President Trump recently fired the three democrats on the Privacy and Civil Liberties Oversight Board (PCLOB). Since these firings bring the Board to a sub-quorum level, they have the potential to significantly disrupt transatlantic transfers of employee and other personal data from the EU to the US under the EU-US
Articles Discussing Privacy And Surveillance In The Workplace.
Tech Tools + Privacy Considerations
“It’s this constant sense of governance — risk and compliance processes that should take place whenever you’re dealing with these technologies. If there was one goal I would recommend for next year, that would be more collaboration between the stakeholders [IT, legal, HR, the business area deploying the tech] when rolling out these kinds of tools.”
FAQs for Schools and Persons Affected By the PowerSchool Data Breach
A massive data breach hit one of the country’s largest education software providers. According to EducationWeek, PowerSchool provides school software
HHS Proposed Rule Would Increase Cybersecurity Requirements for Electronic Health Data
The U.S. Department of Health and Human Services (HHS) recently released a proposed rule to better protect electronic health data from cybersecurity threats. The proposed rule would apply to health plans, healthcare providers, healthcare clearinghouses, and their business associates, such as billing companies, third-party administrators, and pharmacy benefit managers.
AI versus MFA
Ask any chief information security officer (CISO), cyber underwriter or risk manager, or cybersecurity attorney about what controls are critical for
Patient’s Request for Records Uncovers Dental Practice’s Ransomware Attack, Leading to $350K Settlement
The Indiana Attorney General Office (OAG) filed a detailed complaint on December 23, 2024 (Complaint) which arose out of the following patient complaint:
2024 Wrap-Up of the Workplace Privacy, Data Management & Security Report
As the year comes to a close here are some of the highlights from the Workplace Privacy, Data Management & Security Report with our most popular
Privacy Blizzard Expected in January as Five State Laws Take Effect
Around the country, the weather is turning wintery, but in the privacy arena, there will be a blizzard as five state comprehensive privacy laws become effective.
Here is an overview of businesses needing to prepare.
1. Delaware Personal Data Privacy Act (DPDPA)
The DPDPA takes effect on January 1, 2025.
Human Resources’ Role in Data Privacy and Cybersecurity, Part V: Ethical Obligations When Responding to a Breach of Employee Data
In today’s digital landscape, many organizations will likely face the unfortunate reality of a breach of employee data. The human resources department is the critical link between safeguarding a company’s reputation and championing employees’ data privacy rights. The first article in this series provided an overview of privacy basics. The
The CFPB Cautions Employers About Using Technology to Track, Assess, and Evaluate Workers
Employers should be mindful of whether workforce tracking technology, including AI, may provide information, such as employee performance scores, that triggers FCRA compliance. The FCRA protects both job applicants and employees. Education about basics of the FCRA is key for all employers, including in-house counsel, due to the proliferation of
Human Resources’ Role in Data Privacy and Cybersecurity, Part IV: Communicating Effectively With Employees After a Data Breach
In today’s data-driven environment, effective communication during a cybersecurity breach is crucial for maintaining employee trust and confidence. This fourth article in our five-part series on employee data privacy focuses on strategies for effectively communicating with employees after a data breach. The first article in this series provided an overview
Human Resources’ Role in Data Privacy and Cybersecurity, Part III: Five Tips for Responding to Confidentiality Incidents
In today’s digital landscape, many organizations will likely face the unfortunate reality of a data breach. This third installment of a five-part series on employee data privacy discusses five considerations for HR professionals managing an incident involving a breach of employee data, including how to navigate the situation effectively. The
Failure to Safeguard, Two Cyber Intrusions, and an $850,000 SEC Settlement
Virtually all organizations have an obligation to safeguard their personal data against unauthorized access or use. Failure to comply with such obligations can lead to significant financial and reputational harm.
In a recent settlement agreement with the SEC, a New York-based registered transfer agent, Equiniti Trust Company LLC, formerly known
Workplace Law After ‘Loper’: Will Organizations Face a Wider Regulatory Gap Between Conflicting Data Privacy and Security Laws?
The Loper Bright decision could challenge Congress in passing particular and forward-thinking data privacy and security laws.
Privacy Versus Cyber – What is the Bigger Risk?
“Cybersecurity” has emerged as one of top risks facing organizations. Considering the steady stream of massive data breaches affecting millions (sometimes billions), the debilitating effects of ransomware on an organization’s information systems, the intrigue of international threat actors, and the mobilization and collaboration of national law enforcement to thwart these