Biometric data and the law — GDPR, BIPA, CCPA, and what 'on-device only' actually means
This article exists because I keep getting the same email. It usually starts: “We were thinking of using face-based time tracking, but our HR person flagged that we’d have to comply with [law]. Is that going to be a nightmare?”
Read More
How to track employee hours without sending a single byte to the cloud
There’s a quiet assumption baked into almost every time-tracking product on the market: that an employee’s clock-in event is a piece of data that should be uploaded somewhere. Usually to the vendor’s cloud. Sometimes mirrored across three regions for “redundancy.” Often retained indefinitely under a vague “as long as needed for the service” clause.
Read More