It is tax season once again, and with it comes an increased threat of phishing scams targeting human resources and payroll personnel. In 2016, the IRS alerted employers to a then-emerging email phishing scheme in which messages purporting to come from company executives requested the release of personal information relating to employees, including W-2 tax forms. Since then, the scam has evolved into a significant threat facing employers in multiple industries, from small and large businesses to public schools and universities, hospitals, tribal governments and charities. According to the IRS, in 2017 alone, more than 200 employers reported falling victim to the scam, with hundreds of thousands of employees impacted.
As we are early into the new year, for many, hope springs eternal to get in shape during 2018. Many of us wear some kind of fitness activity tracker that monitors steps, heart rate, calories, sleep patterns, etc. Recent news coverage of Strava, the running and cycling fitness tracking app, has caused concern for the United States military. But might it cause concerns for some businesses that operate under high levels of security, as well?
The EU’s General Data Protective Regulation (“GDPR”) goes into effect on May 25, 2018. It is a mammoth regulation and perhaps the most significant European data protection legislation in more than 20 years. In fact, the European Commission just released a new website to help stakeholders, including businesses, with implementation. With its global reach, applying to any organization that processes the personal data of individuals within the EU regardless of where the data lands, GDPR compliance is top-of-mind for executives of multinationals. Despite U.S.-based multinationals spending millions of dollars and thousands of hours preparing for GDPR since it was announced two years ago, a recent survey by MediaPro reveals that more than half of U.S. employees have never heard of the regulation.