• FREE RESOURCES
  • PREMIUM CONTENT
        • SEE MORE
          PREMIUM RESOURCES
  • HR DEEP DIVES
        • Coronavirus (COVID-19) Resources for HR Professionals
          Employment Law
          Labor Law Posting Requirements: Everything You Need to Know
          Recruiting
          businesswoman selecting future employees on digital interfaces
          Recruiting Resources for HR & Hiring Managers
          Performance Management
          vector image of young female making star rating
          Performance Review Resources
          Employment Law
          Understanding Equal Employment Opportunity and the EEOC
          Recruiting
          Onboarding Resources for HR & Hiring Managers
  • CORONAVIRUS & HR

  • LOGIN
  • SIGN UP FREE

HR Morning

  • FREE RESOURCES
  • PREMIUM CONTENT
        • SEE MORE
          PREMIUM RESOURCES
  • HR DEEP DIVES
        • Coronavirus (COVID-19) Resources for HR Professionals
          Employment Law
          Labor Law Posting Requirements: Everything You Need to Know
          Recruiting
          businesswoman selecting future employees on digital interfaces
          Recruiting Resources for HR & Hiring Managers
          Performance Management
          vector image of young female making star rating
          Performance Review Resources
          Employment Law
          Understanding Equal Employment Opportunity and the EEOC
          Recruiting
          Onboarding Resources for HR & Hiring Managers
  • CORONAVIRUS & HR
  • Employment Law
  • Benefits
  • Recruiting
  • Talent Management
  • Performance Management
  • HR Technology
  • More
    • Leadership & Strategy
    • Compensation
    • Staff Administration
    • Policy & Procedures
    • Wellness
    • Staff Departure
    • Employee Services
    • Work Location
    • HR Career & Self-Care
    • Health Care
    • Retirement Plans

Feds raise the stakes on protecting employee data

Avatar
December 28, 2009
2 minute read
  • SHARE ON

Internet Computer Usage
HR holds a lot of personal information about employees . And a federal bill could put a tougher burden on employers to protect that data.
The Personal Data Privacy and Security Act of 2009 is gaining steam and is going to set new, more precise rules for the management and safekeeping of corporate and government data.
The new act has just cleared a major hurdle, the Senate Judiciary Committee, with an overwhelming bipartisan vote.
The details are likely to change as the bill progresses, but there is no doubt that new, tougher rules on handling data breaches are on the way. Among the provisions likely to be included:

  1. New stiffer federal penalties for identity theft.
  2. The establishment of an Office of Federal Identity Protection will be established as part of the Federal Trade Commission (FTC), which will monitor data breaches and enforce identity theft laws.
  3. A new standard for breach notification. Companies will have to notify all individuals whose data has been compromised. In some cases, credit rating agencies and the U.S. Secret service will also need to be notified.
  4. New standards for data protection including encryption and safe data storage will allow for some exemptions form the notification requirements, and
  5. Executives of companies that willfully avoid notification may be subject to criminal penalties.

While the new rules might be harsh, they will likely replace a patchwork of 45 state regulations currently on the books, allowing companies to follow one single set of procedures and safeguards nationwide.
For more info look here, and here.
HIPAA violations get more expensive
In other news, a recently passed law, the Health Information Technology for Clinical and Economic Health (HITECH) Act, significantly increases the penalties the feds can level against employers and health care providers for HIPAA violations.
Before the HITECH Act, Department of Health and Human Services (HHS) could hand out a maximum fine of $100 for a single violation and $25,000 for all identical violations of the same provision. Now, the rules spell out a series of tiered minimum fines for individual claims, and a $1.5 million maximum when a group of employees are affected.
In addition to the uptick in fines, employers were also handed more responsibility in reporting breaches of health info. After discovering a security breach, companies will have to notify affected individuals, the HHS and, in some cases, “prominent media outlets.” Notice must be provided as soon as possible, no more than 60 days after the discovery.
What constitutes a breach? To trigger the notification requirements, the information leak must involve “personal health information” that’s lost or stolen and readable by whoever ends up with it (i.e. the data’s not encrypted).
The reporting rules go into effect on Feb. 22. The read the text of the rule, click here.

Get the latest from HRMorning in your inbox PLUS immediately access 10 FREE HR guides.

I WANT MY FREE GUIDES

Keep Up To Date with the Latest HR News

With HRMorning arriving in your inbox, you will never miss critical stories on labor laws, benefits, retention and onboarding strategies.

Sign up for a free HRMorning membership and get our newsletter!
  • This field is for validation purposes and should be left unchanged.
HR Morning Logo
  • Facebook
  • Twitter
  • Linked In
  • ABOUT HRMORNING
  • ADVERTISE WITH US
  • WRITE FOR US
  • CONTACT
  • Employment Law
  • Benefits
  • Recruiting
  • Talent Management
  • HR Technology
  • Performance Management
  • Leadership & Strategy
  • Compensation & Payroll
  • Policy & Culture
  • Staff Administration
  • Wellness & Safety
  • Staff Departure
  • Employee Services
  • Work Location
  • HR Career & Self-Care

HRMorning, part of the SuccessFuel Network, provides the latest HR and employment law news for HR professionals in the trenches of small-to-medium-sized businesses. Rather than simply regurgitating the day’s headlines, HRMorning delivers actionable insights, helping HR execs understand what HR trends mean to their business.

Privacy Policy Terms of Service
Copyright © 2021 SuccessFuel

WELCOME BACK!

Enter your username and password below to log in

Forget Your Username or Password?

Reset Password

Lost your password? Please enter your username or email address. You will receive a link to create a new password via email.

Log In

During your free trial, you can cancel at any time with a single click on your “Account” page.  It’s that easy.

Why do we need your credit card for a free trial?

We ask for your credit card to allow your subscription to continue should you decide to keep your membership beyond the free trial period.  This prevents any interruption of content access.

Your card will not be charged at any point during your 21 day free trial
and you may cancel at any time during your free trial.

preloader