Workplace Privacy Counsel : San Francisco Employment Privacy Law Lawyer & Attorney : Littler Mendelson Law Firm : Employment Related Privacy Issues

On Wednesday the Equal Employment Opportunity Commission (EEOC) approved in a 4-1 vote updated enforcement guidance governing the legality of considering a job applicant’s or employee’s criminal history when making hiring or other employment decisions. Commissioner Victoria Lipnic (R) joined the Democrat Commissioners in support of the guidance, while Constance Barker (R) was the lone member to vote against the new guidance. Although the use of credit history for employment screening had been a topic of discussion during an earlier Commission meeting, the Commission has not issued guidance on this topic. Given Commissioner Stuart Ishimaru’s (D) impending resignation, it is likely that any new guidance on credit history would need to be a bipartisan effort with only four Commissioners if such guidance is issued at all anytime soon. To learn more about the revised guidance and its implications for employers, please continue reading at Littler's D.C. Employment Law Update.

• Print
• Trackbacks
• Share Link

Employers continue to wrestle with the issue of whether to require employees and prospective employees to divulge their social media passwords. A recent spike in interest by the media, by advocacy groups, legislators and the general public has refocused attention on the issue. Although it may not be unlawful to seek the information to conduct background checks, deter and investigate harassment of coworkers, and discourage employees from posting online content that disparages the employer's products or services, in most situations, it is inadvisable. To learn more about the pitfalls of social media information requests, proposed federal and state bills prohibiting such requests and their potential implications for employers, please continue reading Littler's ASAP, Though Not Yet Banned, Requiring Social Media Information Is a Bad Idea by Chris Leh.

• Print
• Trackbacks
• Share Link

Effective May 4, 2012, the Massachusetts Criminal Offender Record Information ("CORI") Reform Act (the Act), which was enacted in August 2010 with the controversial "ban the box" legislation, will significantly change the way employers access, use and maintain information obtained through the Commonwealth's CORI system. The Act will allow all employers access to a new online records system, but also imposes obligations on employers that acquire criminal history information from private sources, such as consumer reporting agencies (background report vendors). Employers should review their hiring and background check policies now to determine whether any updates are necessary. To learn about the Act and its potential implications for employers, please continue reading Littler's ASAP, Massachusetts Employers Face New Obligations When Conducting Background Checks Involving Criminal History Records, by Christopher Kaczmarek, Carie Torrence, and Joseph Lazazzero.

• Print
• Trackbacks
• Share Link

Philip Gordon will be speaking on a range of privacy and data protection issues at the following upcoming events:

Date: January 11, 2012
Conference: BNA
Location: Webinar
Topic: Phil Gordon and Michael McGuire, Shareholder and Chief Information Security Officer at Littler, will co-present “The Challenges of Bring Your Own Device (BYOD) to Work Policies”
Description: With employees demanding the ability to use their personal smart phones and tablets for business purposes and employers looking for new ways to reduce cost and increase productivity, the trend towards “dual-use devices” in the workplace will undoubtedly continue to pick up stream. This webinar will provide practical recommendations for both areas so that your organization understands the risks of saying “yes” to requests from C-level executives or department chiefs to connect their smartphones or tablets to the corporate network.
For more information and to register, please visit: www.bna.com/own-device-19107/.

• Print
• Trackbacks
• Share Link

The Equal Employment Opportunity Commission's Office of Legal Counsel released an advisory opinion on employer use of arrest and conviction records during the hiring process. The non-binding letter provides some insight into the Commission's current enforcement position and suggests the Commission: (1) will continue to differentiate between arrest and conviction records; (2) may not be prepared to adopt a presumption of disparate impact in this context; and (3) will in the event of a finding of disparate impact, closely scrutinize the employer's policy with regard to both how long convictions are disqualifying and whether the underlying criminal conduct is related to the job duties for the position in question. To learn more about the EEOC's advisory opinion and its potential impact on employers, please continue reading Littler's Insight, EEOC Advisory Guidance Offers Insight on the Use of Arrest and Conviction Records, by Rod Fliegel and Jennifer Mora.

