New California SB 497 90-day Retaliation Presumption Highlights Risk Employers Everywhere Face When Performance Issues Appear Only After Protected Activity

May 19, 2026

California’s SB 497 gives employees a statutory advantage in certain retaliation claims by creating a rebuttable presumption when prohibited employer action occurs within 90 days of protected activity under Labor Code sections 98.6 and 1197.5. California Legislature. For employers everywhere, however, the larger lesson is not limited to California or to a 90-day window. Retaliation claims become harder to defend whenever performance concerns first appear, escalate, or become formally documented only after an employee reports misconduct, complains about unlawful practices, discusses wages, invokes workplace rights, or engages in other protected activity.

SB 497’s New Presumption Changes the Litigation Starting Point in California

SB 497 amended California Labor Code section 98.6 to provide that if an employer takes action prohibited by that section within 90 days of protected activity, “there shall be a rebuttable presumption in favor of the employee’s claim” .California Labor Code section 98.6. Section 98.6 protects employees and applicants from discharge, discrimination, retaliation, or adverse action for exercising specified Labor Code rights, including wage complaints, Labor Commissioner proceedings, and PAGA-related activity California Labor Code section 98.6.

SB 497 also amended Labor Code section 1197.5 to apply a similar 90-day rebuttable presumption to retaliation claims involving equal pay and wage transparency rights. California Labor Code section 1197.5. Section 1197.5 prohibits retaliation against employees for invoking or assisting enforcement of California equal pay rights, and it protects employees who disclose, discuss, or inquire about wages. California Labor Code section 1197.5.

Why Post-Complaint Performance Documentation Is Risky

The most common employer defense to retaliation charges is that the challenged action was based on performance, misconduct, attendance, or business needs. That defense is strongest when the employer can show consistent documentation, prior coaching, objective standards, and comparable treatment of similarly situated employees.

It is much weaker when the record looks different before and after protected activity. If the employee had positive reviews, no written warnings, tolerated deficiencies, or informal coaching before the complaint, and then suddenly receives heightened scrutiny, a PIP, discipline, suspension, or termination afterward, the employee will argue that the employer went looking for a reason to act.

That concern is not theoretical. In Lawson v. PPG Architectural Finishes, Inc., the California Supreme Court shot down the employer’s poor performance defense. The employer cited poor performance and failure to improve under a performance improvement plan, but the California Supreme Court held that Labor Code section 1102.6 governs section 1102.5 whistleblower retaliation claims and does not require the employee to prove the employer’s stated reason was pretextual. Lawson v. PPG Architectural Finishes, Inc. Once the employee shows protected whistleblowing was a contributing factor, the employer must prove by clear and convincing evidence that the same action would have occurred for legitimate, independent reasons even absent the protected activity Lawson v. PPG Architectural Finishes,

The Same Defense Challenge Exists Outside California

Federal law does not generally impose California’s SB 497-style 90-day presumption. Still, timing remains important. The U.S. Supreme Court has recognized that temporal proximity may support causation when it is “very close,” while also holding that an employer need not suspend a previously planned action after learning of protected activity. Clark County School District v. Breeden.

Title VII retaliation claims require proof that retaliation was a but-for cause of the challenged action, not merely a motivating factor. University of Texas Southwestern Medical Center v. Nassar. Even so, close timing, shifting explanations, uneven enforcement, and documentation created only after protected activity can create the factual disputes that make retaliation claims expensive to defend.

Bottom Line for All Employers

California’s 90-day presumption makes covered retaliation claims easier for employees to frame, but it does not create the underlying problem. The real exposure arises when the employer’s performance narrative begins only after protected activity. Employers that want to preserve defensible discipline should build the record before conflict arises, apply standards consistently, and require careful HR and legal review before taking adverse action close in time to protected conduct.

Practical Steps Employers Should Take

Employers do not have to ignore performance issues because an employee complained or engaged in protected activity. They do, however, need to prove that the decision was legitimate, consistent, and independent.

