Employers, you are not out of the CCPA woods yet. If you have been tracking the proposed amendments to the California Consumer Privacy Act (CCPA), you know that businesses and stakeholders have been clamoring to shape the new sweeping law in a number of ways. We reported earlier this year on some of the potential … Continue Reading
Privacy and cybersecurity risks continue to emerge for organizations large and small. While by no means exhaustive, we briefly discuss some key issues that organizations may need to focus on in 2019 and beyond. Business Email Compromise (BEC)/Email Account Compromise (EAC) – BEC and EAC attacks are widespread and show no sign of slowing in the … Continue Reading
The U.S. Court Appeals for the Eleventh Circuit has ruled that statutory damages under the Stored Communications Act (SCA) are not available in a case where the plaintiff did not incur any actual damages. The case, Vista Marketing LLC v. Burkett, originated from an extremely contentious divorce proceeding. While the majority of the allegations in that … Continue Reading
As we previously reported, the EU and U.S. reached agreement last week on the EU-U.S. Privacy Shield to replace the invalidated EU-U.S. Safe Harbor Program for transatlantic data transfers. While the announcement of the Privacy Shield is a relief to the thousands of companies who relied on the Safe Harbor Program, details remain unclear. What … Continue Reading
In honor of Data Privacy Day, we provide the following “Top 10 for 2016.” While the list is by no means exhaustive, it does provide some hot topics for organizations to consider in 2016. EU/U.S. Data Transfer (status of Safe Harbor). On October 6, 2015, the Court of Justice of the European Union (CJEU) ruled … Continue Reading
Can we prohibit employees from making audio recordings at work? As advancements in technology continue to increase, and it becomes easier and easier for employees to surreptitiously record conversations, this inquiry is posed by many employers. In fact, we discussed this very question back in 2013. Unfortunately, the answer to this question is perhaps the most … Continue Reading
As of July 2, 2015, Wisconsin law makes it a Class A misdemeanor for any individual to place a GPS device on another individual’s vehicle without the consent of the vehicle’s owner. Based on comments from the bill’s sponsors, it appears as though the goal of the new law is to protect potential victims or … Continue Reading
News reports of security risks, hackings and breaches caused by individuals, terror groups or even countries around the world certainly are important and can be unsettling. But, for many organizations, including healthcare providers and business associates, a significant and perhaps more immediate area of data risk rests with an organization’s workforce members. An organization’s information … Continue Reading
With the proliferation of wage and hour litigation, especially in Florida which has the highest number of Fair Labor Standards Act (“FLSA”) cases filed annually nationwide, employers have sought for better ways to track employee work time in anticipation of defending against unpaid overtime claims. Additionally, employers have used monitoring devices in hopes of increasing … Continue Reading
The United States District Court for the Middle District of Alabama recently held in Bruce v. McDonald that the “mere access” of an e-mail account and subsequent printing/possession of e-mails from the same account did not constitute an “interception” in violation of the federal Wiretap Act. Under the Wiretap Act, as amended by the Electronic … Continue Reading
The Federal Financial Institutions Examination Counsel (FFIEC) recently issued supervisory guidance entitled “Social media: Consumer Compliance Risk Management Guidance.” Financial institutions are expected to use the Guidance in their efforts to ensure that their policies and procedures provide oversight and controls commensurate with the risks posed by their involvement in social media. The Guidance was … Continue Reading
California law soon may require commercial websites that collect personal data to disclose how they respond to “Do Not Track” signals from Web browsers. AB 370, an amendment to the California Online Privacy Protection Act (Act), which was sponsored by Attorney General Kamala Harris, passed the California Senate and Assembly at the end of August. Governor Jerry … Continue Reading
Today's Pew Research Center report that 72% of online adults use social networking sites, a significant increase since 2005, should spur more employers to address social media in the workplace.… Continue Reading
The ECRI Institute recently published an excellent summary of key issues for hospitals concerning social media (registration required), a valuable read for any hospital administrator, risk manager or human resources director. ECRI reports that approximately 4,000 U.S. hospitals own social media sites and that number is sure to grow significantly. One of the reasons for this growth will likely be due in significant … Continue Reading
The Federal district court for the Southern District of New York has ruled that an employee can recover statutory damages under the Stored Communications Act for an employer's improper access to the employee's personal email account even in the absence of actual damages to the employee.… Continue Reading
In the name of vehicle safety, California Assembly Bill 1942 will permit among other things “driver cams” to be mounted on vehicle windshields beginning on January 1, 2011. Formally known as “video event recorders,” these devices can continuously record audio, video, and G-force levels in a digital loop in order to help identify bad driver … Continue Reading
Keystroke logging (or “keylogging”) is the noting (or logging) of the keys struck on a computer keyboard. Typically, this is done secretly, so the keyboard user is unaware his activities are being monitored. Several cases throughout the country have examined an employer’s use of keylogging. Recently, the Criminal Court of the City of New York held … Continue Reading