• Print
• Trackbacks
• Share Link

On October 10, 2011, the Office of California Governor Jerry Brown announced that Governor Brown had signed AB 22, legislation that adds a new provision to the California Labor Code and amends the state's Consumer Credit Reporting Agencies Act to restrict the discretion that private and public sector employers have to use "consumer credit reports" for hiring and personnel decisions. Together, the new laws, which take effect on January 1, 2012, limit when employers lawfully can use consumer credit reports and impose notice and disclosure obligations on employers who intend to do so. To learn more about the laws and their implications for employers, please continue reading Littler's ASAP, California Joins States Restricting Use of Credit Reports for Employment Purposes, by Rod Fliegel and Jennifer Mora.

• Print
• Trackbacks
• Share Link

On Tuesday, July 26, 2011, the Equal Employment Opportunity Commission (EEOC) held its latest meeting on the topic of protections for job applicants with arrest and conviction records under Title VII of the Civil Rights Act of 1964. The full Commission heard remarks from the panelists related to three areas: "Best Practices From Employers," "An Overview of Local, State and Federal Programs and Policies" and "Legal Standards Governing Employers' Consideration of Criminal Arrest and Conviction Records."

Although for the past few years the EEOC has renewed its focus on the hiring process, including Title VII protections for ex-offenders, the current Commissioners (Jaqueline Berrien, Stuart Ishimaru, Constance Barker, Chai Feldblum and Victoria Lipnic) have not indicated whether the EEOC will update its 1987 Policy Statement on the Issue of Conviction Records under Title VII, and did not do so at the July 26 meeting. As a result, it remains important for employers who may be the target of disparate impact claims or charges challenging their conviction-based screening policies to: (1) understand the current state of the case law; and (2) continue to closely monitor developments at the federal, state and local levels in this dynamic area of the law.

To learn more about the EEOC's meeting on employers' use of criminal arrest and conviction records during the hiring process, and the potential implications for employers, please continue reading Littler's ASAP, The EEOC's Priorities Still Include Regulating the Use of Criminal Records by Employers, by Rod Fliegel and Barry Hartstein.

• Print
• Trackbacks
• Share Link

Effective October 1, 2011, employers in Connecticut will face new restrictions on the use of credit reports regarding current or prospective employees as a result of the recent enactment this month of Connecticut Public Act 11-223. In enacting the new law, Connecticut becomes the sixth state limiting employers' use of credit reports, following Hawaii, Washington, Oregon, Illinois, and Maryland. Similar laws are pending in several other states and at the federal level. The Equal Employment Opportunity Commission (EEOC) is also conducting related investigations and pursuing at least one disparate impact claim based on the use of credit reports. Thus, employers who use credit history information to inform hiring or personnel decisions in states that have enacted credit check laws should review their policies for compliance, and employers everywhere should continue to monitor developments in this evolving area of the law. To learn more about the Connecticut law and its implications for employers, please continue reading Littler's ASAP, Use of Credit Reports by Employers Will Soon Be Restricted in Connecticut, by Rod Fliegel and William Simmons.

Photo credit: Pawel Gaul

• Print
• Trackbacks
• Share Link

By Philip Gordon

Last month, the Federal Trade Commission (FTC) published a letter closing its investigation into whether an “Internet and social media background screening service used by employers in pre-employment background screening” complied with the Fair Credit Reporting Act (FCRA). At first blush, the letter appears to be a non-event. The FTC did not impose a penalty but also admonished that its “action is not to be construed as a determination that a violation may not have occurred.” While not much can be drawn from this equivocal result, the FTC’s letter does contain the following important conclusion: the “social check” service in question, known as Social Intelligence, “is a consumer reporting agency because it assembles or evaluates consumer report information that is furnished to third parties that use such information as a factor in establishing a consumer’s eligibility for employment.” Put into plain English, employers that rely on a social check service, like Social Intelligence, to search social media for information about job candidates must comply with the FCRA.

