TechLinks: What you should know about the GDPR for your business

Almost immediately after the General Data Protection Regulation (GDPR) went into effect, Facebook and Google were sued for sharing personal information. However, some experts believe that it is small firms that have the most to lose if found to be in violation of the regulation. If you are responsible for a website for a court reporting firm or association, you will probably want to pay attention to the GDPR requirements, since its repercussions are being felt worldwide.

The basics would consist of making sure that your site’s privacy policy is up-to-date, adopting cookies if your site doesn’t already have them, and, if you collect data on people using your site, what, if anything, you want to put in place to meet the GDPR requirements. Here are some resources to get you started:

Remember that privacy and confidentiality are important to reporters in relation to their clients. Like attorneys, court reporters receive a lot of information that they are required to keep confidential. “Ours is a profession where we are caretakers of others’ privacy, and we should carefully guard the confidential nature of what we are privy to,” says Keith Lemons, FAPR, RPR, CRR, a freelancer based in Nashville, Tenn., who is a member of NCRA’s Realtime and Technology Resources Committee. He points out that the fourth tenet of NCRA’s Code of Professional Ethics states: “Preserve the confidentiality and ensure the security of information, oral or written, entrusted to the Member by any of the parties in a proceeding.”

In the course of their work, many NCRA members learn people’s full names, social security numbers, addresses, and medical information, all of which can be considered information that should be confidential. Court reporters have adjusted their practices to accommodate the privacy and confidentiality needs for this information; for instance, reporters began adopting HIPAA-compliant practices to comport with HIPAA regulations which govern health information.

To aid reporters, NCRA has created guidelines for the outsourcing of transcription of court and medical information:

[E]nsuring the confidentiality and security of the information contained in the records that court reporters and health professionals create remains a fundamental and inviolable obligation. Whenever, during the process of creating the record,
the work in progress leaves the custody and control of the court reporter him- or herself, the accountability for the security and confidentiality of its contents and compliance with all applicable laws in the jurisdiction pass with it to the scopist, proofreader, transcriptionist, production facility, or whomever. …
NCRA notes that various jurisdictions already have laws or regulations in place to regulate, restrict or even prohibit the outsourcing of judicial transcriptions. NCRA supports full compliance with and effective enforcement of such statutes and the creation of additional law, regulation or standards that effectively and reasonably ensure the security of confidential judicial records.

If you haven’t done so recently, now would be a good time to review your business practices so that you are continuing to ensure the confidentiality and security of any records or other information on behalf of your clients. “These are all things that we have direct control over in regard to confidentiality,” says Lemons.

Here are additional links:

TechLinks: What you need to know about privacy issues and the GDPR

TechLinks: What you should know about the GDPR for your personal information