Educational Privacy |

$2.7 Million FCA Cyber Liability Settlement Shows New Tool In Government’s Strategy To Fight Cyber Insecurity By Holding Businesses & Leaders Accountable

May 4, 2024

The $2.7 million settlement government contractor Insight Global LLC, (“Insight”) is paying to settle a Justice Department (“DOJ”) False Claims Act civil suit for lax cybersecurity shows government contractors now must add possible False Claims Act prosecution to the already substantial and ever-widening potential consequences all organizations and leaders when their organizations experience a cyber incident.

Supplementing the strength and reach of existing cybersecurity laws by using the False Claims Act, federal securities, employee benefit fiduciary responsibility. and other laws as tools to pressure organizations and their leaders to strengthen their cybersecurity compliance and defenses is a key component of the National Cybersecurity Strategy the Administration announced in March, 2023 to battling the ongoing pandemic of cyber incidents. As National Cybersecurity Strategy states, “Continued disruptions of critical infrastructure and thefts of personal data make clear that market forces alone have not been enough to drive broad adoption of best practices in cybersecurity and resilience. … We must hold the stewards of our data accountable for the protection of personal data; drive the development of more secure connected devices; and reshape laws that govern liability for data losses and harm caused by cybersecurity errors, software vulnerabilities, and other risks created by software and digital technologies.

The National Cyber Security Strategy goes on to warn, “We will use Federal purchasing power and grant-making to incentivize security.”

With holding businesses and their leaders accountable a key component of the Federal government’s National Cybersecurity Strategy, government contractors specifically and all businesses and their leaders generally should heed the use of the DOJ’s use of the False Claims Act as another tool in its expanding arsenal for holding businesses experiencing cyber breaches accountable as proof of their own growing imperative to manage their own cyber security and liability in response to exploding strains of cyber threats and liabilities.

Government Contractor False Claims Act Cyber Risk

DOJ’s adoption of the False Claims Act as a tool for imposing liability against government contractors experiencing a cyber breach is part of a broader effort to persuade organizations and their leaders to tighten their cyber security defenses and responses by ratcheting up the liability and other consequences organizations and their leaders face when their organizations experience a cyber incident. The False Claims Act imposes treble damages and penalties on those who knowingly and falsely claim money from the United States or knowingly fail to pay money owed to the United States.

A Civil Cyber-Fraud Initiative announced by DOJ on October 6, 2021 adds potential False Claims Act civil lawsuits by DOJ or private whistleblowers to the already significant and expanding consequences government contractors and grant holders can face for failing to fulfill requirements to properly secure protected health information or other sensitive data as required in their government contracts.

According to DOJ’s May 1, 2024 announcement, Insight will pay $2.7 million to resolve DOJ False Claims Act charges for failing to have adequate cybersecurity measures to protect health information obtained during COVID-19 contact tracing under the new of the Settlement shows DOJ is following through on its promise.

$2.7 Million Insight FCA Cyber Settlement

The $2.7 million Settlement settles a whistleblower lawsuit, United States ex rel. Seilkop v. Insight Global LLC, No. 1:21-cv-1335 (M.D. Pa.). Filed under the whistleblower provisions of the False Claims Act that permit private parties to sue on behalf of the government when they believe that defendants submitted false claims for government funds and to receive a share of any recovery, DOJ intervened in the suit. Whistleblower, Terralyn Williams Seilkop, a former Insight Global staff member who worked on the contact tracing at issue, will receive a $499,500 share of the $2.7 million settlement amount.

The lawsuit alleged the Pennsylvania Department of Health hired Insight to provide staffing for COVID-19 contact tracing and paid Insight using federal funds from the U.S. Centers for Disease Control and Prevention. Although keeping personal health information of contact tracing subjects confidential and secure was part on its contractual duties, Insight failed to secure the protected health information. Instead, DOJ claimed, for example, Insight transmitted certain personal health information and/or personally identifiable information of contact tracing subjects in the body of unencrypted emails, stored and transmitted the information using Google files not password protected, making them potentially accessible to the public via internet links and allowed staff to use shared passwords to access that information.

DOJ additionally alleged that from November 2020 through January 2021, Insight managers received complaints from Insight staff that protected health information was unsecure and potentially accessible to the public, but failed to start remediating the issue until April 2021 after deficiencies came to light.

