TechLinks: What you should know about the GDPR for your business

Almost immediately after the General Data Protection Regulation (GDPR) went into effect, Facebook and Google were sued for sharing personal information. However, some experts believe that it is small firms that have the most to lose if found to be in violation of the regulation. If you are responsible for a website for a court reporting firm or association, you will probably want to pay attention to the GDPR requirements, since its repercussions are being felt worldwide.

The basics would consist of making sure that your site’s privacy policy is up-to-date, adopting cookies if your site doesn’t already have them, and, if you collect data on people using your site, what, if anything, you want to put in place to meet the GDPR requirements. Here are some resources to get you started:

Remember that privacy and confidentiality are important to reporters in relation to their clients. Like attorneys, court reporters receive a lot of information that they are required to keep confidential. “Ours is a profession where we are caretakers of others’ privacy, and we should carefully guard the confidential nature of what we are privy to,” says Keith Lemons, FAPR, RPR, CRR, a freelancer based in Nashville, Tenn., who is a member of NCRA’s Realtime and Technology Resources Committee. He points out that the fourth tenet of NCRA’s Code of Professional Ethics states: “Preserve the confidentiality and ensure the security of information, oral or written, entrusted to the Member by any of the parties in a proceeding.”

In the course of their work, many NCRA members learn people’s full names, social security numbers, addresses, and medical information, all of which can be considered information that should be confidential. Court reporters have adjusted their practices to accommodate the privacy and confidentiality needs for this information; for instance, reporters began adopting HIPAA-compliant practices to comport with HIPAA regulations which govern health information.

To aid reporters, NCRA has created guidelines for the outsourcing of transcription of court and medical information:

[E]nsuring the confidentiality and security of the information contained in the records that court reporters and health professionals create remains a fundamental and inviolable obligation. Whenever, during the process of creating the record,
the work in progress leaves the custody and control of the court reporter him- or herself, the accountability for the security and confidentiality of its contents and compliance with all applicable laws in the jurisdiction pass with it to the scopist, proofreader, transcriptionist, production facility, or whomever. …
NCRA notes that various jurisdictions already have laws or regulations in place to regulate, restrict or even prohibit the outsourcing of judicial transcriptions. NCRA supports full compliance with and effective enforcement of such statutes and the creation of additional law, regulation or standards that effectively and reasonably ensure the security of confidential judicial records.

If you haven’t done so recently, now would be a good time to review your business practices so that you are continuing to ensure the confidentiality and security of any records or other information on behalf of your clients. “These are all things that we have direct control over in regard to confidentiality,” says Lemons.

Here are additional links:

TechLinks: What you need to know about privacy issues and the GDPR

TechLinks: What you should know about the GDPR for your personal information

TechLinks: What you should know about the GDPR for your personal information

Attorney Mona Ibrahim, who advised several clients about how to comply with GDPR on their websites, wrote in the article “Why you should be reading the privacy notices choking your inbox” on polygon.com that it is useful for people to pay attention to the emails and notices with the changes. Although the rights are mostly for residents of the EU, others will benefit because so much of what takes place online is global. She lists a number of rights granted by the GDPR, including access to your data, asking to have your data deleted, the ability to restrict certain third-party activities, and more.

It’s all about consent. Ibrahim notes: “Consent must be specific, concise, easy to understand, and freely given. Individuals in the EU must also have the ability to withdraw consent in a manner no less difficult than it is to give consent.” Consent is even required if you want to continue communicating with people already on a list you’ve created — whether by email or mail.

A lot of the changes haven’t come to full fruition, so it’s likely that there will be attention directed toward this issue for the next few months. According to Ibrahim, “companies have plenty of incentive to pay attention to you moving forward if providing end users data protection solutions makes a company more attractive to you.”

The GDPR also offers a number of tools for consumers, including a way to download all of your data. Check out Gizmodo for more information.

Here are additional links:

TechLinks: What you need to know about privacy issues and the GDPR

TechLinks: What you should know about the GDPR for your business

TechLinks: What you need to know about privacy issues and the GDPR

The General Data Protection Regulation that was put in place by the European Union in May 2018 may seem unimportant in your everyday life, but anyone who owns a business that has a website or who subscribes to email from any website — which is probably most people — should be aware of what the regulations are and how they might affect you.

