HSE Partner and Chair of HSE's Privacy and Data Security practice F. Paul Greene will be speaking at the upcoming FBI cyber symposium entitled, "Cyber Security and Your Business," taking place on Tuesday, September 27, 2016 at the Rochester Institute of Technology.
Effective as of July 12, 2016, the European Union has implemented the new US-EU Privacy Shield (the “Privacy Shield”). The Privacy Shield permits US organizations to self-certify that they meet the requirements for protecting Europeans’ personal data (“EU Data”), allowing them to receive such data from EU organizations. The Privacy Shield is designed to replace the former US-EU Safe Harbor (the “Safe Harbor”), which was invalidated in a case decided by the Court of Justice of the European Union (the “CJEU”) in October of last year.
Dealing with Federal Trade Commission (“FTC”) cyber security standards can be a daunting task, as the FTC enforces cyber security issues under Section 5 of the Federal Trade Commission Act, which prohibits “deceptive” and “unfair” business practices generally. Beyond that general mandate, however, there are no hard-and-fast guidelines as to what the FTC considers to be “reasonable” by way of cyber security efforts a company may have taken before a breach. Indeed, the FTC has pointed to at least seven different sources of information as to what a company should do to keep customer and employee data safe:
HSE Labor and Employment attorneys Amy L. Hemenway and Benjamin E. Mudrick discussed the Department of Labor's May 18th final rule implementing changes to the tests to qualify for the white collar exemptions from overtime under the federal Fair Labor Standards Act.
On May 18, 2016, the U.S. Department of Labor announced a final rule calling for changes to the regulations governing the three white collar (executive, administrative and professional) exemptions from overtime under the federal Fair Labor Standards Act. The final rule, which follows a proposed rule issued in July 2015, takes effect December 1, 2016.