Privacy, Data and CybersecurityBlog Posts
Employers Don’t Put Your Heads In the Sand, You May Be Required to Monitor, Investigate and Report Employees Accessing Child PornographyThe New Jersey Appellate Division (Doe v. XYC Corporation) and the Court of Appeals of Wisconsin (Maypark v. Securitas Serv. USA Inc. & Sigler v. Kobinsky) have both examined an employer’s duty to monitor employees conduct while at work, and have reached drastically different results. Additionally, at least seven states—Arkansas, Illinois, Missouri, North Carolina, Oklahoma, South … Continue reading Employers Don’t Put Your Heads In the Sand, You May Be Required to Monitor, Investigate and Report Employees Accessing Child PornographyDecember 11, 2009 |
House of Representatives Passes the Data Accountability and Trust ActAs passed by the House of Representatives on December 8, 2009, the Data Accountability and Trust Act would create federal data security standards, a national breach notification requirement, data destruction mandates, and special requirements for "information brokers." The Act will now move to the Senate, where it likely will be considered together with recent bills from various … Continue reading House of Representatives Passes the Data Accountability and Trust ActDecember 9, 2009 |
Health Net’s Data Breach Highlights Need for Privacy Officer with Clear Job DescriptionHealth Net Inc., one of the nation’s largest publicly traded managed health care companies, recently notified authorities and informed affected persons, with a statement on its website, that the unencrypted personal information of 1.5 million current and former members, stored on a portable disk drive, is missing from the company’s Connecticut office. The company is now … Continue reading Health Net’s Data Breach Highlights Need for Privacy Officer with Clear Job DescriptionDecember 3, 2009 |
Is Shredding Enough?Continuing our thoughts on how disclosures of private or confidential information may adversely impact the institution and the persons affected by such disclosure, we now focus on something near and dear to lawyers’ hearts: paper shredding. Many businesses regularly shred documents they no longer need to protect them from disclosure. While this may secure the information contained … Continue reading Is Shredding Enough?December 1, 2009 |
Electronic Health Records: The Work to Build a Health Information Technology Infrastructure BeginsIn a key step toward developing a proposed U.S. health information technology (HIT) infrastructure, the Centers for Medicare & Medicaid Services has announced that Iowa’s Medicaid program is the first to receive federal matching funds for planning activities necessary to implement the electronic health record (EHR) incentive program established by the American Recovery and Reinvestment … Continue reading Electronic Health Records: The Work to Build a Health Information Technology Infrastructure BeginsDecember 1, 2009 |
Data Breach Affects Climate Change DebateBased on recent events, the University of East Anglia likely will agree that data privacy and security requires a comprehensive approach, as data breaches are not limited to incidents involving personal information and identity theft. In fact, the effects of a breach to an organization’s information systems involving confidential company information can be far worse on the … Continue reading Data Breach Affects Climate Change DebateNovember 24, 2009 |
“Friending” Employees – The Risks of Employer Participation In Online Social NetworkingMore companies are becoming a part of the social networking community – setting up Facebook pages, “friending” their employees and customers, and so on. Businesses use these sites for a variety of purposes including marketing; client, employee and government relations; and community involvement. With lawmaking bodies and courts just beginning to struggle with the range … Continue reading “Friending” Employees – The Risks of Employer Participation In Online Social NetworkingNovember 22, 2009 |
GINA Effective November 21, 2009, But EEOC Final Regulations Remain Under ReviewThe Genetic Information Nondiscrimination Act (GINA) [pdf], signed into law in May 2008, prohibits discrimination by health insurers and employers based on individuals’ genetic information. Genetic information includes the results of genetic tests to determine whether someone is at increased risk of acquiring a condition (such as some forms of breast cancer) in the future, … Continue reading GINA Effective November 21, 2009, But EEOC Final Regulations Remain Under ReviewNovember 20, 2009 |
‘Tis The Season…For Data BreachAs the holidays approach, more of us will be utilizing work time, and likely work resources, to handle our holiday shopping. Some of us may even post our shopping successes or gift ideas on Facebook or email coupons to friends. Doing so not only results in a loss of employee productivity, but also creates significant … Continue reading ‘Tis The Season…For Data BreachNovember 19, 2009 |
Cloud Computing – Did the City of Los Angeles Make the Right Move?“Cloud computing” takes many forms, but, fundamentally, it is a computer network system that allows consumers, businesses, and other entities to store data off-site and manage it with third-party-owned software accessed through the Internet. Files and software are stored centrally on a network to which end users can connect to access their files using computers … Continue reading Cloud Computing – Did the City of Los Angeles Make the Right Move?November 17, 2009 |