  • Document issues when they happen: Do not wait until after a complaint to document missed deadlines, quality issues, attendance problems, policy violations, or conduct concerns.
  • Audit timing before adverse action: Before discipline, termination, demotion, schedule reduction, compensation changes, or a PIP, check whether the employee recently engaged in protected activity.
  • Separate the complaint process from discipline: Where possible, keep the complaint investigator separate from the performance decisionmaker.
  • Confirm decisionmaker knowledge: Identify who made the decision, what they knew, when they knew it, and what evidence supported the action.
  • Use objective criteria: Tie discipline to measurable standards, written policies, documented expectations, and specific incidents.
  • Compare similar cases: Review how the employer handled similar performance or conduct issues involving employees who did not engage in protected activity.
  • Avoid sudden escalation: If the same issue was tolerated before protected activity, explain and document what changed.
  • Review PIPs carefully: A PIP issued after a complaint should be realistic, job-related, supported by prior evidence, and free from retaliatory tone.
  • Train managers: Supervisors should understand that complaints, wage discussions, whistleblower reports, accommodation requests, safety reports, and participation in investigations may be protected.

If you have questions about or need assistance with these and other risk management or compliance concerns, contact the author. 

For More Information

We hope this update is helpful. For more information about the  or other health or other employee benefits, human resources, or health care developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.

Solutions Law Press, Inc. invites you receive future updates by registering on our Solutions Law Press, Inc. Website and participating and contributing to the discussions in our Solutions Law Press, Inc. LinkedIn SLP Health Care Risk Management & Operations GroupHR & Benefits Update Compliance Group, and/or Coalition for Responsible Health Care Policy.

About the Author

A Fellow in the American College of Employee Benefits Counsel and Board Certified in Labor and Employment Law by the Texas Board of Legal Certification, Cynthia Marcotte Stamer has more than 35 years experience, advising plan sponsors, fiduciaries, service providers and others about fiduciary responsibility and other employee benefit plan design, administration, risk management and compliance. i

Ms. Stamer is a Martindale-Hubble AV-Preeminent (highest/top 1%) practicing attorney recognized as a “Top Woman Lawyer,” “Top Rated Lawyer,” and “LEGAL LEADER™” in Health Care Law and Labor and Employment Law; among the “Best Lawyers In Dallas” in “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law for her experience, scholarship, thought leadership and advocacy for 35 plus years of experience advising and representing, employers, employee benefit plans and their fiduciaries and administrators, their administrative services, technology and other business associates and other vendors, managed care and insurance, health care and other clients about these and other workforce, employee benefits, internal controls and other operations and compliance concerns.  

Ms. Stamer is nationally sought out for her decades of leading-edge experience in the design, sponsorship, administration, and defense of workforce, health, severance, savings retirement and other employee benefit, workforce, insurance, healthcare, data and technology, and other operations to promote legal and operational compliance, reduce regulatory and other liability, and advance other operational goals. This experience includes decades of work on ERISA, Internal Revenue Code and other related labor and employment, insurance, corporate and securities, data privacy and security, licensing and other laws. She also sought out for her extensive speaking and publications on these and related concerns.

Along with her decades of legal and strategic consulting experience, Ms. Stamer also contributes her leadership and experience to many professional, civic and community organizations including current or previous service as Employee Benefits Group Chair and a Substantive Groups Committee Member for the ABA Real Property Trusts and Estates (“RPTE”) Section and Chair of its Welfare Plan, Fiduciary Responsibility and Plan Terminations Committees; Chair of the ABA International Section International Employment Law Committee; Chair and Vice Chair of the ABA Tort Trial and Insurance (“TIPS”) Section Medicine and Law Committee, Vice Chair of its Employee Benefits and Worker’s Compensation Committees; and Chair of the ABA Intellectual Property Section Law Practice Management and Special Technologies Committees; ABA Joint Committee on Employee Benefits (“JCEB”) Council Representative and Scribe for its annual agency meetings with the Department of Health and Human Services; International Section Life Sciences Committee Chair; Health Law Section Managed Care & Insurance Interest Group Chair; Vice Chair, Tax Section Fringe Benefit Committee Chair, and in various other ABA leadership capacities. Ms. Stamer also is a former Southwest Benefits Association Board Member and Continuing Education Chair, SHRM National Consultant Board Chair and Region IV Chair, Dallas Bar Association Employee Benefits Committee Chair, former Texas Association of Business State, Regional and Dallas Chapter Chair, a founding board member and Past President of the Alliance for Healthcare Excellence, as well as in the leadership of many other professional, civic and community organizations. She also is valued and celebrated for her decades of policy advocacy and charitable, pro bono, community and other service and leadership to promote understanding and strengthening health care, workforce, saving, disability, aging and retirement and other key policies and challenges through her PROJECT COPE Coalition For Patient Empowerment initiative and many other pro bono service involvements locally, nationally and internationally.

