Wyoming employers need to be ready for strengthened data breach law

by Brad Cave

Wyoming’s new data breach notification law takes effect July 1, meaning employers need to be ready for beefed-up notification requirements.

Wyoming law requires that any entity or person who conducts business in Wyoming and owns or licenses computerized data that include personal identifying information must notify affected consumers of a data breach. Because personal identifying information includes such things as Social Security numbers, addresses, phone numbers, and health insurance and medical information, most employers have data covered by the law.

Under the old law, breach notifications needed to include only a toll-free number consumers could use to contact the business that was collecting their data so it could provide the telephone numbers and addresses of the major credit-reporting agencies. Under the new law, notifications must provide much more information.

read more…

New Wyoming law defines misconduct for unemployment benefits

by Bradley T. Cave

A new law taking effect on July 1 defines “misconduct” in Wyoming’s unemployment benefits statute. The definition outlines the circumstances in which a former employee will be disqualified from unemployment benefits.

Wyoming law already states that an employee will be disqualified from benefits if the Wyoming Department of Workforce Services (DWS) finds that he was discharged for “misconduct connected with his work.” But the statute didn’t provide a definition of such misconduct.

read more…

New Wyoming law will help employers protect their computer systems

by Bradley T. Cave

A Wyoming law going into effect on July 1 creates a new criminal offense—computer trespassing—that may give employers a new tool to prevent employee sabotage.

Computer trespassing occurs when a person knowingly and without authorization sends malware, data, or a program that (1) alters or damages a computer, system, or network or (2) causes a computer, system, or network to malfunction or disseminate sensitive information. To trigger the law, a person must intend to damage a computer, system, or network or cause the computer, system, or network to malfunction.

The new law may be helpful if former or disgruntled employees attempt to misuse an employer’s computer systems. Employers should adopt technology policies to define when and how employees are authorized to use their computers, systems, and networks. If an employee damages a computer under questionable circumstances, technology policies may help employers draw clear lines on when an employee’s access is unauthorized and pursue civil remedies under the new law.

read more…