Welcome to the Workplace Privacy, Data Management & Security Report!
Concerns over privacy and data security have been fueled by the technological explosion and the vital role information plays in our society and marketplace. The potential for significant financial and reputational harm to businesses and individuals caused by unauthorized disclosures or accessing of personal information amplify those concerns, particularly in certain industries, such as health care, finance, insurance and data management. At the same time, the need for human interaction has collided with technology and the desire for information to help drive the social media phenomenon that impacts coffee shops and workplaces globally.
This Report tries to help readers keep current with some of the key legal developments in these and related areas so they can better assess and address their business and workplace risks — and opportunities — in the digital age. Most of the developments covered will involve issues of federal, state, local as well as international data privacy, security and social media laws and case law. We try to keep you engaged as courts and governmental agencies weigh in on data privacy and security standards, monitoring of individuals’ locations and communications through GPS and other technologies, interactions in social media, data breach incidents, and agency audits and investigations. At the same time, we try to offer insights that will help you develop enterprise-wide preventive strategies for your organizations. We all need to pay attention and be aware of the directions in which these important laws are developing. We hope you enjoy our posts and, if you get a chance, let us know what you think.
A few other thoughts before you move to our latest posts. This Report is made available and operated by Jackson Lewis P.C. for informational purposes only. It is not intended as legal advice nor does it create an attorney/client relationship between Jackson Lewis P.C. and any readers or recipients. Readers should consult counsel of their own choosing to discuss how these matters relate to their individual circumstances.
In addition, the resource material for our blog posts is varied, and includes government publications, complaints filed and decisions issued, as well as various reports from the media. These materials may include allegations or facts determined after resolving the credibility of witnesses. In reporting on these matters, the Firm takes no position on the truth or falsity of the allegations or the appropriateness of those credibility determinations.
Finally, Jackson Lewis P.C. represents management exclusively in workplace law and related litigation. Our attorneys are available to assist employers in their compliance efforts and to represent employers in matters before state and federal courts and administrative agencies. For more information, please contact the attorney(s) listed or the Jackson Lewis attorney with whom you regularly work.
Jason C. GavejianEmail
Jason C. Gavejian is a Principal in the Morristown, New Jersey, office of Jackson Lewis P.C. and a Certified Information Privacy Professional (CIPP/US) with the International Association of Privacy Professionals.
Mr. Gavejian represents management exclusively in all aspects of employment litigation, including restrictive covenants, class-actions, harassment, retaliation, discrimination and wage and hour claims in both federal and state courts. Additionally, Mr. Gavejian regularly appears before administrative agencies, including the Equal Employment Opportunity Commission, the Office for Civil Rights (OCR), the New Jersey Division of Civil Rights, and the New Jersey Department of Labor. His practice also focuses on advice/counseling employers regarding daily workplace issues.
As a Certified Information Privacy Professional (CIPP/US), Mr. Gavejian focuses on the matrix of laws governing privacy, security, and management of data and regularly contributes to the Firm’s Privacy Blog.
Mr. Gavejian’s work in the area of privacy, data security, and e-communications includes counseling international, national and regional companies on the vast array of privacy and security mandates, preventive measures, policies, procedures, and best practices. This includes, but is not limited to, the privacy and security requirements under the Gramm-Leach-Bliley Act (GLBA) and the Health Insurance Portability and Accountability Act (HIPAA). He has helped companies in all industries to assess information risk and security as part of the development and implementation of comprehensive written information security programs (WISP). Additionally, Mr. Gavejian has assisted companies in developing and implementing social media and bring your own device (BYOD) programs, including policies and procedures to address same. Further, he regularly advises clients on compliance issues under the Telephone Consumer Protection Act (TCPA) and has represented clients in suits, including class actions, brought in various jurisdictions throughout the country under the TCPA.
Mr. Gavejian also represents companies with respect to inquiries from the HHS/OCR and other agencies alleging wrongful disclosure of protected information. He negotiates vendor agreements and other data privacy and security agreements, including business associated agreements. Further, his work in the area of workplace privacy includes helping clients through the process of investigating and responding to breaches of the personally identifiable information (PII) they maintain about consumers, employees, and others, while also assisting clients in implementing policies, practices, and procedures to prevent future data incidents.