Ms. Stamer is the author of many highly regarded works published by leading professional and business publishers, the ABA, the American Health Lawyers Association, and others. Ms. Stamer also often speaks and serves on the faculty and steering committee for many ABA and other professional and industry conferences and conducts leadership and industry training for a wide range of organizations.

For more information about Ms. Stamer or her health industry, health and other benefits, workforce and other experience and involvements, see the Cynthia Marcotte Stamer P.C. website or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press™

Solutions Law Press™ provides health care, insurance, human resources and employee benefit, data and technology, regulatory and operational performance, and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education. These include extensive resources on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press™ resources or training.

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.

NOTICE: These statements and materials are for general information and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation considering the specific facts and circumstances presented in their unique circumstances at the particular time. No comment or statement in this publication is to be construed as legal advice or admission. Solutions Law Press and its authors reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law constantly and often evolves, subsequent developments that could change the currency and completeness of this discussion are likely. Solutions Law Press and its authors disclaim and have no responsibility to provide any update or otherwise notify anyone of any fact or law-specific nuance, change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.

©2026 Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions Law Press.™ For information about licensing for republication, please contact the author directly. All other rights reserved.

 

Comments Off on New California SB 497 90-day Retaliation Presumption Highlights Risk Employers Everywhere Face When Performance Issues Appear Only After Protected Activity | 5000, ADA, HR, Human Resources, Insurance, Retail, Retaliation, Whistleblower | Permalink
Posted by Cynthia Marcotte Stamer

Identity Theft Scan Targets Employee Tax Records

December 7, 2018

The Internal Revenue Service is warning human resources and other business leaders about a growing wave of identity theft and W-2 scams targeting sensitive tax data employers collect on their employees. The warning highlights one of the many growing data breach exposures businesses must manage as identity thieves become ever more sophisticated.

Such data like Form W-2 data – is highly valued by identity thieves. While identity thieves use a variety of tactics to steal this information including hacking into the IRS’ own systems, the IRS this week is warning about one scheme that the IRS says has become one of the more dangerous email scams.

All employers are targets for the W-2 scam, according to the IRS.

Here’s how it works:

  • These emails appear to be from an executive or organization leader to a payroll or human resources employee.
  • The message usually starts with a simple greeting, like: “Hey, you in today?”
  • By the end of the email exchange, all of an organization’s Forms W-2 for their employees may be in the hands of cybercriminals.
  • Because payroll officials believe they are corresponding with an executive, it may take weeks for someone to realize a data theft has occurred.
  • Generally, the criminals are trying to quickly take advantage of their theft, sometimes filing fraudulent tax returns a day or two.

The IRS warns this scam is such a threat to taxpayers that a special IRS reporting process has been established. The IRS says employers victimized should:

  • Email dataloss@irs.gov to notify the IRS of a W-2 data loss and provide contact information. In the subject line, type “W2 Data Loss” so that the email can be routed properly. The business should not attach any employee personally identifiable information data.
  • Email the Federation of Tax Administrators at StateAlert@taxadmin.org to get information on how to report victim information to the states.
  • File a complaint with the FBI’s Internet Crime Complaint Center. Businesses and payroll service providers may be asked to file a report with their local law enforcement agency.
  • Notify employees. The employee may then take steps to protect themselves from identity theft. The Federal Trade Commission’s www.identitytheft.govprovides guidance on general steps employees should take.
  • Forward the scam email to phishing@irs.gov.
  • The IRS also recommends the following resources:
  • The IRS alert reminds businesses again about the growing challenges they face guarding sensitive tax, health and other employee benefit plan and other data about employees, customers, business partners and others. Aside from the disruptions businesses incur to organizations and relationships with employees, customers, business partners or others and often tremendous costs of investigation and mitigation, breaches also commonly trigger substantial legal liability under a myriad of federal and state laws and regulations, contracts, and common law tort claims. Businesses generally and Human Resources, tax and other systems and operations should take well documented steps to prevent and prepare for a potential breach.

