Privacy Issues in the Workplace

Similarly, “well-established norms of California public policy and American public employment exclude public employee names and salaries from the zone of financial privacy protection.” Thus, the names and salaries of public employees earning $100,000 per year or more, including peace officers, are not protected from disclosure as personnel records under Penal Code sections 832.7 and 832.8. 419 SB 1421, effective January 1, 2019, opened many types of peace officers personnel records that could cause an officer to be on a Brady list for public inspection, such as: particular categories of sustained findings of officer dishonesty, perjury, false statements, filing false reports, or evidence destruction, falsification, or concealment. Courts have held that the “confidentiality” requirement of the Pitchess statutes should be interpreted to allow law enforcement agencies to comply with their constitutional obligations under Brady by providing limited Brady alerts to prosecutors. A Brady alert is limited to informing prosecutors that a potential peace officer witness in a particular case is on the Brady list. D. E MPLOYER ’ S O BLIGATION TO P REVENT I DENTITY T HEFT The Fair and Accurate Credit Transactions Act require that all “creditors” (including local government agencies that defer payments for goods or services) have policies and procedures in place to help prevent identity theft. 1. S ECTION 114 OF THE FACT A CT Section 114 of the Act requires that each “creditor” that offers or maintains “covered accounts” develop and implement an Identity Theft Prevention Program (ITPP) for combating identity theft in connection with new and existing accounts. a. Complying with the Red Flags Rules To comply with the new FACT Act regulations, known as the Red Flags Rules, entities will be required to provide for the identification, detection, and response to patterns, practices, or specific activities (“red flags”) that could indicate identity theft in their identity theft prevention programs. The Red Flags Rules apply to “creditors” with “covered accounts.” Under the Red Flags Rules, creditors must develop a written program that identifies and detects the relevant warning signs – or “red flags” – of identity theft. These may include, for example, unusual account activity, fraud alerts on a consumer report, or attempted use of suspicious account application documents. The program must also describe appropriate responses that would prevent and mitigate the crime and detail a plan to update the program. The program must be managed by the Board of Directors or senior employees of the creditor, include appropriate staff training, and provide for oversight of any service providers.

Privacy Issues in the Workplace ©2021 (s) Liebert Cassidy Whitmore 125