As the Covid-19 pandemic continues throughout the world, many workplaces have gone virtual. While the advent of technology makes a remote workforce possible, the newly remote workforce brings with it additional challenges to a company’s information technology (“IT”) systems. However, proper policies and procedures that govern the security of IT systems and employees’ use of such systems can go a long way to help protect an organization.

Despite employees’ new office set-up, the obligation to maintain sensitive and confidential information remains the same when working remotely. From a cybersecurity perspective, Covid-19 is the perfect storm for bad actors. Unfortunately, employees’ collective guards are down as people try and just get through each work day, which allows for easier phishing attacks and other malware to ravage a company’s systems. With the workforce spread out, it’s harder to manage and control these types of security incidents, which in turn allows the damage to compound. Accordingly, companies should continue to implement some best practices to ensure the security of their systems. These include:

  • Implementing two-factor authentication for access to systems.
  • Ensuring that employees’ home routers have strong passwords.
  • Limiting the transmission of sensitive information and encrypting such email messages (SSN, bank information, health information, confidential information).
  • Do not use home email addresses to conduct company business.
  • Do not save sensitive information to your desktop, home computers, or unencrypted mobile media (flash drives).
  • Work from a VPN when possible.
  • Think before you click—be aware of suspicious emails and requests; call your contact prior to sending sensitive information to them at his/her request.
  • If uncertain about an email, contact your IT Department and report any problems or concerns related to your systems.

Additionally, companies need to train their workforces and implement policies and procedures surrounding employees’ use of IT systems. These policies should include Teleworking, Acceptable Use, Electronic Monitoring, and Social Media.  Employers should also remind their workforces that policies apply equally to teleworking situations (i.e. an anti-harassment policy applies no matter where an employee is working). Lastly, employers should consider sending periodic emails to employees to train and remind them of these items to consider while working remotely.

Murtha’s Data Privacy and Cybersecurity and Labor and Employment Practice Groups are ready to help companies navigate these complex issues. For more information, please contact Matthew Curtin or Daniel Kagan.

Print:
EmailTweetLikeLinkedIn
Photo of Matthew K. Curtin Matthew K. Curtin

Matthew Curtin is a Partner in the Litigation Department, the Chair of the Privacy and Cybersecurity Practice Group and a member of the Labor and Employment Practice Group.

In Matthew’s cybersecurity practice, he advises clients on compliance with state, federal and international privacy…

Matthew Curtin is a Partner in the Litigation Department, the Chair of the Privacy and Cybersecurity Practice Group and a member of the Labor and Employment Practice Group.

In Matthew’s cybersecurity practice, he advises clients on compliance with state, federal and international privacy laws including the Health Insurance Portability and Accountability Act (HIPAA) and the General Data Protection Regulation (GDPR). Matthew is particularly interested in advising his clients concerning employment privacy matters. Matthew is a member of the International Association of Privacy Professionals.

In Matthew’s labor and employment practice, he has successfully represented employers of all sizes concerning a wide variety of claims before state and federal courts, the National Labor Relations Board, the Connecticut State Board of Mediation and Arbitration, the Connecticut State Board of Labor Relations, the Connecticut Commission on Human Rights and Opportunities, and other various administrative agencies.

Matthew has substantial experience with collective bargaining negotiations, labor arbitrations, and labor relations. He regularly counsels senior management and human resources professionals concerning employment contracts, employment policies, hiring and termination procedures, workplace investigations, and harassment and discrimination avoidance.

Matthew has significant experience representing businesses in litigation concerning trade secret theft, unfair competition, and breach of non-competition and non-solicitation agreements.

Photo of Daniel J. Kagan Daniel J. Kagan

Dan Kagan is an Associate in the Health Care, Long Term Care and Privacy and Cybersecurity Groups. He represents hospitals, physicians, nursing homes, assisted living communities, CCRCs and other health care clients with a wide range of regulatory, compliance, risk management, transactional and…

Dan Kagan is an Associate in the Health Care, Long Term Care and Privacy and Cybersecurity Groups. He represents hospitals, physicians, nursing homes, assisted living communities, CCRCs and other health care clients with a wide range of regulatory, compliance, risk management, transactional and reimbursement issues.

With regard to Privacy and Cybersecurity, Dan has experience drafting privacy policies and notices, website terms of use, written information security plans and incident response plans.  Dan counsels clients on compliance issues related to state, federal and international privacy laws including the General Data Protection Regulation (GDPR).  Dan also has experience representing both health care and non-health care clients that have suffered data breaches and assists such clients with breach response and applicable reporting obligations.  Dan writes extensively on privacy and cybersecurity issues and is a co-editor of Murtha’s Privacy and Cybersecurity Perspectives blog.

As a member of the Health Care and Long Term Care groups, Dan has experience representing clients with HIPAA compliance, Stark and anti-kickback analyses, purchase and sale transactions, reviewing and drafting contracts, certificate of need requirements, rate appeals, Medicare and Medicaid audits, medical staff and credentialing matters, licensing and change of ownership proceedings.

Prior to joining Murtha Cullina, Dan clerked for the Honorable Lubbie Harper, Jr. and the Honorable Joseph H. Pellegrino of the Connecticut Appellate Court.

Dan received his J.D. with honors from the University of Connecticut School of Law where he was a Notes and Comments Editor for the Connecticut Insurance Law Journal. He earned his Bachelor of Arts in Economics from McGill University.