• Print
• Trackbacks
• Share Link

By Philip L. Gordon

I was recently interviewed by Nymity on the dozen top challenges for employers when developing and enforcing social media/Web 2.0 policies. Part I of the interview [pdf] addresses the following questions: 

• Online Background Checks: What are the risks? What are practices that should be curtailed? How can a company gain the benefits of the tools, and minimize those risks?
• Customer‐Facing Company Sites: Such sites and other customer facing tools and techniques can build a brand over night. How does a company avoid the issues and gain the brand lifting benefits?
• Individual Employee Sites for Business Purposes: Who “owns” these sites, such as LinkedIn contacts and Facebook fan pages? Must an employee establish a new account for their work with a company? What are the best practices in these situations?
• Internal Company‐Sponsored Sites: What is special about these that require policy statements or recommendations? Can these sites really be a problem?
• Employees Off‐Duty Social Media Activity: We’ve discussed social media activity for work purposes, what about employees’ off‐duty social media conduct. What are the risks there and how should employers address them?
• Disciplining Employees Based On Off‐Duty Social Media Activity: There seems to be much confusion over when employers can discipline employees for their off‐duty social media activity. What are the key risks to avoid? What are the best practices that can be adopted to avoid what types of risks?

I will post Part II when it becomes available. 

Photo credit: CrackerClips

• Print
• Trackbacks
• Share Link

by Philip L. Gordon

When Maryland enacted its law (pdf) restricting the use of credit history for employment purposes on April 12, 2011, it became the fifth state – joining Hawaii, Illinois, Oregon, and Washington – to enact a credit privacy law. Maryland’s law transforms what was a mildly complicated compliance challenge for multi-state employers into an expanding morass. With credit privacy bills currently pending in more than twenty states, multi-state employers should expect that it will become increasingly difficult to establish company-wide policies on the use of credit history for employment purposes.

The core issue for employers who use credit checks for employment purposes (other than financial institutions which are carved out from each of the laws) is the scope of the exception to the general prohibition against using credit checks for employment purposes. At first blush, there appears to be uniformity because all five states permit employers to use credit checks for employment purposes when the check is “substantially related” to the applicant’s or employee’s job responsibilities.

The crux of the problem is the near total discordance over how “substantially related” should be defined. To begin with, the laws in Washington and Oregon provide no definition at all of “substantially related.” Oregon’s Bureau of Labor and Industry (BOLI), by regulation, defines “substantially related” to mean that an essential function of the job require access to financial information, but the regulations do not define the term “financial information.” Illinois’ law also permits credit checks for positions that “involve access to . . . financial information.” However, it is not clear whether the access must be an essential job function (as is the case in Oregon). Furthermore, Illinois narrowly defines “financial information” to mean “non-public information on the overall financial direction of an organization, including, but not limited to, company taxes or profit and loss reports.” At least as of now, employers have no way of knowing whether Oregon’s BOLI intended to define “financial information” more broadly than Illinois’ legislature.

• Print
• Share Link

By Philip Gordon.

Recently, the American Civil Liberties Union of Maryland tried to publicly embarrass the Maryland Department of Public Safety and Correctional Services (the “Maryland Corrections Department”) into suspending its practice of asking job applicants to disclose their Facebook password so that the Department could check whether the applicant’s wall or stored e-mail revealed any connection to criminal activity. According to a letter dated January 25, 2011 (pdf), sent by the ACLU to the Maryland Corrections Department, this practice “is illegal under the federal Stored Communications Act (SCA), 18 U.S.C. §§2701-11 and its state analog, Md. Courts & Jud. Proc. Art., §10-4A-01, et seq.” The ACLU’s contention is inaccurate.

Both of the cited statutes prohibit unauthorized access to electronic communications stored at an electronic communications service provider. Even assuming that these statutes apply to content stored on Facebook’s servers (and that point is far from settled), the Maryland Corrections Department did not gain “unauthorized” access to applicants’ Facebook page. Rather, the Department would access information on Facebook only after the applicant authorized such access by providing the Department with the applicant’s password.

The true core of the ACLU's position is the following assertion contained in its January 25, 2011 letter: “[T]here can be little question but that forced ‘authorization,’ such as that demanded of [the applicant by the Maryland Corrections Department], is not proper authorization under the SCA, given the disparate bargaining power of the employer and employee or applicant.” While rhetorically appealing at first blush, this argument assumes too much, especially with respect to applicants.