“This [regulation] has been coming for two years,” says Robin Nodland, FAPR, RDR, CRR, of Portland, Ore., a member of NCRA’s Realtime and Technology Resources Committee. “I would not be surprised if eventually we had similar rules and regulations enacted soon” in the United States. [Ed. note: A California regulation with some similar points is expected to go into effect in 2020.]

What is the GDPR?

The General Data Protection Regulation, more commonly called the GDPR, protects the private information of residents of the European Union. The personal data covered includes the names, user IDs, IP addresses, cookies, social media posts, and much, much more. The official standard for GDPR can be found at https://gdpr-info.eu. The GDPR went into effect May 25 of this year. And, even though they were based in the U.S., both Facebook and Google were immediately sued under the regulation for how they handled the private information of people based in the European Union.

You might think that your business or organization is too small to be affected — that only the big companies will be sued. However, some experts think that it is the small companies that will have the most to lose if they fail to put compliance measures in place. If your firm manages or stores any personal data of individuals residing in the EU, GDPR affects you.

Need more encouragement? Although it has yet to be determined exactly how U.S. companies will be held accountable, fines for non-compliance can range from €20 million (more than $22 million) to 4 percent of the company’s annual global revenue — whichever is higher.

Generally speaking, this regulation only applies to your organization if you have a “presence” in the European Union. The definition of presence is somewhat broad and likely will affect the majority of businesses and websites, even if they are not located in Europe. For example, you may be affected if you have:

  • A person on staff in the EU
  • Members in the EU
  • Events in the EU
  • EU country domain names
  • Products or services available for sale in Euros (or other local currencies)
  • Apps available within stores of an EU member country

The main thrust of the GDPR is that businesses need to be able to show that consumers have given clear consent for your business to collect any personal data. For this reason, many companies, both within the European Union and around the world, have revised their privacy policies and collection practices on their websites to account for the GDPR requirements. You will probably see that many websites are requiring a two-step sign-up or additional pop-ups noting that a website is using cookies or to request access to your location. For some sites that you visit regularly, you may want to enable cookies, which is a bit of code stored on a person’s computer so that the person can be identified and tracked as he or she moves through a website. For instance, the NCRA.org website uses cookies to allow members access to their personal information, such as their status on taking tests and current number of CEUs — two things that couldn’t be done easily without using cookies.

Even if you don’t have any members/customers/clients located in the European Union, it’s still smart to remain as GDPR-compliant as possible. Some United States regulators have even called for a personal data review here at home, saying America is no longer the leader in data protection.

Here are additional links:
TechLinks: What you should know about the GDPR for your personal information

TechLinks: What you should know about the GDPR for your business

TechLinks: Helpful products

Recently, the NCRA Technology Committee shared a few products that can help with work tasks. The products include a password management system, an education technology tool, a messaging app, and an audio solution.

Nancy Bistany, RPR, shared a blog post by Dashlane on the worldwide password problem: Internet users’ tendency toward “using the same, easy-to-remember password on all of their accounts over the security of using strong, unique passwords” on each different account. Dashlane is a password manager that can also manage other security-sensitive information, such as IDs and credit card numbers. “I use Dashlane for my Level 1 Password user,” says Bistany. “Its reminders are great.”

Bistany also shared an article from Forbes reviewing Learning Tools for OneNote. Microsoft OneNote is a now well-known note-keeping program, and Learning Tools is an ancillary product. According to the article, “Learning Tools for OneNote was originally created for dyslexics … [that leverages] a variety of already existing Microsoft technologies like Bing’s speech recognition, simultaneous audio text playback, and natural language processing … to make reading and writing more accessible to all students.” One of its features is fluent fonts, which allows “readers to adjust both the letter spacing and the number of words on the line.”

Teresa Russ, CRI, shared a link on the messaging app Slack. According to the company, it’s “oriented toward small-team collaboration” and has both a free and premium version. Chase Frazier, RMR, CRR, CRC, explained, “I use Slack to talk to a captioning team that we do a lot of events together with. All or most of the tech companies use Slack to communicate. It has awesome searching capabilities, and you can tag someone in the conversation to bring it to their attention.” Frazier added that he has his own name set as a tag so he gets an alert when the conversation involves him.

Finally, Robin Nodland, FAPR, RDR, CRR, shared a review of Trint, an audio and transcription app. Nodland pointed out a quote from the article that explains that Trint makes “it easy to compare the audio clips to the transcript as you’re verifying and editing it.”

TechLinks: Keeping organized with technology

TechLinks_logoIf one of your 2017 resolutions is to get more organized, the NCRA Technology Committee has your back.

