University of South Carolina Notifies 34000 of Computer Records Hack eCampus NewsThe University of South Carolina has started notifying 34000 people with ties to its College of Education that their personal information might have been accessed in a computer intrusion discovered nearly three months ago. The data-security breach is … Top Technical Safeguards for Health Data Security  By: Kyle Murphy   The most recent wave of health data breaches has raised the red flag concerning the lack of administrative safeguards in place to prevent thefts caused by physical theft. While the individual employees who have lost their peripherals or had their …  McDonald’s, General Mills Accused of Collecting Kids’ Data  CNET   By: Rachel King    Groups such as the Center for Digital Democracy and the Center for Science in the Public Interest argue that these businesses are acting in violation of the Children’s Online Privacy Protection Act, which…       Read More

Attacks by NLRB and EEOCEmployers conduct internal investigations for a variety of reasons. Sometimes it is an on-going internal audit to promote compliance. Other times the investigation is the response to a complaint, inventory shortages, rumor, or in anticipation of litigation. Often times in healthcare situations, it is part of the peer review process and involves confidential HIPAA information. In most of these scenarios, the employer wants to keep the investigation confidential until all witnesses are interviewed and evidence gathered and preserved. This makes for more accurate and complete investigations, less collusion among witnesses, less disruption of the workplace, and serves to maintain the privacy of both the accuser and accused, as well as cooperating witnesses within and without the company.It is common for the company to instruct each person involved, “Please keep this confidential until the investigation is complete.” That direction is now under attack. A. THE NLRB ATTACKS CONFIDENTIALITYIn a ruling…       Read More

Small Business: Securing Data With Smart Passwords Newsday  By: Jamie Herzlich Securing corporate and client data can be a hefty task, considering all the potential threats from outside hackers. Creating secure passwords is a critical part in helping to protect a company’s proprietary information and needs to be… Content … M.D. Anderson Loses Device With Patient Data  Houston Chronicle  By: Allan Turner University of Texas M.D. Anderson Cancer Center officials Friday began notifying 2200 patients that a computer flash drive containing their names and health information had been lost in the institution’s second security breach in less than three months. Confidential Company Data: You Might Be Surprised Where It Ends Up  Business Insider Employees may be using their own phones or tablets due to the BYOD (bring your own device to work)  trend, and it can be difficult for companies to control data that is accessible by mobile devices.  In…       Read More

“How to Handle Possible January Budget Sequestration under WARN” On July 30, 2012, the U.S. Department of Labor (DOL) issued Training and Employment Guidance Letter No. 3-12, offering guidance on how  federal contractors should comply with the Worker Adjustment and Retraining Notification (WARN) Act, 29 U.S.C. § 2101-2109, when facing potential layoffs if federal funds are automatically cut in January of 2013 under the Balanced Budget Emergency Deficit Control Act of 1985 (BBEDCA), as amended by the Budget Control Act of 2011.   If  a solution is not reached on certain federal budget issues by January 2, 2013, the President is required to cut discretionary defense spending and discretionary non-defense spending by uniform percentages, estimated to be approximately 10% and 8%, respectively. POSSIBLE CUTS AND LAYOFFS A sudden cut of the revenues that fund job positions at federal contractors and specifically in the defense industry may cause employers to layoff…       Read More

Blizzard’s Battle.Net Service Breached USA TODAY  By: Brett Molina Among data compromised during the breach: global e-mail addresses for users outside China, answers to personal security questions, information related to mobile and dial-in authenticators and scrambled passwords. Blizzard says while software used to … Google Faces Norway Fine on Street View Data Collection Bloomberg  By: Stephanie Bodoni Google Inc. (GOOG) faces a fine from Norway’s data-protection regulator of 250000 kroner ($42260) after unlawfully collecting and failing to delete personal data gathered through its Street View mapping service. In a notice sent to Google this week … US Will Not Challenge Computer Fraud Case to High Court WTAQ  By: Grant McCool The government has decided not to ask the U.S. Supreme Court to review a divided appeals court ruling in a criminal case that drew attention to a 28-year-old computer hacking law that critics argue is being used too broadly. Stanford…       Read More