Applicants are not “forced” to provide authorization. The Maryland Corrections Department emphasized that applicants could refuse to provide their password and may still be eligible for a position. But, even if the Department’s practice were to require disclosure of the password, an applicant who does not want a prospective employer to view his “friends-only” Facebook page would have the choice to refuse the request and hope to get the position or seek employment elsewhere. Indeed, if the ACLU’s contention were correct, then the millions of authorizations for pre-employment background checks and drug screens that have been executed by applicants since those forms of pre-employment investigations became routine also would be invalid.

• Print
• Share Link

By Philip Gordon and Katherine Dix

Earlier this week, the United States Supreme Court in NASA v. Nelson (pdf) upheld the National Aeronautics and Space Administration’s (NASA) right to conduct reasonable background checks on the employees of government contractors. While the case focused on the scope of background checks conducted by the federal government, the Court’s ruling provides some useful guidance for private employers as well.

The case arises from NASA’s decision to unilaterally amend its contract with the California Institute of Technology (“Caltech”) — which operates the Jet Propulsion Laboratory (JPL) for NASA — to require that all JPL employees working at JPL undergo broad background checks. In addition to requesting relatively basic background information, the background check asks whether the employee has “used, possessed, supplied, or manufactured illegal drugs” in the last year. If the answer is “yes,” the employee must provide information about “any treatment or counseling received,” which, according to NASA, would be used only as a mitigating factor.

As part of the background check, the government also sends form questionnaires to the employee’s former employers, schools, landlords, and references. The form questionnaire asks whether the reference has “any reason to question” the employee’s “honesty or trustworthiness.” It further seeks “adverse information” about the employee’s “violations of the law,” “financial integrity,” “abuse of alcohol and/or drugs,” “mental or emotional stability,” and “general behavior or conduct.” The questionnaire then provides the reference the ability to provide “additional information” — derogatory or favorable — that may bear on “suitability for government employment or security clearance.”

• Print
• Share Link

In Rea v. Federated Investors, No. 10-1440 (3d Cir. Dec. 15, 2010), the U.S. Court of Appeals for the Third Circuit weighed in on a timely issue for private sector employers: whether Section 525 of the Bankruptcy Code prohibits a private employer from rejecting job applicants based on a bankruptcy filing. The Third Circuit held that the statute's reach does not extend to the hiring process, and it affirmed the district court's order dismissing the case on the pleadings. The court's decision is plainly favorable to private sector employers with operations in the Third Circuit, but employers still should be mindful of several related legal considerations. To learn more about the decision and its implication for employers, please continue reading Littler's ASAP, Third Circuit Clarifies that Bankruptcy Code Does Not Prohibit Employers from Considering Previous Bankruptcies in Hiring Decisions by Rod Fliegel and William Simmons. 

Photo credit: contour99

• Print
• Trackbacks
• Share Link

Close on the heels of the EEOC’s October 20, 2010, public meeting on the use of credit checks by employers, Loudy Appolon filed a putative class action against the University of Miami and the Leonard M. Miller School of Medicine alleging that the schools utilized credit checks in a manner that discriminates against African American and Latino applicants.

The complaint alleges that in 2009, Appolon, an African American, applied for a senior medical collector position with the University of Miami, Miller School of Medicine. She received a conditional offer of employment, contingent on a background check. Prior to beginning her employment — but after she quit her employment with North Shore Medical Center — the University withdrew its offer of employment as a result of her credit report. The credit report on which the University relied contained errors. Appolon corrected the errors with the credit reporting agencies. She also attempted to notify the University of the errors to no avail. According to Appolon, the corrected report showed she had no active credit problems or other problems relevant to the senior medical collector position.

• Print
• Share Link

The EEOC’s decision to dedicate its first public meeting in more than a year, held on October 20, 2010, to employers’ use of credit history as an employment screening tool magnified the recent focus of legislators and regulators on that topic. As discussed in several recent posts, four states — Hawaii, Illinois, Oregon, and Washington — have recently imposed significant restrictions on employers’ use of credit history for employment purposes. Similar legislation is pending in more than fifteen states, and federal legislation, which would impose restrictions even broader than existing state laws, is pending in Congress. In light of these legislative developments, the EEOC meeting was particularly significant for two reasons.

