Kim Richardson, Jennifer Mitchell, Kyle Gregory
We will discuss new legal requirements triggered by the anticipated expiration of the employee data exemption under the CPRA, including practical compliance readiness recommendations and tips. We will discuss our views on the applicable scope of consumer rights requests as applied to employee data, as well as applicable exemptions, and strategic decisions for companies to consider. The discussion will include similarities and differences between CPRA and GDPR obligations in the data subject rights context, as well as practical lessons learned from the GDPR. Finally, we will draw upon our collective health privacy expertise and discuss unique emerging areas relating to the collection of sensitive data in the employee context, including voluntary employee participation in health research and COVID-related data collection.
Kim Richardson, Chief Privacy Officer, Verily
Jennifer Mitchell, Partner, BakerHostetler
Kyle Gregory, Associate, BakerHostetler