SOX vs HIPAA

As the current economic climate demands greater than ever transparency on Wall Street, are companies obligated to reveal health issues which could result in the long term leave or the death of a CEO or a key employee?

In its March 2009 issue, HR Magazine (March, 2009) asks whether serious health issues being faced by CEOs or key employees constitute material information when it comes to the buying and selling of company stock. The magazine recommends that if the health issue does constitute material information, the company should disclose the issue to the general public (sans medical details) or should prohibit insiders from trading in the company’s securities so long as the information is kept private.

What do you think? When a CEO or an employee crucial to the operation and success of a company is forced to take a long term medical leave or is diagnosed with a terminal illness, should the company err on the side of protecting employee privacy or on the side of transparency?

Do CEOs and key employees at publicly traded companies forfeit their right to privacy just like movie and TV stars?

Link – Health Information Privacy

If I Had a Hammer – Deleting Your Hard Drive

hammerIf you believe deleting all your programs and files or running your original system restore software will erase everything from your hard drive, you may be an identity thief’s best friend. Your computer may be safely locked in your office or home but sooner or later you’ll replace it and will either donate your current computer or dispose of it (hopefully at a reputable recycling facility). Your hard drive may then become easy prey for identity thieves, the fastest growing body of criminals in the United States.

In his recent presentation on the “Role of Computer Forensics in HR” for Montgomery County SHRM, Paul Brown (CEO of CyberEvidence), focused on how and why employers should remove and store the hard drives of departing employees’ computers, so that these hard drives could be accessed later in the event that the ex-employee was suspected of having stolen and/or shared any of the organization’s proprietary information. However, during the question and answer period, I asked Brown about the best method for completely deleting the contents of a hard drive when an organization or an individual is donating or disposing of (through a proper recycling center), an old computer. I has assumed that running the original system restore software would completely erase the hard drive. Mr. Brown informed me that it would not. Apparently computer forensic experts and their criminal counterparts can unearth hidden backup or shadow files even after you restored your hard drive to its original, fresh out of the box configuration.

He then went on to advise me that the one sure way to delete the contents of a hard drive was to remove the hard drive from the computer and smash it into pieces with a hammer. Right. Like I know exactly where the hard drive is located, what it looks like, and how to remove it.

The next best alternative, he said, was to download a hard drive wiping software off the web and use it to wipe your hard drive clean (the process may take several hours) before donating the computer or disposing of it at a recycling center. There are a number of freeware and shareware programs available at http://www.tucows.com complete with user reviews, if you’re interested.

If your company maintains sensitive data on its computer (such as employees’ birth dates and social security numbers), you should have a policy mandating the removal and high security storage of hard drives or the physical destruction or the wiping of the hard drives in any computers that are to be disposed of. Likewise, if you or other HR staff have such information stored on your personal laptops or PDA’s you should destroy or wipe the hard drives before disposing of them.

For detailed instructions on destroying your hard drive, check out Hard Drive Destruction Crucial at the BBC Online.

Goodbye, Norma Rae – Unions Form to Fight Abuses by Unions

normaraeEven as the The Employee Free Choice Act, under consideration in Congress, is giving unions in the United States a fresh sense of optimism and power, a parallel universe has opened up in which employees of unions, originally formed to protect workers from abuses, are organizing to fight abuses they are suffering from the unions themselves.

According to an article published by The Houston Chronicle, janitorial employees of the Service Employees International Union (SEIU), tired of working long shifts, seven days a week, organized their own union to fight the SEIU, after it ignored their complaints. One union employee, Hamilton Gramajo, has filed a complaint with the National Labors Relation Board claiming that the SEIU has itself, as an employer, violated work rules.

Could this be a new trend? Unions organizing within unions to fight abuse?

Norma Rae, where are you?

Hollywood Tackles HR

Renee Zellweger in "New in Town"

Renee Zellweger in "New in Town"

When I recently attended a Texas Workforce Commission conference, I was struck by the number of HR people in attendance who have begun to hate their jobs. The primary reason? The companies they work for are laying off employees and have drafted their HR managers to serve as the henchman.

Sadly, this phenomenon is becoming so common, Hollywood itself is cashing in on the act. In New in Town, Renee Zellweger plays a corporate vice-president who travels to Minnesota in the dead of winter to layoff factory workers at one of her company’s plants.

Apparently Bridget Jones has sobered up, grown up, and become one of us. Or has she?

While “New in Town” suffers from a predictable plot and a too perfect ending, the many laugh-out-loud scenes make it well worth the price of admission.

At the same time, while the film is, first and foremost, a comedy, it does cause movie-goers to pause and feel the pain of workers facing layoffs and towns facing factory closings. It gives a human face to what many of us (the lucky ones who have not been called upon to serve as henchmen) experience only as a stream of dark statistics on the nightly news.