Jeffrey M. Schlossberg writes:
A data breach occurs in which an outside individual obtains your company’s employees’ W-2 forms including social security numbers, addresses, and salary information. As a result, your company notifies all affected employees, explains what occurred, and offers a complimentary two-year membership to a service that helps detect misuse of personal information. Is your company liable for negligence and breach of contract?
The answer may be, “yes,” according to a federal district court in Kentucky. Savidge v. Pharm-Save, Inc. (W.D. Ky. Dec. 1, 2017). In Savidge, the plaintiffs alleged various state law claims that their former employer was liable due to the theft of their personally identifiable information (“PII”). With regard to one plaintiff, the data breach resulted in a false tax return being filed on her behalf.
Read more on Jackson Lewis Workplace Privacy, DataManagement & Security Report