Presentation is loading. Please wait.

Presentation is loading. Please wait.

Privacy and Security in the Employment Relationship

Published byDwight Ernest Carter Modified over 5 years ago

Similar presentations

Presentation on theme: "Privacy and Security in the Employment Relationship"— Presentation transcript:

1 Privacy and Security in the Employment Relationship
Steve Sheinberg General Counsel and SVP, Privacy and Security Anti-Defamation League Blog: workplacetechlaw.com Bret Cohen Privacy & Cybersecurity Group Hogan Lovells Blog: hldataprotection.com October 26, 2016

2 Privacy and security in the employment relationship
Law of employee privacy Building a privacy and security program Hogan Lovells

3 Law of employee privacy
Relatively limited statutory protections for employee privacy In many cases, employee privacy risks can be mitigated by setting proper expectations Be on the lookout for unintended consequences of policies involving the collection of employee information (e.g., discriminatory impact) Hogan Lovells

4 Employee monitoring: use of corporate IT systems
In the U.S., wide latitude for employers to monitor activity on company- owned information systems Liability protection for cybersecurity monitoring Implement an acceptable use policy to set employee expectations Prohibit unlawful uses and describe limits on personal use Preserve the company’s right to inspect and monitor Address off-hours use by non-exempt personnel Notify employees regularly and whenever possible (e.g., banner) Hogan Lovells

5 Employee monitoring: use of third-party services
Corporate security may involve monitoring of third-party services, whether used on the corporate network or outside of work time Be careful about how you gain access to those services State laws prohibiting employers from requesting private passwords from employees Potential liability for accessing password-protected services or personal communications under anti-hacking and wiretapping statutes Case law protecting attorney-client communications Hogan Lovells

6 Employee monitoring: NLRB and social media
National Labor Relations Act prohibits even non-union employers from restricting employee organizing rights Employee organizing rights include communicating with each other about terms and conditions of employment NLRB has focused on employer social media policies, prohibiting: Discipline of employees for protected online communications about workplace Adoption of overbroad rules restricting employee communications about workplace Hogan Lovells

7 Employee monitoring: audio/video monitoring
Some statutes prohibit video monitoring in specific sensitive areas (e.g., bathrooms) Elsewhere, video monitoring will be subject to “intrusion” test Audio monitoring In most states, call or other audio recording requires the consent of at least one party to the communication Be cautious of all-party consent states Hogan Lovells

8 Employee monitoring: physical and productivity monitoring
Increase in metrics, sensors, Internet of Things, and Big Data creates opportunities to measure and increase workplace efficiency Beware of algorithmic bias Geolocation tracking When do asset-tracking and productivity monitoring cross the line? Hogan Lovells

9 Background checks FCRA and state laws require employee consent prior to conducting a background check for employment purposes Federal law covers use of third parties; some state laws cover employer checks as well Requirements to provide adverse action notices and the opportunity to correct Non-traditional background checks are covered (e.g., social media checks) Be careful to avoid discrimination issues Including non-traditional discrimination (e.g., lawful off-duty conduct) Insulate decision-makers from factors that could be considered discriminatory Hogan Lovells

10 International issues Stronger privacy protections for employee information in the EU and in countries with EU-style comprehensive privacy laws Employee notices Restrictions on cross-border data transfers Greater restrictions on monitoring of electronic resources Employee hotline regulation (e.g., anonymous reporting) Works council consultation for IT policies Hogan Lovells

11 Building a privacy and security program
The key to mitigating privacy and security risks in the workplace is creating a privacy-aware corporate culture that motivates and trains employees to be part of that culture Hogan Lovells

12 Building a privacy and security program
Create employee policies that recognize that employees are the main threat vector. Teach employees, especially about social engineering. Talk to the CIO. Get good agreements with vendors and key employees. Strive for Cyber Resiliency Follow the principle of least privilege. Update software, install patches, remove non-approved software. Ensure that your physical security is sufficient. Encrypt all data, period. Segregate differing data onto separate networks. Monitor network traffic. Use two-factor authentication. {Most of this is policy, not tech, driven} Hogan Lovells

13 Questions? Bret Cohen Privacy & Cybersecurity Group Hogan Lovells
Steve Sheinberg General Counsel SVP, Privacy and Security Anti-Defamation League Blog: workplacetechlaw.com Bret Cohen Privacy & Cybersecurity Group Hogan Lovells Blog: hldataprotection.com Hogan Lovells

Download ppt "Privacy and Security in the Employment Relationship"

Similar presentations

BUSINESS B2 Ethics.

