Recent surveys indicate that over 70% of employees are concerned about the privacy of their personal data at work. But when does an employer's action cross the line? From the moment someone applies for a position, employers have access to a plethora of personal information ranging from addresses to social security numbers.
Today, the risk of identity theft from leaked personal data is all too real. That's why it's vital for both employers and employees to understand their legal obligations and rights regarding personal data protection.
In this article, we'll delve into what constitutes personal information, when employers can legally disclose it, and recent developments in the field.
Depending on state laws, the definition of "personal information" can vary. For instance, recent legislation in California defines this as:
While not exhaustive, this list provides a foundational understanding for companies to determine what constitutes personal data.
The permissibility of disclosing employee information varies by state. It's imperative to stay informed about both state and federal laws governing employee privacy.
Generally, employers can disclose an employee's personal information if:
For instance, if an employee's mental health condition poses a potential threat to colleagues, employers might be legally required to disclose this information to pertinent personnel for safety precautions.
However, unauthorized disclosure without a valid reason can be deemed an invasion of privacy, leading to significant legal repercussions for the employer.
Various federal and state laws dictate the bounds of data disclosure. For instance:
The Americans with Disabilities Act (ADA) mandates that medical records be kept separate from general personnel files. Only supervisors or managers responsible for accommodations can access these.
The Family Medical Leave Act (FMLA) necessitates confidentiality for documents involving medical histories, again with exceptions for essential personnel.
In 2020, California pioneered with the California Consumer Privacy Act (CCPA), offering employees more control over their personal data. While it may not directly impact everyone, its provisions could set a precedent for other states. The CCPA mandates:
California’s laws will surely become a framework for employee privacy rights nationwide. For the latest information on legislation in your state and beyond, look no further than Complete Payroll’s blog. We have articles about data privacy and much more to help answer all of your HR and payroll questions.