Archives: Workplace Privacy

Subscribe to Workplace Privacy RSS Feed

Wearables, Wellness and Privacy

Bloomberg BNA (subscription) recently reported that this fall the Center for Democracy & Technology (CDT) will be issuing a report on Fitbit Inc.’s privacy practices. Avid runners, walkers or those up on the latest gadgets likely know about Fitbit, and its line of wearable fitness devices. Others may know about Fitbit due to the need … Continue Reading

The Hololens From Microsoft – Help Can Be Right Under…Over Your Nose

The saying – never let them see you sweat – soon may be more difficult to accomplish with Microsoft’s Hololens. Like Google Glass, the Hololens is worn as a headset. But this device has a “plurality” of sensors that gather a range of biometrics parameters (heart rate, perspiration, etc.) which determine along with other information … Continue Reading

Connecticut State Contractors, Health Insurance Industry Businesses Subject to Enhanced Significant Data Security Mandates

In June, Connecticut’s governor signed into law Senate Bill 949 which amended the State’s breach notification statute. The requirement that covered businesses must provide one year of identity theft protection services for certain breaches, easily the most popular aspect of the legislation, may have diverted attention from some significant aspects of this new law. Senate Bill … Continue Reading

Connecticut Enacts SB 949 Requiring One Year of Free Identity Theft Protection Services For Certain Data Breaches

Senate Bill 949 is now law in Connecticut, after being signed by Governor Malloy on June 11. As we reported, this law amends the state’s current breach notification mandate to require that for breaches of certain personal information covered business must provide one year of free identity-theft protection for affected persons. So, beginning October 1, 2015, … Continue Reading

Connecticut May Require Businesses to Offer One Year of Identity Theft Protection Services Following a Data Breach, Joining Other States in Strengthening Notification Laws

Following a string of states across the country that have strengthened their data breach notification laws in recent months, Connecticut is about to amend its law to require, among other things, that businesses provide one year of identity-theft protection for persons affected by the breach. Many businesses already extend such services to breach victims, but, … Continue Reading

States Continue to Protect the Personal Social Media Accounts of Employees, with Oregon Likely to Add an Interesting Twist

Over the past few years, states around the country have enacted laws limiting an employer’s ability to access the personal social media accounts of applicants and employees. Earlier this year, Montana’s Governor Steve Bullock signed HB 342 into law. Before that, Virginia enacted a similar measure. On May 19, Connecticut’s Governor added the Nutmeg state to … Continue Reading

SEC’s Division of Investment Management Issues Cybersecurity Guidance

In Guidance Update No. 2015-02, the Division of Investment Management (Division) of the Securities and Exchange Commission (SEC) issued some high-level suggestions concerning the importance of cybersecurity for registered investment companies and registered investment advisers. The guidance outlines a number of measures these entities should consider for addressing cybersecurity risks. Of course, while some of these and other measures may have … Continue Reading

Next Step in U.S. Postal Service Breach – NLRB Sues Postal Service

As discussed in an earlier post, shortly after the United States Postal Service reported a data breach potentially affecting hundreds of thousands of  employees, the American Postal Workers Union filed an unfair labor practice with the National Labor Relations Board alleging the Postal Service should have bargained with the union over the impact and response to the … Continue Reading

Employee Apps = Employer Data Risk?

Many mobile app developers do not place a high priority on data security, as illustrated by a recent IBM/Ponemon study: Fifty percent of mobile app developers have no budget for security. Forty percent of companies don’t scan mobile app codes for vulnerabilities. The average company tests less than half of the apps it builds for … Continue Reading

Illinois Attorney General Seeks Stronger Data Breach Notification Law, Requirement to Safeguard Personal Information

Reacting to a report that identity theft was a top concern for Illinois residents (second in a list of ten), Attorney General Lisa Madigan announced a legislative proposal to strengthen the state’s existing data breach notification law. The call for stronger breach notification laws is a trend that has emerged in other states, such as … Continue Reading

Secretary in Germany Successfully Challenges Employer’s Monitoring…Is Your Monitoring Program Defensible?