As is well established in workers’ compensation law, in order for an injury to be compensable, it must have been sustained in the course and scope of the worker’s employment. However, there can sometimes be a very hazy line between activities that fall within the scope of employment and those that do not, especially when the injured worker sustained his or her injury during an unscheduled break. Whether it be an injury sustained when an employee steps outside to take a personal cell phone call, to run an errand, or during any other unscheduled break, the critical question in determining compensability is whether the injured worker’s “deviation” from employment was of a “slight” or “pronounced” nature.  In Georgia, courts have defined the “deviation rule” to mean that where an employee breaks the continuity of her employment for purposes of her own and is injured before she brings herself back into…       Read More

Data Breach Costs LinkedIn Up to $1 MillionSC Magazine By: Marcus Colon Due to one of the year’s largest reported data breaches, business networking site LinkedIn has announced that it already has taken up to a $1 million hit. During its second-quarter earnings call on Thursday, LinkedIn CFO Steve Sordello said the costs… Reuters Hacked, Phony Syria Stories Posted CNET By: Charles Cooper A 21st century postscript: add cyber hacking to the list of means. With Syria in the midst of a raging civil war, somebody hacked the Web site on Friday with a phony post purporting to carry an interview with Free Syrian Army head Riad al-Asaad. Theft of Employee Data from Third-Party Vendor Exposes Employer and Vendor …JD Supra By: Cynthia Larose & Kevin McGinty One unique aspect of Burrows that distinguishes it from the typical privacy class action is an allegation that the named plaintiff suffered actual injury by reason…       Read More

A rehabilitation and nursing company refused to let an employee start working who tested positive on a preliminary Tuberculosis skin test. In its lawsuit,  (EEOC v. Health Partners, Inc., Case  No. 2:11-CV-12024), filed in U.S. District Court for the Eastern District of  Michigan, the EEOC charged that Health Partners violated the Americans with  Disabilities Act (ADA) by refusing to allow an employee to start working after  she tested positive for tuberculosis on a preliminary skin test.  The EEOC contended that such conduct violates  the ADA because Health Partners regarded her as disabled even though she was  not contagious and did not pose a direct threat of health risk to patients or co-employees. Health Partners, Inc., a Southfield, Mich. rehabilitation and nursing company, has agreed to pay $25,000 and conduct training for those employees responsible for hiring in a two-year consent decree.   “The agency’s two-year consent decree provides complete relief…       Read More

Effective August 1, 2012, Alabama law now prohibits drivers from writing, sending or reading a text or email while operating a motor vehicle. First, second and third or subsequent offenses may lead to fines of $25, $50 and $75, respectively.  The law allows a driver to contact  emergency services and send a text or email while parked. The law does not prohibit making or receiving cellular telephone calls or typing in a name or number to make such a call. Law enforcement officers enforcing this section may treat a violation of this section as the “primary or sole reason” for issuing a citation to a driver and may pull over a driver suspected of violating the law. Drivers may use a wireless communication device as a global positioning or navigation system to receive driving directions which has been pre-programmed with the desired coordinates. The programming of coordinates while operating a…       Read More

OSHA issued its Final Rule implementing the whistleblower provisions of the Surface Transportation Assistance Act [STAA]. As a result of the 9/11 Commission Act Amendments, the whistleblower protections of the STAA were expanded to reach beyond safety to include security issues. The STAA protections now make it unlawful to retaliate because an employee:   ·   has filed (or is believed to have filed or is about to file) a complaint regarding a violation of commercial motor vehicle[CMV] safety or security laws or regulations; or   ·   refuses to operate a vehicle in violation of regulations, standards, or orders related to CMV security; or.   ·   refuses to operate a vehicle because he or she has a reasonable apprehension of serious injury to himself or herself or the public due to the vehicle’s hazardous security condition; or   ·   accurately reports hours of duty; or   ·   cooperates with federal or local investigators regarding CMV safety…       Read More