First, none of the participants, comprising representatives of consumer and business interests as well as two academics, were able to cite a single study that proved or disproved the existence of a specific link between any particular credit profile and poor job performance or a propensity to engage in dishonest or criminal conduct. In fact, the two academics’ prepared statements emphasized the dearth of empirical data in this area.

For employers, the absence of reliable studies highlights the need to tread cautiously when using credit history to make employment decisions. Jumping to conclusions not supported by empirical data could, for example, result in the rejection of an applicant whose financial difficulties might actually have motivated the applicant to exceed expectations. In addition, the employer could open itself to allegations that its purported reliance on credit history was a subterfuge for discrimination against the rejected applicant.

• Print
• Share Link

Background checks seem to be a hot topic in state legislatures these days. In the past six months, for example, several states — including Illinois, Massachusetts, Oregon, and most recently California — have enacted laws bearing upon the process of checking the backgrounds of job applicants and employees. Under the new California law (pdf), effective January 1, 2012, background check authorizations must include the “Internet Web site address . . . where the consumer may find information about the investigative reporting agency’s privacy practices.” This seemingly trivial change is endemic to the challenges that employers confront in the area of background check compliance.

No case of which we are aware addresses the question whether an employer’s background check procedures must comply with only the law of the state(s) in which the employer is located, only the law of the state where the applicant or employee resides, or both. The question is far from academic. Even employers located in a single state routinely advertise positions on a company-sponsored web site, or through third-party web sites, accessible to applicants in all fifty states. Further, given the high unemployment rate and the general mobility of the U.S. workforce, job applicants for virtually any position could reside in any state.

In light of these factors, the most conservative employer — even if located in a single state — would conduct background screening in a manner that complies with the laws of all fifty states. However, as noted above, state legislatures are enacting new restrictions on, or requirements for, pre-employment background checks at an accelerated rate. In addition to the challenge of remaining up to date with this surge of legislation, employers face the difficulty of generating compliance forms that are not encyclopedic and that applicants of all educational levels can easily comprehend.

• Print
• Share Link

Yesterday, the U.S. Supreme Court heard oral argument in a case challenging NASA’s background checks of “low risk” private contractors working at the agency’s Jet Propulsion Laboratory (JPL). At first blush, the case does not appear to be particularly relevant to private employers given that NASA is a public employer and, as the oral argument revealed, the appeal will turn principally on the Supreme Court’s interpretation of the federal constitutional right to information privacy applicable only to public employers. Deeper consideration suggests, however, that the Court’s decision could have significant implications for private sector employers.

The case arises from NASA’s decision to unilaterally amend its contract with the California Institute of Technology (“Caltech”) — which operates JPL for NASA — to require that all JPL employees working at JPL undergo broad background checks. After NASA rejected Caltech’s objections to the background check policy, Caltech adopted a policy — not required by NASA — that all JPL employees who did not successfully complete the background check process and receive a federal identification badge would be deemed to have voluntarily resigned their Caltech employment. JPL employees who work at JPL sought to enjoin implementation of NASA’s background check policy.

• Print
• Trackbacks
• Share Link

Recently enacted legislation in Massachusetts will significantly affect employers’ use of criminal history information for employment purposes. While most provisions of the new law (pdf) do not go into effect until May 2012, one provision, effective on November 4, 2010, requires the immediate attention of multi-state employers.

This provision generally prohibits employers from inquiring in an “initial written application form” about an applicant’s criminal history. Two narrow exceptions permit questions about criminal history if a federal or state regulation (1) disqualifies the applicant from employment in the open position based on a criminal conviction; or (2) bars the employer from hiring for one or more positions an individual with a criminal conviction. The second exception, as written in the statute, is ambiguous. It is unclear whether an employer who is barred from hiring a convicted criminal for certain positions may inquire into an applicants’ criminal history on the initial employment application used for a variety of positions, including those that can be filled by a convicted criminal. This issue is particularly important for multi-state employers who use a standard job application form for all jurisdictions.