    • About the Author

    Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of management focused employment, employee benefit and insurance, workforce and other management work, public policy leadership and advocacy, coaching, teachings, and publications.

    Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving and author of “What To Do When Your Employee’s Personal Life Becomes Your Business@ and a multitude of other highly regarded works on data protection and breach, her work includes career-long, leading edge involvement counseling and representing human resources, employee benefit, insurance and financial, tax, healthcare and other businesses about data and other sensitive information privacy and breach.

    Ms. Stamer’s clients include employers and other workforce management organizations; employer, union, association, government and other insured and self-insured health and other employee benefit plan sponsors, benefit plans, fiduciaries, administrators, and other plan vendors;   domestic and international public and private health care, education and other community service and care organizations; managed care organizations; insurers, third-party administrative services organizations and other payer organizations;  and other private and government organizations and their management leaders.

    Throughout her 30 plus year career, Ms. Stamer has continuously worked with these and other management clients to design, implement, document, administer and defend hiring, performance management, compensation, promotion, demotion, discipline, reduction in force and other workforce, employee benefit, insurance and risk management, health and safety, and other programs, products and solutions, and practices; establish and administer compliance and risk management policies; comply with requirements, investigate and respond to government, accreditation and quality organizations, regulatory and contractual audits, private litigation and other federal and state reviews, investigations and enforcement actions; evaluate and influence legislative and regulatory reforms and other regulatory and public policy advocacy; prepare and present training and discipline;  handle workforce and related change management associated with mergers, acquisitions, reductions in force, re-engineering, and other change management; and a host of other workforce related concerns. Ms. Stamer’s experience in these matters includes supporting these organizations and their leaders on both a real-time, “on demand” basis with crisis preparedness, intervention and response as well as consulting and representing clients on ongoing compliance and risk management; plan and program design; vendor and employee credentialing, selection, contracting, performance management and other dealings; strategic planning; policy, program, product and services development and innovation; mergers, acquisitions, bankruptcy and other crisis and change management; management, and other opportunities and challenges arising in the course of workforce and other operations management to improve performance while managing workforce, compensation and benefits and other legal and operational liability and performance.

    Past Chair of the ABA Managed Care & Insurance Interest Group and, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, heavily involved in health benefit, health care, health, financial and other information technology, data and related process and systems development, policy and operations throughout her career, and scribe of the ABA JCEB annual Office of Civil Rights agency meeting, Ms. Stamer also is widely recognized for her extensive work and leadership on leading edge health care and benefit policy and operational issues. She regularly helps employer and other health benefit plan sponsors and vendors, health industry, insurers, health IT, life sciences and other health and insurance industry clients design, document and enforce plans, practices, policies, systems and solutions; manage regulatory, contractual and other legal and operational compliance; vendors and suppliers; deal with Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA, state insurance law and other private payer rules and requirements; contracting; licensing; terms of participation; medical billing, reimbursement, claims administration and coordination, and other provider-payer relations; reporting and disclosure, government investigations and enforcement, privacy and data security; and other compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; HIPAA administrative simplification, meaningful use, EMR, HIPAA and other technology, data security and breach and other health IT and data; STARK, antikickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA, HEDIS and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; 1557 and other Civil Rights; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns.

    A former lead consultant to the Government of Bolivia on its Pension Privatization Project with extensive domestic and international public policy concerns in pensions, healthcare, workforce, immigration, tax, education and other areas, Ms. Stamer has been extensively involved in U.S. federal, state and local health care and other legislative and regulatory reform impacting these concerns throughout her career. Her public policy and regulatory affairs experience encompasses advising and representing domestic and multinational private sector health, insurance, employee benefit, employer, staffing and other outsourced service providers, and other clients in dealings with Congress, state legislatures, and federal, state and local regulators and government entities, as well as providing advice and input to U.S. and foreign government leaders on these and other policy concerns.

    Author of leading works on a multitude of labor and employment, compensation and benefits, internal controls and compliance, and risk management matters and a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other related concerns by her service in the leadership of the Solutions Law Press, Inc. Coalition for Responsible Health Policy, its PROJECT COPE: Coalition on Patient Empowerment, and a broad range of other professional and civic organizations including North Texas Healthcare Compliance Association, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children (now Warren Center For Children); current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, past Representative and chair of various committees of ABA Joint Committee on Employee Benefits; an ABA Health Law Coordinating Council representative, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, a former member of the Board of Directors of the Southwest Benefits Association and others.

