1Recently, Epstein Becker & Green attorneys Michelle Capezza, Christopher Farella, Laurajane Kastner and Patrick Lucignani attended the New Jersey Technology Council (NJTC) 2015 Annual Meeting held on July 15, 2015 at the Forsgate Country Club in Monroe, NJ.   A dynamic panel discussed many innovative ways technology is being used in today’s sports and how it may be used in the future. Tools have emerged to assist in coaching, refereeing and reviewing plays, as well as the development of sensors and technology to protect player safety, virtual player training techniques and video analytics to confirm infractions and potential safety hazards, just to name a few.  John Nisi, Regional Chief Technology Officer for Microsoft Consulting Services remarked that one of the biggest challenges in designing these technologies is determining how to bring technology into the game without interfering with the fabric of the game. And many U.S. sports leagues,  such as the NFL, NHL, NBA, MLB, and NASCAR, are eager to utilize these new technologies but they must be designed and tailored to the needs of their particular sports, including the environments in which their sports are played.  Chip Foley, VP of Sports & Entertainment at High Point Solutions, and Adam Davis, Chief Revenue Officer for the Prudential Center & NJ Devils also noted the challenges associated with developing the required infrastructure in sports arenas and venues that can support the new apps and technologies being introduced.  Ian Goldberg, Founder and CEO of iSports360, offered yet another perspective involving use of mobile technologies for youth sports coaches and parents that can assist with training, coaching and managing performance expectations of young athletes.  When asked about sports fan technology, the panelists noted that video, interactive and visualization technologies for fans will become more prevalent.2

Technology companies interested in developing the apps and new technologies that will be useful and appealing to the sports market, as well as the organizations using these technologies, have a lot to consider.  The amount of data alone that can be collected with these technologies will transform how sports are played, viewed, analyzed and even bet on.  Undoubtedly, concerns regarding data privacy and security will need to be addressed.  Further, as panelists remarked, introduction of new technologies to the game often requires related revisions of rules and regulations governing the sport.  The possibilities are limitless, and perhaps the game will never be the same.

The NJTC is a not-for-profit, trade association which focuses on connecting decision-makers and thought-leaders from technology and technology support companies through access to financing opportunities, networking, and business support. Through its programs, the NJTC provides timely business information to help its members grow and succeed and provides forums for member companies to work together to advance New Jersey’s, and the region’s, status as a leading technology center. For more information regarding The New Jersey Technology Council, visit www.njtc.org.

In a decision emphasizing the need for employers to focus on data security, on June 15, 2015, the U.S. District Court for the Central District of California refused to dismiss a lawsuit filed by nine former employees of Sony Pictures Entertainment who allege the company’s negligence caused a massive data breach.  Corona v. Sony Pictures Entm’t, Inc., Case No. 2:14-cv-09600 (C.D. Ca. June 15, 2015).

In November 2014, Sony was the victim of a cyber-attack, which has widely been reported as perpetrated by North Korean hackers in relation for “The Interview,” a Sony comedy parodying Kim Jong Un.  According to the complaint in this case, the hackers stole nearly 100 terabytes of data, including sensitive personal information, such as financial, medical, and other personally identifiable information (“PII”), of at least 15,000 current and former Sony employees.  The hackers then posted this information on the internet and used it to threaten individual victims and their families.  The nine named plaintiffs purchased identity protection services and insurance, as well as took other measures, to protect their compromised PII.

The plaintiffs filed a class action lawsuit alleging Sony failed to implement and maintain adequate security measures to protect its employees’ PII, and then improperly waited at least three weeks to notify plaintiffs that their PII had been compromised.  The plaintiffs asserted claims of negligence, breach of implied contract, and statutory violations of California, Virginia, and Colorado law.

Sony moved to dismiss the complaint.  First, Sony argued that plaintiffs lacked standing because they had not alleged a current injury or a threatened injury that is currently impending.  The court disagreed, concluding that the allegations of increased risk of future identity theft sufficiently established certainly impending injury.

Sony then challenged the viability of each claim.  While the court dismissed certain of the claims, the court allowed the plaintiffs to proceed with their claims of negligence and violations of California’s Confidentiality of Medical Information Act and Unfair Competition Law.  Key to the court’s decision on the negligence claim were its findings that (a) the costs plaintiffs incurred related to credit monitoring, identity theft protection, and penalties resulting from frozen credit constituted a cognizable injury, and (b) an exception to the economic loss doctrine applied because the parties had a “special relationship” whereby plaintiffs had to provide their PII to Sony in order to get paid and receive benefits.