Before the new law’s November effective date, all multi-state employers should carefully reviewany job application form that is completed by Massachusetts applicants. If the employer has no position for which federal or state law prohibits the hiring of a convicted criminal, the employer should add an instruction to Massachusetts applicants, immediately below any question seeking information about criminal history, directing Massachusetts applicants not to respond. If the employer has one or more positions for which federal or state law prohibits the hiring of a convicted criminal, the employer should consider an instruction which directs Massachusetts applicants not to answer the question unless they are applying for one or more of a list of specified positions. The list would include those positions for which state or federal law prohibits the hiring of a convicted criminal.

• Print
• Share Link

An article that I recently published in BNA’s Privacy & Security Law Report examined the incipient trend towards state law restrictions on the use of credit history in employment decisions. Illinois has now become the fourth state — following Hawaii, Oregon, and Washington — to impose such restrictions, and similar bills are pending in nearly one dozen other states.

The Illinois law, enacted on August 10 and effective on January 1, 2011, generally prohibits employers from making any employment decision based upon an individual’s credit report or credit history. While the term “credit report” is limited to credit information provided by a consumer reporting agency (e.g., a background check vendor), the statute broadly defines “credit history” to include “an individual’s past borrowing and repaying behavior, including paying bills on time and managing debt and other financial obligations.” The new law also generally prohibits employers from obtaining a credit report on an applicant or employee and from asking an applicant or employee about his credit history.

• Print
• Share Link

The Oregon Bureau of Labor and Industries (BOLI) issued final rules to implement restrictions on an employer's use of information contained in an applicant's or an employee's credit history. BOLI's final rules effectuate Oregon's new law, "The Job Applicant Fairness Act," which will go into effect July 1, 2010. To learn more about the regulations and their implications for employers, continue reading Littler's ASAP, Oregon’s Job Applicant Fairness Act Update - BOLI Issues Final Rules, by Howard Rubin and Janice Kim.

• Print
• Trackbacks
• Share Link

Last week, Oregon joined a growing national trend, apparently in response to the recession and the foreclosure crisis, that restricts the ability of employers to use credit history in employment decisions. Under the Oregon law, it is an unlawful employment practice, except in limited circumstances, for an Oregon employer to use credit history in making hiring decisions or any decision affecting current employees. The law confers on Oregon employees the right to file an administrative complaint or a private lawsuit claiming that the law has been violated. Employees who prevail may recover lost wages and attorney fees. The law becomes effective July 1, 2010.

• Print
• Trackbacks
• Share Link

“BeenVerified” is a new mobile Web application that allows users to conduct background checks on any individual by merely entering the name or email address of the individual. Users get three free background checks monthly and unlimited checks for a monthly fee of only $8. BeenVerified has been a smashing success, with more than one million checks run to date.

HR professionals, recruiters, managers, and co-workers may find BeenVerified hard to resist. According to the application, users can check an individual’s “Criminal History, Property Records, Current Contact Info, Relatives, Neighbors, and more,” merely by entering an individual’s name. By entering an email address, the user can find out about the individual’s social networking activities and view “their online photos, websites, blog posts, and entire online presence.” All of the data is compiled into a concise report.

Despite its ease of use and apparent low cost, the BeenVerified app may expose employers to liability under the federal Fair Credit Reporting Act (FCRA) and analogous state laws. These laws prohibit background checks for employment purposes without providing notice and obtaining the subject’s prior, written authorization. The FCRA permits recovery of compensatory damages, including statutory damages for willful violations, and a fee award.

Although BeenVerified states that information obtained “should not be used for employment, tenant screening, or any FCRA related purposes,” the potential for abuse exists. HR professionals, recruiters, managers, and co-workers now have the ability to review financial, criminal, and other personal information about subordinates, co-workers, and applicants without any safeguards to protect against violations of federal and state background check laws. As a result, employers should consider implementing a policy that prohibits employees from using the application to obtain information about any other employee unless the user has complied with the FCRA’s notice and authorization requirements.

