A fiduciary1 or family member may run into difficulties in trying to access the e–mails from an incapacitated or deceased person’s employer. The employer may claim that the employee did not own the e–mails under the company’s electronic resources policy. Also, the company might refuse to release portions of an employee’s e–mails because:
- the information is a trade secret, protected by state laws, that the company does not want to disclose;
- the information is covered by a non–compete or non–disclosure agreement that the employee signed;
- the information is “protected health information,” which may include an employee’s information related to a company’s group health insurance plan, medical reimbursement account, etc., that protects the employee from unauthorized disclosure and that is regulated by HIPAA’s privacy rule, but an incapacitated employee’s designated health care agent or a deceased employee’s personal representative may have authority to request this information (follow this link for more information on personal representatives under HIPAA);
- the information is confidential medical information that is protected from disclosure by a state law or the Americans with Disabilities Act;
- the information is “nonpublic personal information” that the company collects about its customers that is protected from disclosure and regulated by the Gramm–Leach–Bliley Financial Modernization Act of 1999; or
- the information may be private or privileged (including the attorney client privilege) with respect to the employee, but an incapacitated employee’s financial agent or a deceased employee’s personal representative may have authority to request this information.
The appropriate fiduciary should contact the employer promptly for any desired information, because an electronic data retention policy may limit how long the company retains an employee’s e–mails and other digital property.
1A fiduciary may include a guardian, conservator, executor, personal representative, trustee, attorney–in–fact, etc.