According to a report by Deutsche Welle, the German Federal Labor Court held that employers may monitor employees only when they have concrete suspicions of wrongdoing that are based on fact. In the U.S., the standards for engaging in monitoring employees may not be quite that high, but employers should be thinking about whether a … Continue Reading

Employer FAQs: Responding to the Anthem Breach

The first massive data breach of 2015 hit one of the country’s largest insurance issuers, Anthem, Inc., including Anthem Blue Cross and Blue Shield and other related entities (Anthem). The incident reportedly affected over 80 million persons who are or were covered under a policy or program insured or serviced by Anthem. The personal note … Continue Reading

FTC Announces “Concrete Steps” for IoT Privacy and Security

As the vast array of internet-connected devices mushrooms, and technologies permit those devices to communicate with one another, calls for privacy and security can be heard. On the heels of a recent victory in the ongoing LabMD case, the Federal Trade Commission (FTC) announced yesterday “concrete steps” businesses can take to enhance the privacy and … Continue Reading

Data Security in 2015 for Banks, HIPAA Covered Entities, and Small Businesses Too

Some have called 2014 the “Year of the Data Breach.” That may be true given the steady stream of large-scale data breaches affecting tens of millions of individuals. We do not know if this time next year commentators will be saying the same thing about 2015, but there are signs pointing to a significant tightening … Continue Reading

“Employees Must Be Permitted To Use Company Email for Statutorily Protected Communications” -NLRB

We reported earlier that the National Labor Relations Board had been considering changing its previous position that  “employees have no statutory right to use the[ir] Employer’s e-mail system for Section 7 purposes.”  The NLRB’s position in this regard was established in 2007, under the NLRB’s ruling in Register Guard.  Today, in Purple Communications Inc. and … Continue Reading

Does the Secret Service Need a BYOD Policy? Addressing Personal Device Usage in the Workplace

According to a November 13, 2014 article in the New York Times (based on a review by the Department of Homeland Security), an intruder was able to enter the White House back in September due to a succession of performance, organizational, and technical failures.  One of the specific findings was that: “Omar Gonzalez, the man … Continue Reading

OCR Issues Ebola Guidance on HIPAA Privacy

According to the New York Times, Bellevue Hospital Center patient Craig Spencer, the first New Yorker to be infected with Ebola, is scheduled to be released today. And while the intense reporting about Ebola has subsided, perhaps indicating a lowering of the perceived threat of Ebola spreading further in the U.S. (although many continue to … Continue Reading

California Minors Gain Privacy Rights in the Online World

Thanks to a new state law enacted to protect minors from the modern follies of youth, minors in California can ring in the New Year by permanently deleting their regrettable online posts. This so-called “Online Eraser Law” – signed by Governor Jerry Brown on September 23, 2013 – will take effect on January 1, 2015. … Continue Reading

Tough Future for Shirking?

The October 25, 2014 issue of the Economist, a U.K. business news periodical, contains a tongue-in- cheek guide to “skiving,” which apparently is the British word for shirking on the job. The piece highlights the challenge and opportunity created by new technology for employees who want to pretend to work, rather than work. It notes: … Continue Reading

On the Heels of FTC, FCC Joins GPEN to Better Watch Data Abroad

Data is rarely still. It is captured, processed and moved around the world at speeds we wouldn’t have dreamed possible 20 years ago. Data often disrespects borders. By way of example, companies often mistakenly store personal data in the cloud to be accessed by multiple international locations, without considering the legal rights of the data … Continue Reading

Ebola Preparedness – Listen To A Discussion By Jackson Lewis Practice Group Leaders

Effective management of an Ebola infection in your business can be dramatically enhanced by some careful planning. If you are addressing safety and health issues, questions about whether an employee should come to work (or employees who don’t want to come to work because of a belief there is an infected employee there already), or … Continue Reading

Ebola Presents Significant Workplace Challenges

We addressed the dangers of “snooping” into patient records by hospital workers spurred by incidents of Ebola and Enterovirus D-86 in the U.S. Of course, the workplace challenges created by Ebola, Enterovirus D-86 and other contagious diseases and illnesses in the workplace go far beyond snooping, and far beyond healthcare employers. Employers in all industries are facing dilemmas in … Continue Reading

Enterovirus D-68 and Ebola Cases Raise Privacy Concerns for Healthcare Providers and their Workers

On September 25, a four-year old boy from New Jersey died of Enterovirus D-68, reports Increasingly, there are reports about potential Ebola cases in the U.S. Naturally, the spread of infectious disease raises concern for everyone, particularly for healthcare workers who want to do their jobs, and also protect their families. There are already … Continue Reading