Overview
McDermott’s leading employer data privacy practice provides sophisticated advice to domestic and international employers and vendors on a wide spectrum of employee data privacy matters, including employee data protection policies, the international transfer of employee data and employee data subject access rights. We work closely with operational data privacy officers, helping them establish and maintain effective relationships and communications with data privacy authorities in relevant jurisdictions worldwide.
We have particular experience in the regulation of employee benefit plans, including requirements for the protection of the privacy and security of Social Security Numbers and other employee personal information. We also provide timely, effective counsel in response to cyberattacks and other security breaches affecting employee personal information.
McDermott routinely advises on the following:
- International inter- and multi-company agreements to collect, transfer and use employee data (including model clauses and binding corporate rules)
- Ramifications for employee data transfer of the new EU/US Privacy Shield
- Organizational compliance requirements in relation to the impending EU
- General Data Protection Regulation
- Potential implications of the UK “Brexit” on employee data privacy practices (including international data transfers)
- Separation, where required, of employee data on group servers
- Individual contract terms regarding the collection and processing of the personal data of executives and other employees
- Employee data privacy policies
- Data privacy implications of the implementation of global whistleblowing hotlines (including obligations arising for certain organizations under the US Sarbanes-Oxley Act
- Responses to employee data subject access requests
