Search

Search form

Joseph J. LazzarottiBlog Posts

See all

  • Draft Regulations in California Would Curb Use of AI, Automated Decision Systems in Employment

    “The EEOC is keenly aware that [artificial intelligence and algorithmic decision-making] tools may mask and perpetuate bias or create new discriminatory barriers to jobs. We must work to ensure that these new technologies do not become a high-tech pathway to discrimination.” Statement from EEOC Chair Charlotte A. Burrows in late October 2021 announcing the employment... Continue Reading
    April 11, 2022
  • New Jersey Requires Employers to Make a Retirement Savings Vehicle Available to Employees

    In an effort to close the gap in retirement savings across the state, Governor Phil Murphy signed the New Jersey Secure Choice Savings Program Act (Act) in March of 2019. The Act created the Secure Choice Savings Program (Program), designed to provide a path for more private sector employees save for retirement. In short, the...
    April 4, 2022
  • “Get a Life” – Another Dentist Responds to Patient’s Online Review, This Time Faces a $50,000 OCR Penalty

    It can be cathartic responding to a negative online review. It can also backfire, as can failing to cooperate with an OCR investigation as required under HIPAA. The Office for Civil Rights (OCR) recently announced four enforcement actions, one against a small dental practice that imposed a $50,000 civil monetary penalty under HIPAA. The OCR...
    March 29, 2022
  • Utah Becomes Fourth State to Enact A Comprehensive Privacy Law

    Just as businesses are preparing to ensure compliance with similar laws in California, Colorado, and Virginia, they soon will need to consider a fourth jurisdiction, Utah. On March 24, 2022, Governor Spencer Cox signed a measure enacting the Utah Consumer Privacy Act (UCPA). The UCPA is set to take effect December 31, 2023. Note, Georgia...
    March 25, 2022
  • FTC Settles Privacy and Security Allegations with Online Merchant for $500K and Agreement to Extensive Compliance Program

    The FTC recently settled its enforcement action involving data privacy and security allegations against an online seller of customized merchandise. In addition to agreeing to pay $500,000, the online merchant consented to multiyear compliance, recordkeeping, and FTC reporting requirements. The essence of the FTC’s seven count Complaint is that the merchant failed to properly disclose...
    March 23, 2022
  • Is Crypto Too Cryptic for Your 401(k) Plan?

    It started sometime last year and, in hindsight, was inevitable.  Clients with 401(k) plans and a crypto-savvy employee population began asking whether they could offer cryptocurrency as a plan investment option.  In the 401(k) world, where even a self-directed brokerage window with built-in investment limitations can be too risky, the answer seemed obvious – watch...
    March 21, 2022
  • Cyber Incident, Ransom Payment Reporting to DHS Mandatory for Critical Infrastructure Entities

    Included within the Consolidated Appropriations Act, 2022, signed by President Joe Biden on March 15, the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (Act) creates new data breach reporting requirements. This new mandate furthers the federal government’s efforts to improve the nation’s cybersecurity, spurred at least in part by the Colonial Pipeline cyberattack...
    March 18, 2022
  • Not-For-Profits, Charities Might Attract More Donors with Improved Website Content, Attention to Privacy

    According to Giving USA, charitable contributions in 2020 exceeded $470 billion, 70 percent of which came from individuals.  Individuals deciding to donate to a particular organization may be considering factors beyond the organization’s particular mission, however compelling it may be. Misleading GoFundMe campaigns, FTC crackdowns on deceptive charities, and poorly run organizations are some of...
    March 14, 2022
  • Do Employers Need a CISO for ERISA Compliance?

    According to a recent survey, about 45% of companies do not have a Chief Information Security Officer (CISO). As West Monroe’s “The Importance of a CISO” observes, it would be terrific for all organizations to have a CISO, but that simply may not be practical for some, particularly smaller organizations. Recent internal audit guidance issued...
    March 11, 2022
  • Do Employers Need a CISO for ERISA Compliance?

    According to a recent survey, about 45% of companies do not have a Chief Information Security Officer (CISO). As West Monroe’s “The Importance of a CISO” observes, it would be terrific for all organizations to have a CISO, but that simply may not be practical for some, particularly smaller organizations. Recent internal audit guidance issued...
    March 11, 2022

Pages