Regarding the Confidentiality of Medical Information Act claim, the court found sufficient the allegations that Sony failed to maintain the confidentiality of the plaintiff’s medical information, which Sony has admitted included HIPAA-protected health information, and failed to institute reasonable safeguards to protect that information from unauthorized use.

While it remains to be seen whether the plaintiffs will prevail on any of their theories of recovery against Sony, this matter should be a lesson to companies that have not implemented appropriate data security measures more than just the loss of proprietary information.  Employers have a duty to protect the personal sensitive information that they obtain from their employees, and the failure to take preventative measures may result in legal claims, reduction in employee morale, and loss of reputation.

Employers should begin by auditing their information technology infrastructure and network for security vulnerabilities.  Any such audit should be done under the supervision of counsel to maintain the privilege and confidentiality of the audit.  Based on that audit, employers should take steps to mitigate the vulnerabilities found to a reasonable and appropriate level given the threats to the organization.  The Sony breach, like nearly all recent breaches, had an element of social engineering. To protect against these types of attacks employers should also train their workforces on information security best practices.  Finally, employers should be prepared to respond to breaches when they occur.  Employers should formulate and implement a breach response plan to minimize the time from the discovery of the compromise to the reporting of the incident to affected persons.

If a data breach does occur, the company should immediately execute the data breach response plan and quickly investigate the nature and scope of the data breach.  A forensic review should be conducted using an IT specialist that can trace the origins of the breach.  Employees and anyone affected should be notified so that they may take appropriate steps to prevent or limit identity theft and other damages.  Employers also should consider proactively notifying the police to work with the local cyber-crimes unit, as well as filing a civil suit against the perpetrator(s) to obtain injunctive relief and reduce further damage.  Appropriate legal counsel can assist in pursuing these options.

by Steven M. Swirsky, Adam C. Abrahms, Donald S. Krueger, and D. Martin Stanberry

In another foray by the National Labor Relations Board (“NLRB” or the “Board”) into new territory affecting non-union workplaces, a divided three-member Board panel found that an employer’s direction that employees not discuss matters under investigation with their co-workers violated Section 8(a)(1) of the National Labor Relations Act (the “Act”) because it “had a reasonable tendency to coerce employees in the exercise of their rights” under the Act. Banner Health System, 358 NLRB No. 93 (July 30, 2012).

In concluding that the request for confidentiality “had a reasonable tendency to coerce employees,” the majority gave no weight to the fact that the request was not tied to a threat of discipline. Instead, without offering any explanation, the Board held that “[t]he law… does not require that a rule contain a direct or specific threat of discipline in order to be found unlawful.”

Read the full advisory online

Epstein Becker Green is proud to announce that it has received the 2012 Chambers USA Award for Excellence in the Healthcare category. The results were announced at an awards dinner held on Thursday, June 7, 2012, in New York. Other firms nominated in the Healthcare category included Akin Gump Strauss Hauer & Feld LLP; Hogan Lovells US LLP; King & Spalding LLP; McDermott Will & Emery LLP; Ober Kaler Grimes & Shriver PC; and Proskauer Rose LLP.

The Chambers USA Awards for Excellence are based on research for the 2012 edition of Chambers USA: America’s Leading Lawyers for Business and reflect a law firm’s preeminence in key practice areas. They also reflect notable achievements over the past 12 months, including outstanding work, impressive strategic growth, and excellence in client service.

In addition to receiving an Award for Excellence, Epstein Becker Green ranked No. 1 in Healthcare in New York and in the District of Columbia in Chambers USA (2012) and was acknowledged in the guide’s “Nationwide Healthcare” category. Also, the editors noted that “Epstein Becker Green is recognized by sources as one of the leading national labor and employment firms.” In total, 24 Epstein Becker Green lawyers are cited as “Leaders in Their Field.”

Read the Full Announcement

Epstein Becker Green has been designated by the Health Information Trust Alliance (HITRUST) as a Common Security Framework (CSF) Assessor. This will allow the firm to provide health care organizations with privacy and security risk assessments to protect the entities from breaches of protected health information (PHI). The health care industry has accepted the HITRUST CSF as the most widely adopted security framework. Epstein Becker Green is the first law firm to become a CSF Assessor and the designation exemplifies the firm’s distinct capability to identify and address risk for health care industry clients.