When Insight eventually began remediating these cybersecurity breaches and deficiencies in 2021, the announcement states Insight cooperated with the DOJ investigation of the cause and scope of the incident. It also took steps to remedy cybersecurity deficiencies by strengthening internal controls and procedures, adding more data-security resources and issuing a public notice regarding the scope of the potential exposure and offering free credit monitoring and identity protection services to those affected. FOJ also reports Insight also cooperated with the United States’ investigation.

DOJ’s Insight settlement announcement warns other government contractors of DOJ’s “continuing commitment to ensure that government contractors fulfill their cybersecurity obligations.” Its announcement quotes Principal Deputy Assistant Attorney General Brian M. Boynton, head of the Justice Department’s Civil Division as stating, “The Justice Department will hold accountable those contractors who knowingly fail to satisfy cybersecurity requirements.”

Meanwhile, Special Agent in Charge Maureen R. Dixon of the Department of Health and Human Services Office of Inspector General (HHS-OIG) is quoted as stating “Contractors for the government who do not follow procedures to safeguard individuals’ personal health information will be held accountable.”

Cyber Risk Implications For Government Contractor & Other Organizations

Potential False Claims Act liability under the DOJ False Claims Act Civil Cyber-Fraud Initiative add additional liability risks for government contractors to already substantial and growing federal and state regulatory, contractual, and civil and criminal liabilities and other consequences that cyber breaches and other cybersecurity weaknesses create for business and other organizations, their health plans and their leaders. Examples of these other exposures that lax privacy, data security, data breach and other cybersecurity practice may create include:

Business operating losses from resulting operational disruptions and damages to customer, business partner, shareholder and public trust;
Federal Sentencing Guidelines organizational criminal liability arising from violations of electronic crime and other federal criminal data privacy and security laws;
Federal Trade Commission Act and state unfair business practices liability for deceiving customers about privacy practices;
Security and Exchange Commission (“SEC”) criminal and civil actions and shareholder lawsuits under the Security and Exchange Act;
Health Insurance Portability & Accountability Act civil monetary penalty and criminal exposures for health plans, health care providers, health care clearinghouses and their business associates;
Employee Benefit Security Act fiduciary liability for health fiduciaries;
Liability for violation of Fair and Accurate Transaction Act, Internal Revenue Code, or other federal privacy or confidentiality laws;
damages and other penalties and judgments arising under state identity theft, data security, privacy and other state statutory, contractual and tort laws; and
More.

These and other constantly emerging exposures show the imperative for government contractors and all other organizations and their leaders to ensure their organizations take adequate, well-documented efforts to protect their systems and data and fulfill all otherwise applicable cybersecurity rules.

With new cyber attacks and strains of cyber liability, emerging constantly, organizations, and their leaders increasingly must change the way they think about and address their own cyber security and other technology, budgets and management. The escalation of cyber incidents and risks necessitates that organizations and their leaders to treat cybersecurity as critical components of their operational and business plans and priorities.

Amid the pandemic of constantly evolving cyber threats, even the most diligent efforts to secure systems and data cannot guarantee the prevention of a breach or other cyber incident. Given this challenge, organizations and their leaders must focus both on taking meaningful steps to adequately secure their systems and data against a cyber breach or incident as well as position their organizations and leaders to defend their actions and mitigate exposures through appropriate strategic planning, documented oversight and risk assessment, monitoring and response of threats and safeguards; preparation and timely response to cyber events using attorney-client privilege and other evidentiary tools to promote the defensibility of pre-breach, breach investigation and post-breach investigation and decision-making.

As the availability of funding can radically impact the effectiveness of these and other risk mitigation efforts when a cyber incident occurs, these preparations also should incorporate insurance and other arrangements to provide for breach investigation funding and response.

For Additional Information

We hope this update is helpful. Solutions Law Press, Inc. invites you to receive future updates by registering on here and participating and contributing to the discussions in our Solutions Law Press, Inc. LinkedIn SLP Health Care Risk Management & Operations Group, HR & Benefits Update Compliance Group, and/or Coalition for Responsible Health Care Policy

If you need have questions or need assistance with this or other cybersecurity, health, benefit, payroll, investment or other data, systems or other privacy or security related risk management, compliance, enforcement or management concerns, to inquire about arranging for compliance audit or training, or need legal representation on other matters, contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.

