Employer Duties to Protect Employee Data

Do employers have a duty to protect their employee’s data? In Dittman v. UPMC, the Pennsylvania Supreme Court determined, among other things, that the defendant employer had a duty to use reasonable care in protecting employee data. See __ A.3d __, No. 43 WAP 2017 (Pa. 2018). Dittman concerned a data breach that allegedly compromised the personal information of employees and former employees of the defendant. The defendant required employees to provide this personal information as a condition of employment. The claims asserted, among other things, that the defendant was negligent by not taking appropriate steps towards safeguarding employees’ sensitive information.

Read more: Employer Duties to Protect Employee Data

Written Information Security Plan (WISP): A Good Idea

Even a wisp of data collected by hackers, thieves, or other nefarious cyber-criminals as a result of a breach may leave you open to a lawsuit. To protect your company, it is important to have security measures in place to safeguard sensitive data.  While not legally required in all 50 states, a written information security program (WISP) can help your company protect its data, and, if necessary, react to a breach.  Essential elements of a WISP include laying out procedures for your company to store and transfer sensitive data and assigning an employee to maintain and implement these security procedures.

Read more: Written Information Security Plan (WISP): A Good Idea

TM, SM, & ®: What to Use?

TM, SM, and ® - what do they mean? ​TM and SM are used for unregistered trademarks and service marks, respectively. However, the ® symbol indicates that a mark is registered with the U.S. Patent and Trademark Office (USPTO).

Read more: TM, SM, & ®: What to Use?

Complying with the Children's Online Privacy Protection Act (COPPA)

Be careful if your business collects personal information from children under the age of thirteen- generally, most businesses do not want this type of information for a very specific reason.  Congress enacted the Children’s Online Privacy Protection Act (COPPA) in the late 90's.  COPPA applies to opperators of commercial websites and online services (including mobile apps) directed to children under thirteen that collect, use, or disclose personal information from children, and operators of general audience websites or online services with actual knowledge that they are collecting, using, or disclosing personal information from children under thirteen.

Read more: Complying with the Children's Online Privacy Protection Act (COPPA)

losey
ATTORNEY ADVERTISEMENT; PRIOR RESULTS DO NOT GUARANTEE A FUTURE OUTCOME