This entry was written by Philip L. Gordon and Jennifer L. Mora.

Photo credit: HelleM 

• Print
• Trackbacks
• Share Link

Workplace privacy obligations continue to grow more burdensome for employers. As more information about workers becomes readily available, employers are often caught between a sense that failing to use that information may lead to negligent hiring and retention claims, and a fear that using or disseminating information that is private or protected will lead to litigation in its own right.

Littler Mendelson is a member of the International Association of Privacy Professionals, and a Gold Sponsor of the IAPP's "Practical Privacy Series Human Resources 2008" conference. The conference, which will take place in New York City on June 17, will cover a range of topics, including:

• "What to Do When a Human Resources Security Breach Inevitably Occurs":  A security breach involving human resources data is high-stakes for organizations. This presentation focuses on the most common causes of HR security breaches and explains from the trenches how to respond in compliance with applicable notice laws, and without a disgruntled workforce when the dust clears;
• "It's 10:00 A.M. -- Do You Know Where Your Employees Are and What They Are Doing?": New technology offers employers ever more sophisticated tools to keep tabs on their employees, but to what extent does this monitoring expose them to liability? This session examines the evolving U.S. law on these issues and discusses the challenges for global employers confronting data protection regimes modeled on the EU Data Protection Directive;
• "H.R. Risk Assessments": Safeguarding HR information often plays second fiddle to seemingly more imperative privacy data, such as patient or customer information. Yet it can be among the most sensitive at an organization. This presentation highlights key lessons learned from HR privacy risk assessments across industries, and from helping organizations remediate weaknesses in their control environments. This session looks into the logistics of operationalizing a response program and handling specific recurring incidents; 
• Littler's own Phil Gordon will speak on "Sex Offenders, Terrorists, And Video Resumes: How Far Can You Go To Get Information About Prospective, Current, And Former Employees?": With ready access to sensitive personal information, employers are under increasing scrutiny to maintain a workforce that is beyond reproach. Social networking sites, blogs and other resources offer a wealth of information on candidates and employees. How deeply should employers tap these new information sources? This presentation will help frame the debate for your own organization; and
• I'll be talking about how--and when--an employer can use sensitive medical information in the employment context in a presentation called "How To Handle Employee Health Information And Drug And Alcohol Testing In Compliance With The Alphabet Soup Of State And Federal Confidentiality Requirements": Managing employees’ health is a critical business imperative. Employers confront a maze of laws and regulations governing the confidentiality of employee health information, and dire consequences for mishandling such information. This session addresses questions on collecting, using, storing, documenting and disclosing employee health information, among other concerns.

If you are interested in these topics, or know someone who is, go to International Association of Privacy Professionals and click on the box titled "Practical Privacy Series." We'd love to see you there!

• Print
• Trackbacks
• Share Link

More and more businesses — especially those in highly regulated industries such as banking, telecommunications, and health care — are engaging in “vendor management” as they implement increasingly rigorous information security programs.  Confirming the trustworthiness of vendors’ employees who are permitted on premises or who are authorized access to sensitive information is a cornerstone of such programs.  Consequently, these businesses are starting to make a variety of demands in contract negotiations and requests for proposals (RFPs) for background checks and drug-testing of vendor employees.

The demands vary based upon the industry and the company.  At a minimum, these businesses require their vendors to certify that employees who will be working on the customer’s account have successfully completed a background check and a drug screen.  At the other end of the spectrum, businesses specify the contents of background and drug screens and demand the right to audit the results or even conduct their own background checks and drug tests of the vendor’s employees.

These demands put vendors “between a rock and a hard place.”  On the one hand, vendors want to maintain strong relationships with valued customers and win contracts with new customers.  On the other hand, turning over background checks and drug test results to a customer can raise red flags with the vendor’s workforce regarding their privacy.  And, if not properly handled, the issue can mushroom into an employee relations nightmare and expose the vendor to privacy-based claims.  The problem is particularly acute for vendors who have not previously required current employees, or even job applicants, to submit to background checks or drug tests.

Here are three of the steps vendors might consider to avoid this catch 22:

• Print
• Trackbacks
• Share Link