Protect Employees’ Sensitive Data from Attack or be Held Liable

By:  |  Category: Blog Thursday, November 29th, 2018  |  No Comments
sensitive data

Don’t neglect your cybersecurity or you might pay for it-twice.

According to KnowB4, a recent ruling from the Pennsylvania Supreme Court on an employee lawsuit against the University of Pittsburgh Medical Center stemming from a data breach should put all employers on notice.

As part of hiring any employee, employers need to collect personal information – date of birth, social security number, address, full name, and more. But when the organization faces a data breach, are they responsible should employee data be stolen?

In February of 2014, UPMC confirmed a data breach where hackers stole the personal information of about 62,000 current and former employees. Hackers used the data to file fake tax returns to receive tax refund money.

Employees sued UPMC, in which the case was thrown out by two lower courts. But the Pennsylvania Supreme Court reinstated the lawsuit, stating “An employer has a legal duty to exercise reasonable care to safeguard its employees’ sensitive personal information stored by the employer on an internet-accessible computer system.”

This ruling doesn’t mean the UPMC is guilty, but it does mean the case lives on. This should serve as a warning to every organization; the potential exists that, should a data breach occur where employee data is stolen, you may be held responsible.

With the primary means of attack still revolving around phishing and social engineering, organizations need to find ways to empower employees to identify fake emails and websites that are used as part of an elaborate scam. Security Awareness Training provides employees with the education necessary to empower them to become a part of your security stance. With employees vigilant, keeping a security focus in mind as they interact with email and the web, organizations reduce the attack surface, thereby lowering the likelihood of becoming a victim to a data breach.

Should the UPMC case find in favor of the employees, organizations everywhere will need to shore up their security efforts around employee data. Stopping an attack before it begins by making the employee part of the security defense through Security Awareness Training is the first step.

Let EnhancedTECH and KNowB4 provide you with the resources you need to train your staff and secure your network. Contact us at [email protected] or call us at 714-970-9330.

Source: KnowB4

Samantha Keller

Director of Marketing and PR at EnhancedTECH
Samantha Keller (AKA Sam) is a published author, tech-blogger, event-planner and mother of three fabulous humans. Samantha has worked in the IT field for the last fifteen years, intertwining a freelance writing career along with technology sales, events and marketing. She began working for EnhancedTECH ten years ago after earning her Bachelor’s degree from UCLA and attending Fuller Seminary. She is a lover of kickboxing, extra-strong coffee, and Wolfpack football.Her regular blog columns feature upcoming tech trends, cybersecurity tips, and practical solutions geared towards enhancing your business through technology.
Samantha Keller
Leave a Comment
Read previous post:
Azure Cloud
Azure Cloud Helping First Responders Find Missing Children

Over 45,000 children go missing in Canada every year. Missing Children Society of Canada is using social media to get...