Employee Privacy Bill Overlooks Potential for Data Breach

A proposal to protect the social media privacy of employees and job candidates, approved by the Labor Committee this week, has a hole in it through which sensitive business information could easily reach the social media stratosphere.

Under SB 159, employers can’t, as a condition of employment, require employees or job candidates to provide their user names, passwords, or any other authentication means for accessing Facebook, Twitter, or other social media outlets.

Those who do could face a civil penalty of up to $10,000. 

Employer Privacy Concern

Businesses understand that the bill addresses some legitimate privacy issues, particularly for potential employees—there’s no reason they should have to provide their passwords to personal online accounts as a condition of employment. 

But just as valid are employers’ privacy concerns when it comes to their current employees.

For example, an employee processing claims at a health insurance provider may have access to a friend’s medical history and discover that the friend suffers from a particular ailment. The employee might then go onto Facebook and wish that friend the best of luck in his or her treatment or recovery. 

Instantly there’s a serious employee data breach that could result in severe penalties and repercussions for the employer. 

CBIA understands the need to protect employee’s privacy and hopes lawmakers will address the business community’s privacy concerns as well.   

For more information, contact CBIA’s Eric Gjede at 860.244.1931 or eric.gjede@cbia.com.