district court.

The issue before the Iowa Supreme Court was whether an actual "viewing" was a necessary element of an invasion-of-privacy claim involving hidden monitoring equipment. Courts in other states have split on the issue. After analyzing decisions from other states and law review articles on privacy law as well as the origin of the term, "peeping Tom," the Iowa Supreme Court held that an actual viewing was not required. Following the reasoning of a 1964 New Hampshire Supreme Court decision, it concluded an intrusion occurs when the defendant performs an act that has the "potential to impair a person's state of mind and comfort associated with the expectation of privacy."

The Iowa Supreme Court said, "[W]e think it is important to keep in mind that the tort [of invasion of privacy] protects against acts that interfere with a person's mental well-being by intentionally exposing the person in an area cloaked with privacy." It determined that “[a]n electronic invasion occurs under the intrusion on solitude or seclusion component of the tort of invasion of privacy when the plaintiff establishes by a preponderance of evidence that the electronic device or equipment used by a defendant could have invaded privacy in some way.” Thus, under Koeppel, a victim's mental state can be more important to an invasion of privacy claim than what the defendant actually viewed, accessed, or shared. (The employee here also sued for sexual harassment, but that claim was dismissed because an employer with fewer than four employees is not liable for sexual harassment under Iowa law.)

An invasion-of-privacy claim in Iowa, therefore, need not include a showing that the monitoring device was functioning at the time it was discovered or that it was ever used. It is sufficient that the device was capable of functioning.

Tags: , , , ,