workplace data breach challenges
play

Workplace Data Breach Challenges: Navigating Notification - PowerPoint PPT Presentation

Mar 28, 2023 •478 likes •1.12k views

Presenting a live 90-minute webinar with interactive Q&A Workplace Data Breach Challenges: Navigating Notification Requirements, Employee Monitoring and BYOD Programs Structuring Policies to Prevent and Respond to Leaks of Sensitive,

  1. Presenting a live 90-minute webinar with interactive Q&A Workplace Data Breach Challenges: Navigating Notification Requirements, Employee Monitoring and BYOD Programs Structuring Policies to Prevent and Respond to Leaks of Sensitive, Regulated or Proprietary Data WEDNESDAY, JULY 30, 2014 1pm Eastern | 12pm Central | 11am Mountain | 10am Pacific Today’s faculty features: V. John Ella, Shareholder, Jackson Lewis , Minneapolis Brent E. Kidwell, Partner, Jenner & Block , Chicago Joseph J. Lazzarotti, Shareholder, Jackson Lewis , Morristown, N.J. The audio portion of the conference may be accessed via the telephone or by using your computer's speakers. Please refer to the instructions emailed to registrants for additional information. If you have any questions, please contact Customer Service at 1-800-926-7926 ext. 10 .

  2. FOR LIVE EVENT ONLY Sound Quality If you are listening via your computer speakers, please note that the quality of your sound will vary depending on the speed and quality of your internet connection. If the sound quality is not satisfactory, you may listen via the phone: dial 1-866-258-2056 and enter your PIN when prompted. Otherwise, please send us a chat or e-mail sound@straffordpub.com immediately so we can address the problem. If you dialed in and have any difficulties during the call, press *0 for assistance. Viewing Quality To maximize your screen, press the F11 key on your keyboard. To exit full screen, press the F11 key again.

  3. FOR LIVE EVENT ONLY For CLE purposes, please let us know how many people are listening at your location by completing each of the following steps: In the chat box, type (1) your company name and (2) the number of • attendees at your location Click the SEND button beside the box • If you have purchased Strafford CLE processing services, you must confirm your participation by completing and submitting an Official Record of Attendance (CLE Form). You may obtain your CLE form by going to the program page and selecting the appropriate form in the PROGRAM MATERIALS box at the top right corner. If you'd like to purchase CLE credit processing, it is available for a fee. For additional information about CLE credit processing, go to our website or call us at 1-800-926-7926 ext. 35.

  4. FOR LIVE EVENT ONLY If you have not printed the conference materials for this program, please complete the following steps: • Click on the ^ symbol next to “Conference Materials” in the middle of the left - hand column on your screen. • Click on the tab labeled “Handouts” that appears, and there you will see a PDF of the slides for today's program. • Double click on the PDF and a separate page will open. • Print the slides by clicking on the printer icon.

  5. WORKPLACE DATA BREACH CHALLENGES : NAVIGATING NOTIFICATION REQUIREMENTS, EMPLOYEE MONITORING, AND BYOD PROGRAMS

  6. Disclaimer This presentation provides general information regarding its subject and explicitly may not be construed as providing any individualized advice concerning particular circumstances. Persons needing advice concerning particular circumstances must consult counsel concerning those circumstances. 6

  7. Workplace Data Breach Challenges • Employee Monitoring, BYOD programs, and Navigating Notification Requirements. ― Employee Monitoring V. John Ella ― BYOD Programs Brent E. Kidwell ― Navigating Notification Requirements Joseph J. Lazzarotti 7

  8. Protecting Data • Trade Secrets • Personally identifiable information (PII) • Personal health information (PHI) • Financial information • Business plans Customer and client data • Employee data • 8

  9. Steps to Control of Access to Employee and Customer/Client Data • Confidentiality/non-disclosure agreements • Passwords, encryption, firewalls • Policies and procedures • Limited access • Policies and procedures Training • Monitoring • 9

