legal_Liability  - legal Liability - Employers Are Liable If They Don’t Protect Employees’ Sensitive Personal Information from Attack

A recent ruling from the Pennsylvania Supreme Court on an employee lawsuit against the University of Pittsburgh Medical Center stemming from a data breach should put all on notice.

As part of hiring any employee, employers need to collect personal – date of birth, social security number, address, full name, and more. But when the organization faces a data breach, are they responsible should employee data be stolen?

In February of 2014, UPMC confirmed a data breach where stole the personal information of about 62,000 current and former . used the data to file fake tax returns to receive tax refund money.

Employees sued UPMC, in which the case was thrown out by two lower courts. But the Pennsylvania Supreme Court reinstated the lawsuit, stating “An employer has a legal duty to exercise reasonable care to safeguard its employees’ personal information stored by the employer on an internet-accessible computer system.”

This ruling doesn’t mean the UPMC is , but it does mean the case lives on. This should serve as a warning to every organization; the potential exists that, should a data breach occur where employee data is stolen, you may be held responsible.

With the primary means of still revolving around phishing and social engineering, organizations need to find ways to empower employees to identify fake emails and websites that are used as part of an elaborate scam. Security Awareness Training provides employees with the education necessary to empower them to become a part of your security stance. With employees vigilant, keeping a security focus in mind as they interact with email and the web, organizations reduce the attack surface, thereby lowering the likelihood of becoming a victim to a data breach.

Should the UPMC case find in favor of the employees, organizations everywhere will need to shore up their security efforts around employee data. Stopping an attack before it begins by making the employee part of the security defense through Security Awareness Training is the first step.


Find out how affordable new-school security awareness training is for your organization. Get a quote now.

 

Get A Quote  - a8252926 7187 4c02 9dd4 933c17d712b1 - Employers Are Liable If They Don’t Protect Employees’ Sensitive Personal Information from Attack
Request A Demo  - 2af0f76d 67ca 4454 9896 5cb1da9b1f50 - Employers Are Liable If They Don’t Protect Employees’ Sensitive Personal Information from Attack

 



Source link
Based Blockchain Network

LEAVE A REPLY

Please enter your comment!
Please enter your name here