On September 25, a four-year old boy from New Jersey died of Enterovirus D-68, reports myfoxphilly.com. Increasingly, there are reports about potential Ebola cases in the U.S. Naturally, the spread of infectious disease raises concern for everyone, particularly for healthcare workers who want to do their jobs, and also protect their families. There are already … Continue Reading
Two recent surveys provide some detailed analysis of cybersecurity and its impact in today’s world. The Global State of Information Security Survey 2015, conducted by PricewaterhouseCoopers LLP (PWC), found a 48% increase in the number of security incidents detected from 2013. PWC surveyed more than 9,700 security, information technology and business executives found a total … Continue Reading
The Internal Revenue Service issued a fraud alert for international financial institutions complying with the Foreign Account Tax Compliance Act (FATCA). According to the report, scam artists posing as the IRS – through attacks known as “phishing attacks” – have fraudulently solicited financial institutions seeking account holder identity and financial account information. Financial institutions regularly … Continue Reading
The National Labor Relations Board has found that another employer (a non-union employer) violated its employees’ protected concerted activity rights under the National Labor Relations Act (NLRA) when it disciplined and fired them for certain social media activity. Our Labor Group provides an extensive analysis of this decision in Triple Play Sports Bar and Grille, 361 NLRB No. 31 … Continue Reading
As we reported earlier, Florida lawmakers passed extensive revisions to its existing data breach notification law, SB 1524. On June 20, 2014, Florida’s Governor Rick Scott signed the bill into law, which becomes effective on July 1, 2014. Our earlier post provides more of a discussion about key provisions of the law. But here are a … Continue Reading
Add Oklahoma to the list of states prohibiting employers from requesting or demanding access to the personal social media accounts of employees or applicants. Signed into law by Gov. Mary Fallin, H.B. 2372 becomes effective November 1, 2014. In addition to being prohibited from requesting or demanding usernames or passwords from employees or applicants to their … Continue Reading
Effective January 1, 2015, Tennessee employers, including government entities, will be prohibited from requesting or requiring access to the private social networking or online accounts of employees and job applicants under the Volunteer State’s “Employee Online Privacy Act of 2014,” signed by Governor Bill Haslam. Our Tennessee colleagues outline the key provisions of the law, including some of … Continue Reading
Kentucky Gov. Steve Beshear signed H.R. 232 on April 10, 2014, making the Commonwealth the 47th state to enact a data breach notification law. The law also limits how cloud service providers can use student data. A breach notification law in New Mexico may follow shortly. Data Breach Notification Mandate The Kentucky law follows the same general structure of … Continue Reading
The United States Equal Employment Opportunity Commission (EEOC) recently held a meeting to gather information about the growing use of social media and how it impacts the laws the EEOC enforces. During the meeting, a panel representative from the Society for Human Resource Management (SHRM) explained that employers use different types of social media for various … Continue Reading
A New Jersey student has filed a federal court lawsuit, H.W. v. Sterling High School District, alleging that she has been subject to disability discrimination and that her First Amendment rights have been violated. The student, known only as H.W. in court papers, was banned from the prom, senior trip, and the school’s commencement ceremony following … Continue Reading
Many organizations believe they have taken all steps necessary to eliminate the risk of a data breach. They often point to the organization’s deft IT team and tout the installation of some of the latest software solutions to protect sensitive data. However, some of these same organizations often fail to take some very basic steps … Continue Reading
San Francisco has joined the growing numbers of cities and states around the country implementing “ban the box” legislation which restricts inquiries regarding an applicant’s criminal records on applications for employment and during job interviews. The EEOC recommends “banning the box” in line with its guidance regarding convictions and consideration in use of information based … Continue Reading
The National Labor Relations Board (“NLRB”) continues to be active in its review of employer social media policies. In recent years, the NLRB’s review of social media policies has focused largely on whether an employee would reasonably construe the language of the policy as prohibiting him or her from engaging in activity protected by Section … Continue Reading
According to an FTC press release, identity theft tops the national ranking of consumer complaints for 2013, with American consumers losing a reported $1.6 billion to fraud last year. Here is how some of the numbers break down: Fourteen (14) percent of the more than two million complaints to the FTC (or 290,056) stemmed from identity theft. Thirty … Continue Reading
A significant percentage of “recycled” computers were found to still contain personal information, according to a study conducted by the National Association for Information Destruction (NAID). As reported in e-Place Solutions, the NAID-ANZ Secondhand Hard Drive Study, found that “15 of 52 hard drives randomly purchased contained highly confidential personal information.” What kind information: “spreadsheets … Continue Reading
After years of identity theft holding the top spot for crimes reported to the Federal Trade Commission, and following recent reports of massive data breaches, U.S. Attorney General Eric Holder urged Congress today to enact a national law setting a uniform standard for notifying individuals regarding breaches involving their personal information, according to a report by … Continue Reading
Ask the average person what they know about Bitcoin and they might be able to tell you that it is a digital currency. Most have probably heard the name mentioned in articles about its giant fluctuations in value or in connection with black market internet transactions. Beyond that, how Bitcoin actually operates remains relatively unknown … Continue Reading
Healthcare providers and their business associates frequently face difficult questions relating to when they are able to share protected health information with the family members and friends of the patients they serve. These questions often require consideration of a number of different laws and rules, such as HIPAA, Federal alcohol and drug abuse confidentiality regulations, state mental … Continue Reading
A study (registration required) by two data security firms, Norse in Silicon Valley and SANS, discussed in a recent L.A. Times article, confirms the concerns raised by the FDA and others about increased use of internet-connected medical devices by healthcare providers and the corresponding increase in the information systems of those providers being attacked, and in some … Continue Reading
If the intersection of social networking and workplace privacy laws piques your attention, you may find an article written by my colleague Michael Frankel particularly interesting. He writes about a recent case, Pecile v. Titan Capital Group, LLC out of New York, where the court refused to grant the defendants’ request for access to the plaintiffs’ … Continue Reading
If you are a public sector employer, you may be particularly interested in an article written by my fellow shareholder and practice group member, Marlo Johnson Roebuck. She writes about a recent case, Graziosi v. City of Greenville, involving a police department’s decision to terminate a police officer for statements she made on Facebook. As … Continue Reading
A report issued by the Department of Health and Human Services Office of Inspector General (“OIG”) concludes that the Office for Civil Rights (“OCR”) did not meet all of its federal requirements for oversight and enforcement of the HIPAA Security Rule. While the report noted OCR met some of these requirements, it also found that: … Continue Reading
Fingerprints, voice prints and vein patterns in a person’s palm are three examples of biometrics that may be “moving into the consumer mainstream to unlock laptops and smartphones, or as a supplement to passwords at banks, hospitals and libraries,” reports Anne Eisenberg at the New York Times. Of course, these technologies, aimed at increasing security and, … Continue Reading
Privacy and data security issues and concerns do not stop at the water’s edge. Companies needing to share personal information, even when the sharing will take place inside the same “company,” frequently run into challenges when that sharing takes place across national borders. In some ways, the obstacles created by the matrix of federal and … Continue Reading