  10. ALLOWABLE EMPLOYEE MONITORING 10

  11. 11

  12. Employee Monitoring • Reasons to monitor • Avoid harassment claims • Protect trade secrets • Detect and dissuade improper behavior • Ensure productivity Not a reason to monitor • Prurient curiosity • 12

  13. Employee Monitoring • Requirements to Monitor • FTC guidance regarding endorsements • FINRA requirements • Child pornography reporting requirements • Electronic discovery 13

  14. Employee Monitoring • Types of Monitoring • Email Internet use • Keystroke/keylogging • Cached files • Saved passwords on computers • Video • Audio • • GPS • RFID Social media • Physical searches • 14

  15. THINGS TO CONSIDER “A growing number of companies are under pressure to protect sensitive data — and not just from hackers lurking outside the digital walls. They're also looking to protect it from insiders — employees who may want to swipe information such as customer bank account numbers or electronic medical records.” Software That Sees Employees, Not Outsiders, As The Real Threat, Shahani, NPR, all tech considered, July 23, 2014 15

  16. New Monitoring Software “The content could be personal notes about one's family. Or it could be company secrets. If the employee copies it to a USB stick, the software sets off a red alert, grabs that same file and displays its contents in real- time.” Software That Sees Employees, Not Outsiders, As The Real Threat, Shahani, NPR, all tech considered, July 23, 2014 16

  17. New Monitoring Software “Managers can't predict when an alleged violation might happen. SureView lets them rewind to the minutes or hour before the red alert, and watch like a slow-motion film. Crouse says the software records four frames per second and it's very compressed video, but it's very readable by an investigator.” Software That Sees Employees, Not Outsiders, As The Real Threat, Shahani, NPR, all tech considered, July 23, 2014 17

  18. New Monitoring Software “Companies currently use software to block an employee from copying or emailing an unauthorized document. But according to a study by the research group Gartner, only 5 percent of that software traces every move, looking for bad actors. By 2018, the study projects, it'll be 80 percent.” Software That Sees Employees, Not Outsiders, As The Real Threat, Shahani, NPR, all tech considered, July 23, 2014 18

  19. Bad Consequences? “Shannon heads an institute at Carnegie Mellon that specializes in insider threat technologies. He says failures in these technologies can create a really toxic workplace. Say I'm poking around a bunch of files, doing research above and beyond the call of duty. In the old days, no one would know, or I'd be called proactive.” Software That Sees Employees, Not Outsiders, As The Real Threat, Shahani, NPR, all tech considered, July 23, 2014 19

  20. Restrictions on Monitoring • Electronic Communications Privacy Act (ECPA) • Stored Communications Act (SCA) • Common law intrusion upon seclusion • State wire tap acts • Notice requirements in CT , DE Restrictions on disclosure of social media passwords • in 13+ states 20

  21. Overview of Privacy Law Not explicitly in U.S. Constitution • (except searches by the government) Almost all states have a common law • tort for “invasion of privacy” California and Montana have a state • constitutional right to privacy 21

  22. Overview of Privacy Law Federal statutes are often industry- • specific (financial, medical, etc.) State legislatures are very busy passing • new privacy statutes International law differs • Technology is challenging all of these • established legal structures 22

  23. Common Law Privacy The Restatement, Second, of Torts, Section 652A sets forth four types of common law invasion of privacy: Unreasonable intrusion upon the • seclusion of another; • Appropriation of the others’ name or likeness; Publication of private facts; and • Publicity that unreasonably places the • other in a false light before the public. 23

  24. Electronic Monitoring • Monitoring work email = usually o.k. • Using work computer to obtain employee’s password to personal, cloud-based email account = usually not o.k. 24

  25. Employee Monitoring Cases • Rene v. G.F . Fishers, Inc., 817 F .Supp.2d 1090 (S.D. Ind. 2011) Stengart v. Loving Care Agency, Inc., 990 A.2d 650 • (N.J. 2010) Pure Power Boot Camp, Inc. v. Warrior Fitness Boot • Camp, LLC , 759 F .Supp.2d 417 (S.D.N.Y) 25

