TR Forums

Can anyone point me to (preferably common-language) relevant privacy laws on employer responsibility protecting employee information?

I have now found several instances on a shared network drive at work of confidential employee information, including SSN, credit card numbers, addresses, driver's license numbers, license numbers, etc.

Thanks.

http://labor-employment-law.lawyers.com ... ivate.html

In general, unless you're a federal agency or contractor, state laws will specify the employer's responsibilities.

If you are the employer, then this forum is the wrong place for an answer: you really should talk to a lawyer who specializes in business law, and is familiar with the policies of the state(s) in which you have active employees, especially since you are already aware of potentially compromised information for which the company may have responsibility and/or liability. It will cost you perhaps $300 for an hour of consultation but it puts you in a much safer position than trying to wade through state statutes without knowing the precedents or corner cases.

And if it turns out there is a larger liability problem that may need to be cleared up with notices to affected employees and offers of identity theft protection, you're going to need to retain that lawyer for some time.

I am an employee, not the employer. I was mostly upset that all of my information was exposed to any employee of the company. Oddly, this does not appear to be illegal. Texas, like most states, only seems to regulate disclosure of information for/by government agencies and financial institutions. Private employers seem largely exempt from these regulations, which seems ridiculous in the digital age.

Huh, apparently I needed to look to Texas Common Law...

Ditiris wrote:

Private employers seem largely exempt from these regulations, which seems ridiculous in the digital age.

Hi, did you know you're in Texas?

bthylafh wrote:

Ditiris wrote:

Private employers seem largely exempt from these regulations, which seems ridiculous in the digital age.

Hi, did you know you're in Texas?

Don't make fun of Texas.

https://www.youtube.com/watch?v=RJ_PwD0gOSo

And, as always in threads of such nature, I will remind all that (AFAIK) none of us are real lawyers. I would say to the OP that you should seriously consider a quick consult with a local lawyer to see if there is any fire behind the smoke you've found.

Thanks for listening.

Obviously IANAL either, but that sounds pretty bad to me. I suppose *how* bad depends on how loose the permissions on that folder share are; if it's wide open and everyone has access, it seems to me that could be lawsuit material, especially if the info ever gets used for nefarious purposes.

Regardless of law, I'd be pissed to think that my employer would be so careless as to store that information in a manner that was accessible to anyone with access to your network, employee or otherwise. To not even password protect and encrypt it at the least is just plain out careless. I hope you find a reasonable way to set it straight Ditiris.