About the Author

Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 35 plus years of cybersecurity, workforce, technology and other compliance, risk management and mitigation, incident and other investigations,regulatory and government affairs, and other strategic, operational, regulatory and legal and consulting management work for government contractors and other public and private businesses; managed care and other health and life science, insurance, technology, and other performance and data dependent organizations,

A Fellow in the American College of Employee Benefit Counsel, Co-Chair of the American Bar Association (“ABA”) International Section Life Sciences and Health Committee and Vice-Chair Elect of its International Employment Law Committee, Chair-Elect of the ABA TIPS Section Medicine & Law Committee, Past Chair of the ABA Managed Care & Insurance Interest Group, Scribe for the ABA JCEB Annual Agency Meeting with HHS-OCR, past chair of the ABA RPTE Employee Benefits & Other Compensation Group and current co-Chair of its Welfare Benefit Committee, and Chair of the ABA Intellectual Property Section Law Practice Management Committee, Ms. Stamer is most widely recognized for her decades of pragmatic, leading-edge work, scholarship and thought leadership with healthcare and life sciences, employment and employee benefits, managed care and insurance, data and technology and other related industries and organizations. Known for her skill combined use of her extensive legal and operational knowledge to help these and other clients develop, operationalize and defend employment, employee benefits, compensation and other staffing and workforce; data, systems and other technology; heath benefit and other healthcare and life science, managed care and insurance; employee benefits, safety, contracting, quality assurance, compliance and risk management, and other legal, public policy and operational actions and practices. She speaks and publishes extensively on these and other related compliance issues.

Ms. Stamer’s work throughout her career has focused heavily on working with health care and managed care, life sciences, health and other employee benefit plan, insurance and financial services and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns. Author of a multitude of highly regarded publications on HIPAA and other medical record and data privacy and scribe for the ABA JCEB Annual Meeting with the HHS Office of Civil Rights, her experience includes extensive involvement throughout her career in advising health care and life sciences and other clients about preventing, investigating and defending EEOC, DOJ, OFCCP and other Civil Rights Act, Section 1557 and other HHS, HUD, banking, and other federal and state discrimination investigations, audits, lawsuits and other enforcement actions as well as advocacy before Congress and regulators regarding federal and state equal opportunity, equity and other laws.

For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Laws Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested in reviewing some of our other Solutions Law Press, Inc.™ resources available here.

IMPORTANT NOTICE

NOTICE: These statements and materials are for general informational and educational purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstances at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author and Solutions Law Press, Inc.™ reserve the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules make it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc.™ disclaim, and have no responsibility to provide any update or otherwise notify anyone of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication. Readers acknowledge and agree to the conditions of this Notice as a condition of their access to this publication.

Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.

Leave a Comment » | Antitrust, Attorney-Client Privilege, Banking, board of directors, Brokers, Civil Monetary Penalties, Claims, compliance, Corporate Compliance, corporate governance, Cybercrime, Cybersecurity, Data Breach, Data Security, Department of Defense, DFAR, Disaster, Educational Privacy, Emergency, Employee Benefits, Employer, Employers, Employment, Employment Policies, enforcement, ERISA, false claims act, FTC, Government Accountability, Government Contractors, government employer, group health plan, health benefit, Health Benefits, health Care, Health Care Fraud, health plan, Health Plans, HIPAA, HR, Human Resources, Identity Theft, Insurance, insurers, Internal Controls, Internal Investigations, Managed Care, OFCCP, Personal Health Records, Personal Health Recordss, Physician, Plan Admistrator, Protected Health Information, Provider, self insured health plan, Technology, third party administrators, tpa, Whistleblower | Tagged: Corporate Compliance, Cyber, Data Breach, Data Security, Employee Benefits, Employer, Employers, Employment, ERISA, fca, Federal Sentencing Guidelines, government contractor, Health Insurance, Health Plans, HIPAA, Human Resources, Insurance, Insurer, Privacy, Risk Management, Technology, Worker Classification | Permalink
Posted by Cynthia Marcotte Stamer

2/28 New Comment Deadline For NLRB Proposal To Exclude College Work Study Student Workers From NLRA Coverage

January 28, 2020

February 28, 2020 is the new deadline for employers to comment on a National Labor Relations Board (“NLRB”) proposal to exempt undergraduate and graduate students performing services for financial compensation in connection with their studies from the NLRB’s definition of “employee” for purposes of the National Labor Relations Act (NLRA) and other collective bargaining and union organizing and representation laws under the NLRB’s jurisdiction.