  26. Monitoring – Preventive Steps • Develop a specific, written policy: • Establish information systems are the property of the employer Reserve the right to monitor • Prohibit inappropriate use • Include penalties for policy violations • 26

  27. Monitoring – Preventive Steps • Train/educate employees and others • Keep the monitoring work-related • Permit reasonable personal use • Consider additional steps – desktop statement, posting in common area, written consent/acknowledgement 27

  28. Employee Monitoring Issues Courts will be more inclined to rule in favor of the employer if: • Employer owns the “system” (computer, e-mail, etc.) • Employee voluntarily uses an employer’s network • Employee has consented to be monitored (usually based in written personnel policy) 28

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

CYBER INSURANCE Luxury or necessary protection? What is a data breach? A breach is defined as an

CYBER INSURANCE Luxury or necessary protection? What is a data breach? A breach is defined as an

CYBER INSURANCE Luxury or necessary protection? What is a data breach? A breach is defined as an event in which an individuals name plus personal information such as an address, phone number and/or financial record such as a social security

307 views • 16 slides
Class Actions on Data Breach Class Actions on Data Breach and Privacy on the Rise Litigating Class

Class Actions on Data Breach Class Actions on Data Breach and Privacy on the Rise Litigating Class

Presenting a live 90 minute webinar with interactive Q&A Class Actions on Data Breach Class Actions on Data Breach and Privacy on the Rise Litigating Class Claims, Alleging and Challenging Damages, and Evaluating Insurance Coverage WEDNES

735 views • 55 slides
Workplace Wellbeing Team Number: 23 4 CHALLENGES OF WORKPLACE WELLBEING POST COVID-19 The

Workplace Wellbeing Team Number: 23 4 CHALLENGES OF WORKPLACE WELLBEING POST COVID-19 The

Workplace Wellbeing Team Number: 23 4 CHALLENGES OF WORKPLACE WELLBEING POST COVID-19 The Emotional The Physical The Technological The Purposeful Workplace Workplace Workplace Workplace The emotional aspects The future of physical How

471 views • 10 slides
W ITH THE DATA BREACH AT information for cyber criminals. As consultants to determine whether

W ITH THE DATA BREACH AT information for cyber criminals. As consultants to determine whether

LAW Best Practices for Protecting Electronic Business Data Companies are under attack from cyber-criminals, hackers and spies. Is your data at risk? C OMPILED BY M ILES Z. E PSTEIN E DITOR , COMMERCE W ITH THE DATA BREACH AT information for

290 views • 3 slides
In the news Data Leaks Mar 19 Apr 19 Mar 18 shutdown after data leaks exposed user

In the news Data Leaks Mar 19 Apr 19 Mar 18 shutdown after data leaks exposed user

In the news Data Leaks Mar 19 Apr 19 Mar 18 shutdown after data leaks exposed user data passwords stored in readable format 1B 600M 0.5M Data Breaches Cost of a Data Breach Study www.ibm.com/security/data-breach

677 views • 35 slides
Beazley Breach Response Select p g Making the connection on data breach complexities P

Beazley Breach Response Select p g Making the connection on data breach complexities P

1 Making the connection on data breach complexities Beazley Breach Response Select p g Making the connection on data breach complexities P Presented by d b Jeffrey Norton underwriter Jeffrey Norton, underwriter, Beazley US Private

533 views • 25 slides
Michael McCartney President, Avalon Cyber The Cyber Problem Data Breach Landscape

Michael McCartney President, Avalon Cyber The Cyber Problem Data Breach Landscape

Prentice Wealth Management Michael McCartney President, Avalon Cyber The Cyber Problem Data Breach Landscape Verizon VBIR 2015 Report Cyber Breach Trending Outsider v Insider Threat Personal Identity Protection

819 views • 12 slides
A little bit Dave anatomy of the Blood Service data breach Mr Laurie Joyce Australian Red

A little bit Dave anatomy of the Blood Service data breach Mr Laurie Joyce Australian Red

