Search

Search form

Federal Contractors: Have You Done Your Privacy Training?

Federal contractors know all too well the list of annual requirements and obligations can seem overwhelming at times.  One that may get overlooked by some is annual training requirements. A fairly new such training went into effect in 2017 – it requires certain federal contractors to do annual data privacy training. According to the U.S....… Continue Reading
January 29, 2021

Top 10 for 2021 – Happy Data Privacy Day!

In honor of Data Privacy Day, we provide the following “Top 10 for 2021.”  While the list is by no means exhaustive, it does provide some hot topics for organizations to consider in 2021. COVID-19 privacy and security considerations. During 2020, COVID-19 presented organizations large and small with new and unique data privacy and security...… Continue Reading
January 28, 2021

NLRB Approves Workplace Social Media Policy Limiting Employees’ Online Communications

Recently, the National Labor Relations Board (NLRB), in a split decision 2-1, approved a California-based ambulance company’s implementation of a social media policy that prohibited employees from “inappropriate communications” related to the company.  The NLRB’s ruling reversed a decision by an administrative law judge, back in October 2019, that concluded that the company’s social media...… Continue Reading
January 25, 2021

CDC Expands Guidance on Workplace SARS-CoV-2 Testing to Require Informed Consent

As employers continue to grapple with a safe return to the workplace, on January 21, the U.S. Center for Disease Control and Prevention (CDC) issued new guidance for businesses and employers on SARS-CoV-2 testing of employees, as part of a more comprehensive approach to reducing transmission of the virus in non-healthcare workplaces. While the CDC...… Continue Reading
January 22, 2021

ACC Launches Data Steward Program: An Approach to Assessing Law Firm Data Security

On December 8th, the Association of Corporate Counsel (ACC), which represents over 45,000 in-house counsel across 85 countries, announced the launch of its Data Steward Program (DSP) to help organizations and their law firms assess and share information about information security relating to client data. The DSP is two years in the making, collecting input...… Continue Reading
January 21, 2021

CCPA at the One-Year Mark

The CCPA has reached the one-year mark. This is a good time for businesses to review the success of their compliance programs and recalibrate for the CCPA’s second year. Here are a few suggestions to kick off that review: Privacy Policies. The CCPA requires a business to update the information in its privacy policy or...… Continue Reading
January 20, 2021

Want to Know if Your Employees Received the COVID-19 Vaccine? Some Best Practices to Consider

While its rollout has been slow, the vaccine is being administered across the U.S. and in other countries. As of January 15, 2021, nearly 36 million doses of a COVID-19 vaccine have been administered, just over 11 million in the U.S. For a variety of reasons, organizations want to know whether their workforce members (employees,...… Continue Reading
January 17, 2021

New York Could Become the Next Hotbed of Class Action Litigation Over Biometric Privacy

Dubbed the “Biometric Privacy Act,” New York Assembly Bill 27 (“BPA”) is virtually identical to the Biometric Information Privacy Act in Illinois, 740 ILCS 14 et seq. (BIPA). Enacted in 2008, BIPA only recently triggered thousands of class actions in Illinois. If the BPA is enacted in New York, it likely will not take as...… Continue Reading
January 14, 2021

OCR Releases Report Summarizing HIPAA Privacy and Security Compliance Failures

In the final days of 2020, the Office for Civil Rights (OCR) at the U.S. Health and Human Service (HHS) released a HIPAA Audits Industry Report (“the Report”), that could be quite helpful to covered entities and business associates for tackling HIPAA compliance as we enter the new year.  The Report examines OCR’s findings from...… Continue Reading
January 7, 2021

CPRA Series: The Importance of Data Retention Schedules and Records Management Policies

Record retention and records management policies are key elements for a company’s data protection program. Numerous recently enacted, or amended, data protection laws adopt data retention or storage limitation principles to safeguard personal information. Companies that do not have clearly defined record retention practices should take notice. Companies with existing practices should review those practices...… Continue Reading
December 29, 2020

Pages