USPS settles with NLRB on data breach complaint

From Politico:

POSTAL SERVICE SETTLES DATA BREACH LABOR CASE: The U.S. Postal Service agreed to settle an NLRB complaint alleging it refused to bargain with its unions over how to rectify a data breach that compromised personal information for hundreds of thousands of employees.

The issue was a novel one for the board, which, experts say, has rarely, if ever, considered whether employers have a duty to bargain with labor groups over data breaches. The settlement constitutes what is essentially an admission by the Post Office that it had a duty to negotiate with unions over how to address the breach. http://politico.pro/1PzoE6L

Source: POLITICO Morning Shift – POLITICO

NLRB issues complaint against USPS over handling of massive data breach

ALEXANDRIA, Va.–(BUSINESS WIRE)–The National Labor Relations Board (NLRB) has issued a Complaint against the Postal Service alleging that it violated federal labor law by failing to bargain with the National Rural Letter Carriers’ Association (NRLCA) and provide information to the NRLCA concerning last year’s massive Postal Service data breach. The Complaint, issued on March 31, stems from an unfair labor practice charge filed by the NRLCA on November 19, 2014. Continue reading

USPS data breach compromised some workers health information

Network intruders compromised health information on current and former U.S. Postal Service employees who filed for workers’ compensation, USPS officials say.

The files were accessed during a previously reported September cyber intrusion that netted the Social Security numbers of about 800,000 USPS employees. Details of the health data breach are just now being revealed for the first time.

The agency does not face health data security fines or Health and Human Services Department breach notification violations, because the data was not part of an insurance plan.

About 485,000 employees, former employees and retirees whose medical details were potentially exposed received a notification letter last month, USPS spokesman David Partenheimer said.

The information potentially compromised was stored in "a file relating to injury compensation claims," USPS Chief Human Resources Officer Jeffrey Williamson said in the letter dated Dec. 10. "In addition some of your medical information” associated with the claims may have been breached.

Read more: Medical File Hack Affected Nearly Half a Million Postal Workers – Nextgov.com.