A little bit Dave anatomy of the Blood Service data breach Mr Laurie Joyce Australian Red Cross Blood Service @HISA_HIC #HIC18 Blood Service Data Breach Laurie Joyce IT Security and Compliance Manager Headlines Introduction In

217 views • 18 slides
CHALLENGES AND RESPONSES IN THE WORKPLACE IN RELATION TO COVID-19 Demerara Distillers Ltd Group

CHALLENGES AND RESPONSES IN THE WORKPLACE IN RELATION TO COVID-19 Demerara Distillers Ltd Group

CHALLENGES AND RESPONSES IN THE WORKPLACE IN RELATION TO COVID-19 Demerara Distillers Ltd Group Of Companies, Guyana Presentation Outline - Introduction - Challenges Faced - DDLs Response in Stemming the Transmission and Safeguarding

690 views • 16 slides
ETHICAL DISCLOSURE OF DATA BREACHES COREY TODALEN WHAT IS A DATA BREACH? The

ETHICAL DISCLOSURE OF DATA BREACHES COREY TODALEN WHAT IS A DATA BREACH? The

ETHICAL DISCLOSURE OF DATA BREACHES COREY TODALEN WHAT IS A DATA BREACH? The unauthorized movement or disclosure of sensitive information to a party, usually outside the organization, that is not authorized to have or see the

707 views • 13 slides
Proposed EU Data Protection Regulation: Impact on Handling of Data Breach, DPOs and Staff

Proposed EU Data Protection Regulation: Impact on Handling of Data Breach, DPOs and Staff

Proposed EU Data Protection Regulation: Impact on Handling of Data Breach, DPOs and Staff Surveillance by non-EEA Financial Services Firms Cross Border Group 28 February 2013 39 Offices in 19 Countries Agenda 1) Proposed EU Data Protection

664 views • 25 slides
MANDATORY BREACH REPORTING: REVIEW OF THE REQUIREMENTS UNDER PHIPA OVERVIEW OF BREACH

MANDATORY BREACH REPORTING: REVIEW OF THE REQUIREMENTS UNDER PHIPA OVERVIEW OF BREACH

MANDATORY BREACH REPORTING: REVIEW OF THE REQUIREMENTS UNDER PHIPA OVERVIEW OF BREACH NOTIFICATION AND IPC STATISTICS Fida Hindi, Legal Counsel Office of the Information and Privacy Commissioner of Ontario This presentation is

352 views • 23 slides
PRIVACY BREACH GUIDELINES Purpose The Privacy Breach Guidelines may provide to contain, assess

PRIVACY BREACH GUIDELINES Purpose The Privacy Breach Guidelines may provide to contain, assess

Office of the Saskatchewan Information and Privacy Commissioner PRIVACY BREACH GUIDELINES Purpose The Privacy Breach Guidelines may provide to contain, assess and analyze a privacy some guidance to government institutions, breach. The

291 views • 10 slides
Security & Surveillance Data Breach Notification and Cybersecurity Standards in the U.S. and

Security & Surveillance Data Breach Notification and Cybersecurity Standards in the U.S. and

Security & Surveillance Data Breach Notification and Cybersecurity Standards in the U.S. and E.U. Jonathan P . Armstrong, Eversheds LLP , Leeds and Bruce A. Heiman, Preston Gates Ellis & Rouvelas Meeds LLP , Washington D.C.

181 views • 7 slides
Trends in Data Security and Privacy Li7ga7on and Insurance 2015 Verizon Data Breach Report

Trends in Data Security and Privacy Li7ga7on and Insurance 2015 Verizon Data Breach Report

4/16/16 Trends in Data Security and Privacy Li7ga7on and Insurance 2015 Verizon Data Breach Report 79,790 security incidents 2,122 confirmed data breaches Top industries affected: Public, Informa7on, and Financial Services (same as

181 views • 14 slides
Trends in Data Breach and Cybersecurity Regulation, Legislation and Litigation Part 2 April 17,

Trends in Data Breach and Cybersecurity Regulation, Legislation and Litigation Part 2 April 17,

