The deadline to comply with the GDPR’s complex and far ranging requirements is rapidly approaching. As your organization races to implement its compliance program before the May 25, 2018 effective date, questions and concerns are likely to arise. While there is no shortage of online guidance on the GDPR, finding answers to your specific questions
International
An Employee’s Right of Erasure Under the GDPR
The implementation of the European Union’s General Data Protection Regulation (GDPR), with an effective date of May 25, 2018, is just around the corner, and with it will come pressure on the human resources (HR) department to update its approach to handling employee data. The GDPR significantly enhances employee rights in respect to control over…
Is Employee Consent Under the GDPR Possible?
The European Union’s General Data Protection Regulation (GDPR) is fast approaching and U.S. organizations that control or process personal data of EU residents are likely subject to these new data protection requirements. Now is the time for U.S. employers to determine whether they are covered by the GDPR (see our blog post, Does the GDPR…
ABA Gets Lawyers Heightened Protections for Device Searches at International Borders
U.S. Customs searches have become increasingly invasive over the years. Pursuant to Department of Homeland Security (DHS) policy, U.S. Customs and Border Protection (CBP) operates under the “broad search exception”, which allows searches and seizures at international borders or an equivalent (e.g. international airports) without probable cause or a warrant. CBP’s searches are deemed…
Employers Can Be Vicariously Liable for Employee Data Breaches
The United Kingdom High Court recently issued a landmark liability judgment against the supermarket, Morrisons, following a data breach caused by a rogue employee (Various Claimants v. WM Morrisons Supermarket [2017] EWHC3113 (QB]). Similar results have been reached in the U.S., but this is the first time the UK Court has addressed…
U.S. Employers with EU Employees Gearing Up for GDPR
With the continuing parade of high profile data security breaches, the concern U.S. organizations have about the security of their systems and data has been steadily growing. And rightly so. Almost every organization processes (collects, uses, stores, or transmits) individually identifiable data. Much of this data is personal data, including employee data, which brings heightened…
Does the GDPR Apply to Your US-based Company?
If you’ve been following the headlines, you know that a day doesn’t pass without a reference to the “GDPR”. On May 25, 2018, the European Union (EU) General Data Protection Regulation (GDPR) will take effect, marking the most significant change to European data privacy and security in over 20 years. Most multinational companies, and of…
The EU – US Privacy Shield Passed its First Annual Review
The European Commission recently issued an overall positive review in its first annual report on the E.U. – U.S. Privacy Shield (“Privacy Shield”), after evaluating the Privacy Shield in its joint review with the US last month.
The Privacy Shield took effect in August 2016 replacing the EU – US Safeharbor that was invalidated by…
VOTE 2017 – We’re back thanks to you!
We are proud to once again announce that the Workplace Privacy Report has been nominated for The Expert Institute’s Best Legal Blog Competition.
From a field of thousands of nominees, the Workplace Privacy Report has received enough nominations to join one of the largest competitions for legal blog writing online today. If you enjoy the…
Global Cyberattack Exploits Known Vulnerabilities
As you likely know by now, international cybercriminals launched a worldwide ransomware attack last Friday with the European law enforcement agency Europol reporting over 100,000 affected organizations in 150 countries, including the U.S. Reports indicate that health care providers, universities, and other large companies were all targeted. The Department of Health and Human Services also …