    For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

    About Solutions Law Press, Inc.™

    Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources here such as the following:

    If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.

    NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advise or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The presenter and the program sponsor disclaim, and have no responsibility to provide any update or otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

    Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.

    ©2018 Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions Law Press, Inc.™ For information about republication or the topic of this article, please contact the author directly. All other rights reserved.

    Comments Off on Identity Theft Scan Targets Employee Tax Records | ADA, Attorney-Client Privilege, Civil Rights, Claims Administration, Consumer Protection, Corporate Compliance, corporate governance, Cybercrime, Data Breach, Data Security, defined benefit plan, defined contribution plan, directors, Disability, Disability Plans, Discrimination, Educational Privacy, Employee Benefits, Employer, Employers, Employment, Employment Policies, Employment Tax, ERISA, fiduciary duty, Fiduciary Responsibility, Government Contractors, Identity Theft, Insurance, insurers, Non-Compete, Non-compete, Non-Competition Agreement, Protected Health Information, Retail, Tax, third party administrators, Trade secret, Uncategorized | Permalink
    Posted by Cynthia Marcotte Stamer

    Strengthen Your Cyber Security By Sharing National Cyber Security Awareness Month Resources This Week

    October 25, 2015

    Halloween’s annual celebration of spooks and goblins peak is a perfect time to promote awareness and help American businesses and citizens build their skills to guard against the real and growing menace of identity thieves and other cybercriminals by getting involved with the 12th annual National Cyber Security Awareness Month (NCSAM) in October, begin preparing to participate in the next annual “Data Privacy Day” on January 28, 2016 and joining in other activities highlighted through NCSAM and Data Privacy Day to help deter Cybercrime and identity theft threats. Even if your organization or family choose not to participate in any official or public way, checking out and using the many free resources provides an invaluable, free opportunity to raise your defenses against this rising risk.

    With virtually every American business and citizen now connected to and using the Internet to conduct key personal and business transactions and the constant drive by government and business to digitize regular business transactions, no one agency, business or individual alone can truly know where and who has their sensitive data, much less reliably can defend this data against the identity and other theft and other cybercriminals lurking in the digital world’s virtual streets waiting to strike, then disappear in “Jack The Ripper” style into the darkness of the Internet.  That’s why every American and American business should take time to participate and urge others to Get Involved in the 12th Annual NCSAM activities this month and use the supportive resources offered through that involvement throughout the year.

    Celebrated annually in October, NCSAM was created to provide resources to help Americans stay safer and more secure online through public-private collaboration between the U.S. Department of Homeland Security and industry led by the National Cyber Security Alliance (NCSA). NCSAM and its associated activities outreach to consumers, small and medium-sized businesses, corporations, educational institutions and young people across the nation.  NCSAM 2015 particularly focuses on the consumer and his/her needs regarding cybersecurity and safety continuing the overall message of STOP. THINK. CONNECT. Campaign founded in 2010 and its capstone concepts: “Keep a Clean Machine,” “Protect Your Personal Information,” “Connect with Care,” “Be Web Wise” and “Be a Good Online Citizen.” NCSAM seeks to remind Americans to incorporate “STOP. THINK. CONNECT.” into their online routines and offers resources to help individuals understand and put these principles into practice into their online routine at the home, the office and elsewhere.

    Designed to be accessible and understandable by consumers, many business and government organizations may want to support and promote their Cyber Security employee and customer training and awareness efforts by participating annually in NCSAM in October, signing up your organization to Data Privacy Day Champion and/or participating in Data Privacy Day on January 28, 2016, or otherwise using and sharing tips, tools and other resources in the Privacy Library such as:

    General Privacy & Cyber Security Awareness

    Keep a Clean Machine/Cookies & Behavioral Tracking

    • Malware & Botnets
    • A video about cookies and why they matter created by the Wall Street Journal.
    • Information about the Network Advertising Initiative (NAI) offering opt-out of online behavior advertising and provides factual information about online behavioral advertising, privacy, cookies.