Trends in Data Breach and Cybersecurity Regulation, Legislation and Litigation Part 2 April 17, 2014 For nearly a decade, weve had major data breaches at companies both large and small. Millions of consumers have suffered the

645 views • 46 slides
2,000 SF only provides enough medication for 50 patients annually Currently, there are over

2,000 SF only provides enough medication for 50 patients annually Currently, there are over

2,000 SF only provides enough medication for 50 patients annually Currently, there are over 50,000 registered patients in Arizona 12 CHAAS total ARIZONA DEPT OF HEALTH SERVICES 4 Indian Reservations PINAL COUNTY CHAAS AJ Superior/Kearny

466 views • 31 slides
Electronic Monitoring An informational webinar presented by The Pew Charitable Trusts Jamie

Electronic Monitoring An informational webinar presented by The Pew Charitable Trusts Jamie

A Deep Dive on Electronic Monitoring An informational webinar presented by The Pew Charitable Trusts Jamie Gibbon, Manager, International Fisheries Esther Wozniak, Senior Associate, International Fisheries Todays Presentation A quick intro

415 views • 22 slides
Industry-Funded Monitoring Amendment: Atlantic Herring Fishery Herring Advisory Panel and

Industry-Funded Monitoring Amendment: Atlantic Herring Fishery Herring Advisory Panel and

Industry-Funded Monitoring Amendment: Atlantic Herring Fishery Herring Advisory Panel and Committee Meeting Boston, Massachusetts April 4, 2018 1 Status of IFM Amendment NEFMC took final action on the IFM Amendment at its April 2017

392 views • 25 slides
Industry-funded Monitoring Omnibus Amendment Omnibus and Herring Coverage Target Alternatives By

Industry-funded Monitoring Omnibus Amendment Omnibus and Herring Coverage Target Alternatives By

15. Observer Committee - (Sept. 29 - Oct 1, 2015) #9 Industry-funded Monitoring Omnibus Amendment Omnibus and Herring Coverage Target Alternatives By Aja Szumylo and Carrie Nordeen Observer Policy Committee Meeting New England Council Meeting

546 views • 41 slides
Proposed General Waste Discharge Requirements for Dairies Item No. 9 April 18, 2019 Cherie

Proposed General Waste Discharge Requirements for Dairies Item No. 9 April 18, 2019 Cherie

Proposed General Waste Discharge Requirements for Dairies Item No. 9 April 18, 2019 Cherie Blatt NCRWQCB In Your Packet Proposed Order R1 - 2019 0001 GWDR, redline/strikeout version - Attachment A - Notice of Intent (NOI)

780 views • 32 slides
2015 MSGP Electronic Reporting Tools Topics 2015 MSGP Electronic Reporting Overview NeT

2015 MSGP Electronic Reporting Tools Topics 2015 MSGP Electronic Reporting Overview NeT

2015 MSGP Electronic Reporting Tools Topics 2015 MSGP Electronic Reporting Overview NeT Electronic Reporting Demo o Accessing the NPDES eReporting Tool (NeT) through the Central Data Exchange (CDX) o Using NeT to submit MSGP forms

346 views • 34 slides
Charter Schools Program (CSP) Federal Grant Overview for Eligible Conditionally Approved Charter

Charter Schools Program (CSP) Federal Grant Overview for Eligible Conditionally Approved Charter

Charter Schools Program (CSP) Federal Grant Overview for Eligible Conditionally Approved Charter Applicants Brianna Becker, Office of Public Charter School Financing and Support (OPCSFS) Agenda CSP Planning and Implementation Grant

183 views • 15 slides
TWELFTH REGULAR SESSION Bali, Indonesia 3-8 December 2015 SPC presentation - ISSF side event

TWELFTH REGULAR SESSION Bali, Indonesia 3-8 December 2015 SPC presentation - ISSF side event

TWELFTH REGULAR SESSION Bali, Indonesia 3-8 December 2015 SPC presentation - ISSF side event WCPFC 12 WCPFC12-2015-OP18a 4 th December 0900 1 Regional update on ER and EM technologies in the WCPO

136 views • 13 slides

More recommend