A trio of tips from makeuseof.com offers strategies to reach inbox zero with your gmail account, use the camera on your iPhone to manage your life and help you remember things, and use Google calendar more efficiently.

A Jan. 10 article from Inside Counsel offers information about three startups that help manage your calendar. While originally written for lawyers, it is easily adaptable for court reporters.

Keep in mind that Acrobat Pro DC allows users to scan or snap a photo of a paper document, then edit the graphics or text with fonts that match the original, which keeps you organized wherever you are.

TechLinks: Printers, iOS 10, and portable keyboards

NCRA’s Technology Committee has already started finding information on the products members need for the future. This time, the group offers great starts to your research for upgrading to iOS10 on the iPhone; 2016’s best printers; and suggestions for portable keyboards for your tablets or mobile devices.

Technology Committee co-chair Nancy Bistany, RPR, of Chicago, Ill., shared an article from Business Insider about the iPhone’s iOS 10. From how to unlock your phone to a new keyboard configuration, here’s what you need to know. Read more.

Technology Committee member Lisa A. Knight, RDR, CRR, of Littleton, Colo., pointed out a slideshow by TechConnect.com of portable keyboards to use with tablets and mobile devices. This quick-and-easy read gives the basics on seven readily available keyboards. Read more.

A chart on PCMag.com found by Technology Committee member Robin Nodland, RDR, CRR, of Portland, Ore., offered information about 10 different printers currently on the market. The chart includes links to reviews of each printer. Read more.

TechLinks: Keeping your information secure

NCRA’s Technology Committee rounded up a group of tech-related articles about keeping your computer files and other information secure, an ever-increasing concern in a world where privacy and security are becoming more and more important. Two articles explain what to look for in scams and the remainder offer suggestions for keeping your devices and information secure.

A tech sector employee explains her vishing – voice phishing — experience and how such scams can threaten the information security of a business. The YouTube video also gives information on how to recognize and how to avoid such scams. See video.

How to recognize a risky email was the topic of a June 16 post on lawyerist.com. Whether avoiding viruses or phishing scams, this article offers the basics for keeping your computer safe. Read more.

A July 4 post on Gizmo’s Freeware, a community website for reviewing free software, suggested Safepad as a simple Windows notepad replacement that uses encryption. Read more.

Bringing the above together, also check out an ABA article on building strong passwords to protect your information from its June issue. The suggestions include using longer words, using both letters – a mix of upper and lowercase – and numbers, and other tricks to make your devices more secure. Read more.

An article in PC Magazine about encrypting data on external drives is a reminder to protect clients’ confidential information as well.  Read more.

TechLinks: Cybersecurity, going paperless, and apps galore

TechLinks_logoThe NCRA’s Technology Committee’s email list recently pointed out a few online articles that consider how technology can help you and how technology has changed what people expect.

Cybersecurity:

On FindLaw, William Peacock, Esq. writes about enhancing a wireless network’s security. Peacock explains how to change the default settings of a wireless router using layman’s terms. Read more.

Going paperless:

On Above the Law, Jeff Bennion offers some practical tips for how to go paperless in a deposition, including a few specific products that he uses and why it’s a good idea to go paperless (or mostly paperless). He also has a couple ideas for how to rid yourself of all the paper storage you will no longer need. Read more.

Apps:

Will Harrelson, an attorney with Faust, Harrelson, Fulker, McCarthy & Schlemmer in Troy, Ohio, shared almost two dozen of his favorite apps in a series of posts from lawyers on iPhone J.D., run by Jeff Richardson. Read more.

Quartz posted the current 25 most popular apps in the United States. The post also includes some interesting conclusions about the list. Read more.

TechLinks: Productivity tools from old phones, a truly connected world, and Microsoft’s $100 deal

Recently shared on the NCRA’s Technology Review Committee’s email list were steps to turn an old phone or tablet into a productivity tool, thoughts from the 3 Geeks and a Law Blog on interconnectivity, and a deal from Microsoft.

PCWorld recently posted an article online about repurposing old phones by turning them into, among other tools, a second monitor, an air mouse, a dictation tool, and a full-blown server.

Read more.

Interconnectivity breakdowns might be a thing of the past thanks to a new feature in iOS7 called Multipeer Connectivity Framework (MCF) that is based upon Wireless Mesh Networking (WMN).

Read more.

CNNMoney reported that Microsoft is giving $100 to those who upgrade from Windows XP to a new Windows 8 computer.

Read more.