HITRUST provides resources, tools, education, and training to develop and maintain effective security programs for health care and life sciences companies that comply with security laws, regulations, and standards including HITECH, HIPAA, PCI, JCAHO, CMS, ISO, NIST, and various other federal, state, and business requirements.

 

Read the Full Announcement from Epstein Becker Green

 

The April issue of “Take 5: Views You Can Use,” written by David W. Garland, a Member of the Firm in Epstein Becker Green’s New York and Newark offices, covers these topics:

  1. Employers’ Request for Facebook Access Comes Under Attack
  2. EEOC Releases Publications on the Rights of Disabled Veterans Returning to the Civilian Workforce
  3. EEOC Publishes Rule Amending ADEA Regulations
  4. Employers’ Use of Unpaid Interns Comes Under Attack
  5. Title VII’s Protections Extend to Provision of Severance Benefits to Former Employees

Click here to read the April issue of “Take 5.”

Epstein Becker & Green’s Chief Information Officer, Frank Spadafino, was interviewed by The American Lawyer magazine on March 22, 2012, regarding the firm’s adoption of iOS or iPhone mobile devices.  Spadafino reported that more than half of the law firm’s lawyers are now using iPhones. Lawyers, not unlike the general market, want the increased functionality provided by iOS devices. “The smartphone is not just about e-mail, calendars, and contacts anymore,” Spadafino stated, “We want to add functionality to attorneys’ devices, like greater accessibility to our document management system. This is much easier to do with iOS than with BlackBerry.” You can read the entire article (subscription is required for access) here.

 

by Steven M. Swirsky and Michael F. McGahan

On January 25, 2012, the National Labor Relations Board’s (“NLRB”) Acting General Counsel (“AGC”) Lafe Solomon issued a second report on unfair labor practice cases involving social media issues. We discussed his earlier report in our Act Now Advisory of October 4, 2011.

The new report covers an additional 14 cases, all of which fall into the same two categories as the cases discussed in the earlier report, namely: (1) termination of employees resulting from statements made in social media forums about their working conditions or their employers; and/or (2) claims that an employer’s social media policy violates the National Labor Relations Act (the “Act”) because its prohibitions may “chill” employees in the exercise of their rights under the Act to engage in concerted activity for their mutual aid and protection. Again, the report emphasizes that the Act’s provisions apply to workplaces where the employees are not represented by a union and where there is no union activity, as well as to unionized employees.  Read the full advisory online: http://www.ebglaw.com/showclientadvisory.aspx?Show=15805

by Jeffrey M. Landes, Susan Gross Sholinsky, Steven M. Swirsky, and Jennifer A. Goldman

On January 25, 2012, the Federal Trade Commission (“FTC”) sent warning letters to three companies that market, in total, six mobile phone applications (“Apps”) that provide users with background check reports. In the warning letters, the FTC states that the Apps may violate the Fair Credit Reporting Act (“FCRA”). According to a press release issued by the FTC on February 7, 2012, the FTC cautioned the Apps’ marketers that, if they have reason to believe that the background reports provided will be used for employment screening, housing, credit, or other similar purposes, both the users of the Apps and the marketers of the Apps must comply with the FCRA.

Read the full advisory online at http://www.ebglaw.com/showclientadvisory.aspx?Show=15744

 

The Health Employment and Labor (HEAL) blog will include updates about timely issues related to labor and employment issues that affect health care and life sciences companies.
 
The HEAL blog is an idea that stems from the Epstein Becker Green’s Health Employment and Labor Group, which combines the strengths of the Firm’s two founding national practices – Health Care and Life Sciences and Labor and Employment. EBG attorneys have a deep knowledge of both the labor and employment field and wanted to create a blog that would quickly inform and educate employers about the challenges and opportunities facing the U.S. health care and life sciences industry. The blog will provide human resources professionals, managers, and business owners in the health care and life sciences space with information they need to understand, interpret, comply, and implement the laws and regulations that affect them.

The authors of the blog are attorneys in Epstein Becker Green’s Labor and Employment and Health Care and Life Sciences practices: Jay P. Krupin, Lynn Shapiro Snyder, Kerry M. Parker, Robert Berg, Gretchen Harders, Kara Maciel, Kathleen Peterson, Evan Rosen, Pamela Tyner, and Kathleen Williams.

Visit the Health Employment and Labor Blog at www.healthemploymentandlabor.com.

On the blog, in the right margin, enter your e-mail in the
SUBSCRIBE box to receive full blog updates.