Mr. Gavejian’s litigation experience, coupled with his privacy practice, provides him with a unique view of many workplace issues and the impact privacy, data security, and social media may play in actual or threatened lawsuits.
Mr. Gavejian regularly provides training to both executives and employees and regularly speaks on current privacy, monitoring, BYOD, social media, TCPA, and information management issues. His views on these topics have been discussed in multiple publications, including Inc.com, @Law Magazine, Risk and Insurance Magazine, LXBN TV, and HR.BLR.com.
Prior to joining Jackson Lewis, Mr. Gavejian served as a judicial law clerk for the Honorable Richard J. Donohue on the Superior Court of New Jersey, Bergen County.
Joseph J. LazzarottiEmail
Joseph J. Lazzarotti is a Principal in the White Plains, New York office of Jackson Lewis P.C. He coordinates the firm’s Privacy, e-Communication and Data Security Practice and edits the Firm’s Workplace Privacy Blog which can be found atwww.workplaceprivacyreport.com. He also is a member of the Employee Benefits Counseling and Litigation Practice Group. In short, his practice focuses on the matrix of privacy and data security laws affecting the workplace. He also counsels companies on compliance, fiduciary, taxation, and administrative matters with respect to retirement and health and welfare plans.
As a part of Mr. Lazzarotti’s work in the area of data privacy and security, he has counseled multinational, national and regional companies in regard to compliance with the HIPAA privacy and security regulations, as well as broader data privacy and security mandates and preventive safeguards. His work includes conducting on-site executive and employee trainings and helping clients through the process of responding to breaches of personal information. He has also represented companies with respect to inquiries from the HHS Office of Civil Rights and other agencies with respect to alleged wrongful disclosure of protected information and negotiated numerous business associate agreements and other data privacy and security agreements.
Mr. Lazzarotti’s work in the benefits counseling area covers virtually all areas of employee benefits law. For example, as part of the Firm’s Healthcare Reform Taskforce, he advises employers and plan sponsors regarding the establishment, administration and operation of fully insured and self-funded health and welfare plans, which includes counseling concerning the new reform law, as well as assisting in the set up of administrative and other arrangements with third-party administrators, claims administrators and other vendors. He also provides counsel with respect to the design, implementation and operation of retirement and severance plans. His work often involves day-to-day legal advice concerning employee benefit plan operation and administration and trouble-shooting with respect to errors in operation.
Mr. Lazzarotti speaks and writes regularly on current employee benefits and data privacy and security topics and his work has been published in leading employment and business journals such as Bender’s Labor and Employment Bulletin, the Australian Privacy Law Bulletin and the Privacy and Data Security Law Journal. His views on these issues also have been discussed in a number of publications, including Inside Counsel, The National Law Journal, Financial Times, Business Insurance Magazine, and HR Magazine.
Mr. Lazzarotti served as a judicial law clerk for the Honorable Laura Denvir Stith on the Missouri Court of Appeals. He holds a B.B.A. in public accounting, cum laude, from Pace University, and a J.D., with distinction, from the University Missouri-Kansas City School of Law.
Richard I. GreenbergEmail
Richard Greenberg, a Principal in New York City office of Jackson Lewis P.C., is admitted to the bar of the State of New York and the Federal District Court for the Southern District of New York. Mr. Greenberg graduated from Cornell University’s School of Industrial and Labor Relations in 1992 and earned a Juris Doctor degree from Brooklyn Law School in 1995.
He advises both unionized and union-free clients on a full-range of labor and employee relations matters. With respect to traditional labor matters, Mr. Greenberg represents clients in collective bargaining negotiations, labor disputes, grievances and arbitrations, proceedings before the National Labor Relations Board, and in state and federal court. Mr. Greenberg also advises clients on the legal aspects of remaining union-free. With respect to employee relations matters, Mr. Greenberg has extensive experience assisting clients in numerous industries with the development and maintenance of personnel policies and personnel infrastructures. In this regard, Mr. Greenberg often works on these issues with clients as business needs and culture change as a result of business transactions, such as mergers and acquisitions.
Mr. Greenberg regularly advises clients on compliance with the myriad of federal and state employment laws, including the FMLA, FLSA, ADA, ADEA and WARN, as well as new legal developments impacting labor and employment policies and practices.