Employment Privacy Blog

News, commentary, and legal updates from attorneys in the Data Security and Workplace Privacy Practice Group at Fisher Phillips.

Florida is currently considering data privacy legislation that would require covered businesses to implement comprehensive policies and procedures to provide privacy rights to consumers. The proposed legislation, House Bill 969, is based in significant part on the California Consumer Privacy Act of 2018 (CCPA), as amended by the California Privacy Rights Act (CPRA). If passed, HB 969 would become effective on January 1, 2022.…
First Europe installed a strict data privacy scheme when it enacted its General Data Protection Regulation (GDPR), then the trend crossed the Atlantic as California lawmakers passed their own data privacy law known as the California Consumer Privacy Act (CCPA). Up next is …Virginia? The Commonwealth of Virginia is poised to enact the Consumer Data Protection Act (CDPA), which would take effect and impact many businesses across the state beginning in January 2023. What do…
If someone accessed your business’s computer systems without your authorization, did you suffer a data breach under Colorado law? Answering this question correctly is critical, because getting it wrong can expose you to government investigations and lawsuits. It may surprise you to learn that the answer to this question is not always a clear yes. You may be wondering how you can determine if the answer is probably no. If you are wondering, keep reading.…
A bipartisan group of New York state lawmakers recently introduced privacy legislation that would impose new obligations on businesses related to biometric identifiers and biometric information. The Biometric Privacy Act (“New York BIPA”), introduced on January 6, would limit how companies can collect or disclose biometric identifiers and biometric information, notice and consent to persons whose data is collected, security measures for the storage of such data, and private rights of action. Employers would not…
As a result of the United Kingdom and the European Union reaching agreement on the terms of the EU-U.K. Trade and Cooperation Agreement on December 24, 2020, the U.K. and EU have agreed to continue allowing data transfers between the two for an up-to-six-month transition period. During this time, the European Commission will complete an adequacy assessment of the U.K.’s data protection laws. The adequacy assessment is a process by which the EU certifies that…
Employers in the financial services sector are facing an unprecedented number of cybersecurity attacks during the pandemic crisis. To put this in perspective, the Financial Industry Regulatory Authority (FINRA) has issued nine notices regarding the ongoing and widespread cybersecurity threats facing the industry since the COVID-19 pandemic began – and only issued seven cybersecurity notices in the 14 years before the pandemic. What do financial services employers need to know about this development, and what…
Businesses across Washington state – and those that do business there – might want to brace themselves for another round of debate that could lead to the passage of California-style privacy legislation in 2021. After failures the past two years, lawmakers seem intent on resurrecting the proposal in the new year. What do you need to know about this possible development, and what can you do to prepare your business?…
The COVID-19 pandemic has changed all manner of business procedures over the course of this past year, but one area you may not immediately recognize that needs to be immediately addressed relates to mandatory privacy notifications under California state law – perhaps even if you don’t have employees in the state. If you have not yet adjusted your business practices as it relates to COVID-19, you need to add this important assignment to your end-of-the-year…
Several federal agencies have teamed up to warn healthcare employers of the increased threat they face as a result of malicious cybercriminals aiming to take advantage of the pandemic to wreak havoc on their operations. The Cybersecurity and Infrastructure Agency, the Federal Bureau of Investigation, and the Department of Health and Human Services recently issued a joint advisory based on “credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers.”…