    Health Privacy

    Identity Theft Prevention & Clean Up

    Mobile App Privacy & Security

    Student & Educational Privacy & Security

    • I want to each online safety for Grades K-2,  Grades 3-5  Middle and High School Higher Education and CSave Volunteer Lesson Plans & Materials
    • The Protecting Privacy in Connected Learning toolkit is an in-depth, step-by-step guide to navigating the Family Education Rights and Privacy Act (FERPA), the Children’s Online Privacy Protection Act (COPPA) and related privacy issues.
    • Securing Your Home Network
    • The Family Educational Rights and Privacy Act, or FERPA, is the main federal law that deals with education privacy, but there are a host of other laws, best practices, and guidelines that are essential to understanding education privacy. FERPA|SHERPA aims to provide service providers, parents, school officials, and policymakers with easy access to those materials to help guide responsible uses of student’s data.
    • General guidance for parents provided by the department of education Family Educational Rights and Privacy Act (FERPA)
    • Student Privacy 101: FERPA for parents and students – Ever have questions about your rights regarding education records? This short video highlights the key points of the family education rights and privacy act (FERPA).

    Other Resources 

    About the Author

    Cynthia Marcotte Stamer is a practicing attorney and Managing Shareholder of Cynthia Marcotte Stamer, P.C., a member of Stamer│Chadwick │Soefje PLLC, author, pubic speaker, management policy advocate and industry thought leader with more than years’ experience helping business and government organizations and their leaders manage. Ms. Stamer’s legal and management consulting work throughout her 28 plus year career has focused on helping organizations and their management understand and use the law and process to manage people, process, compliance, operations and risk including significant work in the prevention, investigation and remediation of data breach and other Cybercrime events.

    Scribe responsible for leading the American Bar Association (ABA) Joint Committee on Employee Benefits (JCEB) annual agency meeting with the Department of Health & Human Services Office of Civil Rights,Scribe responsible for leading the American Bar Association (ABA) Joint Committee on Employee Benefits (JCEB) annual agency meeting with the Department of Health & Human Services Cynthia Marcotte Stamer’s practice has focused on advising and representing government and private technology, security, health care providers, health plans, health, schools and other educational organizations, insurance, banking and financial services, retail, employer and other organizations about privacy and data security compliance and risk management, breach and other investigations and enforcement, workforce and performance management and other risk management, compliance, public policy, regulatory, staffing, and other operations and risk management concerns.

    With data and technology use, protection and management imbedded in virtually every aspect of her client’s operations, data and other confidential information and systems use, protection, breach or other abuse investigation and response, enforcement and liability mitigation and defense and other Cybercrime and Cyber Security challenges are a continuous component of Ms. Stamer’s management work.  Ms. Stamer helps public and private, domestic and international businesses, governments, and other organizations and their leaders manage their employees, vendors and suppliers, and other workforce members, customers and other’ performance, compliance, compensation and benefits, operations, risks and liabilities, as well as to prevent, stabilize and cleanup workforce, data breach and Cybercrime, and other legal and operational crises large and small that arise in the course of operations.  Ms. Stamer regularly helps clients design, administer and defend HIPAA, FACTA, data breach, identity theft and other risk management, compliance and other privacy, data security, confidential information and other data security, technology and management policies and practices affecting their operations.   She also helps clients prevent, investigate and mitigate HIPAA, FACTA, PHI and other data breach hacking, identity theft, data breach, data loss or destruction, theft of trade secrets or other sensitive data, spoofing, industrial espionage, insider and other parties misuse of data or technology and other cybercrime and technology use concerns.  Best-known for her extensive work helping health care, insurance and other highly regulated entities manage both general employment and management concerns and their highly complicated, industry specific corporate compliance, internal controls and risk management requirements, Ms. Stamer’s clients and experience also includes a broad range of other businesses.  Her clients range from highly regulated entities like employers, contractors and their employee benefit plans, their sponsors, management, administrators, insurers, fiduciaries and advisors, technology and data service providers, health care, managed care and insurance, financial services, government contractors and government entities, as well as retail, manufacturing, construction, consulting and a host of other domestic and international businesses of all types and sizes.  Common engagements include internal and external privacy and data security compliance, risk management, investigation and remediation, workforce hiring, management, training, performance management, compliance and administration, discipline and termination, and other aspects of workforce management including employment and outsourced services contracting and enforcement, sentencing guidelines and other compliance plan, policy and program development, administration, and defense, performance management, wage and hour and other compensation and benefits, reengineering and other change management, internal controls, compliance and risk management, communications and training, worker classification, tax and payroll, investigations, crisis preparedness and response, government relations, safety, government contracting and audits, litigation and other enforcement, and other legal and operational compliance, risk management, disaster preparedness and response, and liability defense and mitigation concerns arising out of organization’s operations.

