On November 11, 2020, the European Data Protection Board (EDPB) issued eagerly awaited guidance for complying with the requirements of the General Data Protection Regulation (GDPR) for protecting the privacy rights of individuals in their personal data subject to potential transfer from the European Union (EU) to the United States and other countries. The guidance

As the COVID-19 pandemic continues to affect workplaces throughout the world, employers are considering new ways to ensure a safe workplace when employees return to the office. Outside the US, employers must balance their duty of care to protect the health and safety of all their employees with safeguarding employees’ privacy and complying with data

Part 5 of a series featuring our video Rules of the Road: Return to Work in the Time of COVID-19.

By now, those who have been following this series know the basics. You’ve formulated (or are in the process of formulating) a “return to work” plan, which includes, among other things, implementing policies and

Tracking diversity and inclusion efforts on a global basis is often a challenging task for in-house legal, human resources, and diversity and inclusion teams.  While employers may be interested in collecting applicants’ and/or employees’ diversity information for worthy reasons, such an effort is a fertile ground for potential litigation involving data privacy violations and discrimination

The recently proposed amendment to the California Consumer Privacy Act (CCPA) should be a wake up call to those employers who are not already actively planning for the January 1, 2020 compliance deadline.

The amendment reaffirms that employers must (i) provide employees with notice of the categories of personal information collected and the purposes for

Today, Law360 published our article “Considering Best Data Practices for ERISA Fiduciaries.” (Download the full article in PDF format.)

In this article, we outline steps that ERISA plan fiduciaries can take to develop a policy concerning protection of plan data and prudent selection and monitoring of plan service providers who handle PII.  Benefit plan service

In light of the many high profile cyber-attacks on businesses this past year, employers should assess their vulnerability relative to data breaches and take steps to protect themselves from hackers as well as more innocuous business practices that could result in data breaches. Businesses that handle protected health information are regulated under HIPAA to adopt

By Ian Carleton Schaefer

The newest issue of Take 5 is online, featuring contributions from Michelle Capezza, Nancy Gunzenhauser, Marshall Jackson Jr., Brandon Ge, Gregg Settembrino, and myself, colleagues in our firm’s Technology, Media, and Telecommunications (TMT) Strategic Industry Group.

In this issue, we cover employment issues in “The Cloud”:

  1. Solving Rainy Day Problems