Keeping Confidential Information Confidential: It's Time for HR, Legal, and IT to Work Together
By JENNIFER BALDOCCHI & HEATHER MORGAN
On November 24, 2014, Sony Pictures Entertainment employees logged onto their computers to find waiting for them a threatening message from hackers. Over the next several weeks, detailed, confidential data about the company and its workforce was publicly released to Internet users everywhere. As reported by the media and alleged in the multiple class action lawsuits against Sony that followed in the wake of the breach, the leaked information ranged from:
personal data of tens of thousands of employees, including their Social Security numbers, medical files, passports, and visas; to
valuable company secrets, such as unreleased movies, film budgets, and contracts; to
sensitive data and email communications.
Sony will vigorously defend claims that it negligently failed to secure its employees’ most private and sensitive personal information, and the viability of the lawsuits remains to be seen. However, the surrounding publicity has served as a grim reminder of the very real and ongoing threat that all employers face in today’s global, mobile, and digital world.