Fall 2017

Fall 2017 • PENNSYLVANIA RESTAURANT & LODGING matters •  23 information in a data breach, a robust data-security program still may be a necessity in some contexts and, ultimately, makes good business sense. As the Superior Court acknowledged, employers must comply with other statutes and regulations governing data privacy, such the Federal Health Insurance Portability and Accountability Act (“HIPAA”), as well as Pennsylvania’s Unfair Trade Practices and Consumer Protection Law (“UTPCPL”) and Breach of Personal Information Notification Act. Finally, extra data security and privacy measures, to the extent feasible, can prevent the inevitable reputational harm and damage to employee morale that necessarily can result from a data breach. • If you have any questions concerning this or other legal issues, please contact Erin R. Kawa (717- 909-1624 or ekawa@shumakerwilliams.com ) at Shumaker Williams, P.C., PRLA’s General Counsel.