Companies should check whether they have a written policy concerning the use and disclosure of protected employee personal information. If they do not, they should confirm that none of the states in which they operate currently require such a policy or are planning to do so through new legislation. The following provides a snapshot of information concerning privacy policies.
The number of states that have enacted statutes that may require employers to create employee privacy policies.1
The fine assessed under New York’s statute to employers who unlawfully disseminate an employee’s SSN.2
The damages awarded to a group of Michigan employees who sued their union after it failed to safeguard their SSN.3
1. These states are: Connecticut (Conn. Gen. Stat. § 42-471), Massachusetts (201 Mass. Code Regs. 17.03), Michigan (Mich. Comp. Laws § 445.84), New York (N.Y. Lab. Law § 203-d), and Texas (Tex. Bus. & Com. Code Ann. § 501.052).
2. N.Y. Lab. Law § 203-d(3).
3. John F. Buckley & Ronald M. Green, State by State Guide to Human Resources Law § 1.36 (2015).