As we recently noted, Washington state amended its data breach notification law on May 7 to expand the definition of “personal information” and shorten the notification deadline (among other changes). Not to be outdone by its sister state to the north, Oregon followed suit shortly thereafter—Senate Bill 684 passed unanimously in both
More States Limit Employer Access to Employee Social Media Accounts
More states pass laws limiting access by employers to the social media accounts of applicants and employees…
Continue Reading More States Limit Employer Access to Employee Social Media Accounts
Maryland Restricts Employer Use of Credit History Information
On April 12, 2011, Maryland Governor Martin O’Malley signed into law S.B. 132/H.B. 87. Under this law, Maryland employers, except in limited circumstances, are prohibited from using an individual’s consumer credit history for hiring or other employment purposes.
Beginning October 1, 2011, employers are prohibited from using credit report data to deny employment, discharge an…
Wondering What To Do With Your “Electronic Waste”?
A new law in New York (eff. April 1, 2011) and a flurry of bills across the country (New Jersey, Nevada, Florida, Connecticut and Oregon) are aimed at requiring businesses to deal with their electronic waste in one form or another. Before discarding that old laptop, businesses should make sure they do so securely and in accordance with applicable state law.
Continue Reading Wondering What To Do With Your “Electronic Waste”?
State Law Developments for Credit and Criminal Background Checks
Recent state law developments will affect whether and to what extent certain employers can conduct credit and criminal background checks on employees and applicants. Employers, particularly multi-state employers, should be sure to review these new requirements and adjust their practices accordingly.
The Commonwealth has changed how employers access and use criminal offender record information…
WISPs Beyond Massachusetts
Over the past few months, many businesses, particularly in the Northeast Region, have been focusing on creating a written information security program (WISP) to comply with Massachusetts identity theft regulations that went into effect March 1, 2010. For many, this has been a significant effort, reaching most, if not all, parts of their organizations. However…