    Cindy also is widely recognized for her regulatory and public policy advocacy, publications, and public speaking on privacy and other compliance, risk management concerns. Among others, she is the author of “Privacy & Securities Standards-A Brief Nutshell,” “Privacy Invasions of Medical Care-An Emerging Perspective,” the E-Health Business and Transactional Law Chapter on Other Liability-Tort and Regulatory;” “Cybercrime and Identity Theft: Health Information Security Beyond HIPAA;” “Personal Identity Management Legal Demands and Technology Solutions;” “Tailoring A Records Management Plan And Process To Meet Your Legal And Operational Needs;” “Brokers & Insurers Identity Theft and Privacy Perils;” “HR’s Role In Personal Identity Theft & Cyber Crime Prevention;” “Protecting & Using Patient Data In Disease Management Opportunities, Liabilities And Prescriptions;” “Why Your Business Needs A Cybercrime Prevention and Compliance Program;” “Leveraging Your Enterprise Digital Identity Management Investments and Breaking though the Identity Management Buzz;” “When Your Employee’s Private Life Becomes Your Business;” and hundreds of other works. Her insights on privacy, data security, and other matters have appeared in The Wall Street Journal, Business Insurance, the Dallas Morning News, Spencer Publications, and a host of other publications. She speaks and has conducted privacy training for the Association of State & Territorial Health Plans (ASTHO), the Los Angeles Health Department, the American Bar Association, the Health Care Compliance Association, a multitude of health industry, health plan, insurance and financial services, education, employer employee benefit and other clients, trade and professional associations and others.

    Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer works with businesses and government organizations and their management, employee benefit plans, schools, financial institutions, retail, hospitality, and other organizations deal with all aspects of these and other operations performance and compliance management.  She supports her clients both on a real time, “on demand” basis and with longer term basis to deal with daily performance management and operations, emerging crises, strategic planning, process improvement and change management, investigations, defending litigation, audits, investigations or other enforcement challenges, government affairs and public policy.

    Ms. Stamer also is active in the leadership of a broad range of other professional and civic organizations. For instance, Ms. Stamer presently serves on an American Bar Association (ABA) Joint Committee on Employee Benefits Council representative; Vice President of the North Texas Healthcare Compliance Professionals Association; Immediate Past Chair of the ABA RPTE Employee Benefits & Other Compensation Committee, its current Welfare Benefit Plans Committee Co-Chair, on its Substantive Groups & Committee and its incoming Defined Contribution Plan Committee Chair and Practice Management Vice Chair; Past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group and a current member of its Healthcare Coordinating Council; current Vice Chair of the ABA TIPS Employee Benefit Committee; the former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division; on the Advisory Boards of InsuranceThoughtLeadership.com, HR.com, Employee Benefit News, and many other publications.  She also previously served as a founding Board Member and President of the Alliance for Healthcare Excellence, as a Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; the Board President of the early childhood development intervention agency, The Richardson Development Center for Children; Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee; a member of the Board of Directors of the Southwest Benefits Association. For additional information about Ms. Stamer, see here, or the Stamer Chadwick Soefje PLLC website here.  To contact Ms. Stamer, e-mail her at here or telephone (469) 767-8872.

    About Solutions Law Press, Inc.™

    Solutions Law Press, Inc.™  provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources at http://www.solutionslawpress.com including:

    If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating or updating your profile here.

    ©2015 Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions Law Press, Inc.. All other rights reserved.

    Comments Off on Strengthen Your Cyber Security By Sharing National Cyber Security Awareness Month Resources This Week | Banking, Child Safety, Cybercrime, Data Breach, Education, Educational Privacy, Employer, FACTA, Fair Credit Reporting Act, Financial Security, FINRA, Gaming, health Care, HIPAA, Hospitality, HR, Human Resources, Identity Theft, Insurance, Internet, Managment, NCSAM, Privacy, Retail, Risk Management, Safety, Schools, Security, Technology | Tagged: , , , , , , , , , , , , , , , , | Permalink
    Posted by Cynthia Marcotte Stamer