BUSINESS B2 Ethics.
ERICK BECKER || || 949–852–1800 || Social Media in the Workplace: Guidelines for Employers May 27, 2014 Erick.

ERICK BECKER || || 949–852–1800 || Social Media in the Workplace: Guidelines for Employers May 27, 2014 Erick.
Information Risk Management Key Component for HIPAA Security Compliance Ann Geyer Tunitas Group 209-754-9130

Information Risk Management Key Component for HIPAA Security Compliance Ann Geyer Tunitas Group
IS BIG DATA GIVING YOU A BIG HEADACHE? Risk Reduction - Transactional, International and Liability Issues Oregon State Bar Corporate Counsel Section Fall.

IS BIG DATA GIVING YOU A BIG HEADACHE? Risk Reduction - Transactional, International and Liability Issues Oregon State Bar Corporate Counsel Section Fall.
© 2015 Snell & Wilmer 1 21157280 © 2015 Snell & Wilmer 21157280 WAGE AND HOUR AND TRADITIONAL LABOR UPDATE April 2, 2015 John F. Lomax, Jr.

© 2015 Snell & Wilmer © 2015 Snell & Wilmer WAGE AND HOUR AND TRADITIONAL LABOR UPDATE April 2, 2015 John F. Lomax, Jr.
Copyright 2014 TOP TEN LEGAL ISSUES WITH. NUMBER 10: Are we friends?

Copyright 2014 TOP TEN LEGAL ISSUES WITH. NUMBER 10: Are we friends?
980 9 th Street, Suite 2300 Sacramento, California 95814 Telephone: 916.326.5150 Facsimile: 916.497.0708 300 Montgomery Street, Suite 788 San Francisco,

980 9 th Street, Suite 2300 Sacramento, California Telephone: Facsimile: Montgomery Street, Suite 788 San Francisco,
School of Risk Control Excellence Employee Use of Social Media The Impact of the Virtual World on Disciplining and Firing Employees Laura Lapidus, Esq.

School of Risk Control Excellence Employee Use of Social Media The Impact of the Virtual World on Disciplining and Firing Employees Laura Lapidus, Esq.
SMART GRID: Privacy Awareness and Training – A Starting Point for Utilities October 2011 SGIP-CSWG Privacy Group 1.

SMART GRID: Privacy Awareness and Training – A Starting Point for Utilities October 2011 SGIP-CSWG Privacy Group 1.
Class 13 Internet Privacy Law European Privacy.

Class 13 Internet Privacy Law European Privacy.
Internal Auditing and Outsourcing

Internal Auditing and Outsourcing
(Edited) WORKPLACE PRIVACY.

(Edited) WORKPLACE PRIVACY.
Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.

Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.
Ethics and professional Conducts for Civil engineers

Ethics and professional Conducts for Civil engineers
Finance and Governance Workshop Data Protection and Information Management 10 June 2014.

Finance and Governance Workshop Data Protection and Information Management 10 June 2014.
Social Media in the Workplace MEGAN QUIRK, ATTORNEY AT LAW.

Social Media in the Workplace MEGAN QUIRK, ATTORNEY AT LAW.
EFFECT OF CORPORATE IT POLICIES ON OTHERWISE PRIVILEGED COMMUNICATIONS Prepared by Joel P. Hoxie of Snell & Wilmer November 2010 Presented by: Jon Barton.

EFFECT OF CORPORATE IT POLICIES ON OTHERWISE PRIVILEGED COMMUNICATIONS Prepared by Joel P. Hoxie of Snell & Wilmer November 2010 Presented by: Jon Barton.
FIRMA April 2010 SOCIAL NETWORKING Christine M. Farquhar Managing Director, Compliance J.P. Morgan U.S. Private Banking.

FIRMA April 2010 SOCIAL NETWORKING Christine M. Farquhar Managing Director, Compliance J.P. Morgan U.S. Private Banking.
McGraw-Hill/Irwin © 2006 The McGraw-Hill Companies, Inc. All rights reserved. 2-1 BUSINESS DRIVEN TECHNOLOGY Business Plug-In B2 Ethics.

McGraw-Hill/Irwin © 2006 The McGraw-Hill Companies, Inc. All rights reserved. 2-1 BUSINESS DRIVEN TECHNOLOGY Business Plug-In B2 Ethics.
Is Your Background Check Process Compliant?. 2 © Copyright 2015 ADP, LLC. Proprietary and Confidential Information. Agenda Privileged & Confidential.

Is Your Background Check Process Compliant?. 2 © Copyright 2015 ADP, LLC. Proprietary and Confidential Information. Agenda Privileged & Confidential.

Similar presentations

Ads by Google