The original notice of proposed rulemaking published here on September 23, 2019 would exempt ”every student performing teaching, research and any services for compensation, at a private college or university in connection with his or her studies from treatment as an “employee” for purposes of Section 2(3) of the NLRA. The extended deadline unofficially announced by the NLRB on January 28, 2020 is the NLRB’s second extension of the comment deadline. The official announcement from the NLRB of its extension of the comment submission window for responses to initial comments to Friday, February 28, 2020 is expected to be published in the Federal Register the week of February 3, 2020. The NLRB previously extended the comment deadline on October 17, 2019. That first extended comment deadline expired in December, 2019.

The NLRB says this proposed rulemaking t exempt students from employees covered by the NLRA “is intended to bring stability to an area of federal labor law in which the NLRB, through adjudication, has reversed its approach three times since 2000. The NLRB has stated this proposed standard on the exclusion of students from the NLRA definition of employee is consistent with the purposes and policies of the NLRA, which contemplates jurisdiction over economic relationships, not those that are primarily educational in nature.

The proposed regulation to exclude students from NLRA coverage is one of several regulatory projects that the now Trump-appointee dominated NLRB has undertaken in the past year in its effort to undue a host of pro-labor changes to NLRB policy changes initiated and enforced during the Obama Administration when President Obama appointees dominated the NLRB and its policies. Another example of these regulatory efforts include the NLRB’s current efforts to reverse a change in interpretation and enforcement of the “joint employer” rules of the NLRA and Fair Labor Standards Act that substantially expanded the imputation of liability for collective bargaining and other labor-management and wage and hour law violations by treating companies as joint employers that received the benefit of work performed even when the recipient company did not control the details of the work or the nominal employer. Aside from submitting any relevant feedback to the student rule, business leaders and organizations generally will want to carefully monitor developments to update their policies and practices as well as to provide appropriate input on these and other developments.

For More Information

We hope this update is helpful. For more information about this or other labor and employment developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.

Solutions Law Press, Inc. invites you receive future updates and join discussions about these and other human resources, health and other employee benefit and patient empowerment concerns by participating and contributing to the discussions in our Solutions Law Press HR & Benefits Update Compliance Update Group and registering for updates on our Solutions Law Press Website.

About the Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of management focused employment, employee benefit and insurance, workforce and other management work, public policy leadership and advocacy, coaching, teachings, and publications.

Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer’s clients include employers and other workforce management organizations; employer, union, association, government and other insured and self-insured health and other employee benefit plan sponsors, benefit plans, fiduciaries, administrators, and other plan vendors; domestic and international public and private health care, education and other community service and care organizations; managed care organizations; insurers, third-party administrative services organizations and other payer organizations; and other private and government organizations and their management leaders. As part of this work, she has worked extensively on employee benefit communication and other employee benefit plan legislative and regulatory policy, design, compliance and enforcement including testifying to the EBSA Advisory Council on Employee Welfare and Pension Benefit Plans in on the effectiveness of employee benefit plan disclosures during 2017 hearings on on reducing the burdens and increasing the effectiveness of ERISA mandated disclosures.

Throughout her 30 plus year career, Ms. Stamer has continuously worked with these and other management clients to design, implement, document, administer and defend hiring, performance management, compensation, promotion, demotion, discipline, reduction in force and other workforce, employee benefit, insurance and risk management, health and safety, and other programs, products and solutions, and practices; establish and administer compliance and risk management policies; manage labor-management relations, comply with requirements, investigate and respond to government, accreditation and quality organizations, regulatory and contractual audits, private litigation and other federal and state reviews, investigations and enforcement actions; evaluate and influence legislative and regulatory reforms and other regulatory and public policy advocacy; prepare and present training and discipline; handle workforce and related change management associated with mergers, acquisitions, reductions in force, re-engineering, and other change management; and a host of other workforce related concerns. Ms. Stamer’s experience in these matters includes supporting these organizations and their leaders on both a real-time, “on demand” basis with crisis preparedness, intervention and response as well as consulting and representing clients on ongoing compliance and risk management; plan and program design; vendor and employee credentialing, selection, contracting, performance management and other dealings; strategic planning; policy, program, product and services development and innovation; mergers, acquisitions, bankruptcy and other crisis and change management; management, and other opportunities and challenges arising in the course of workforce and other operations management to improve performance while managing workforce, compensation and benefits and other legal and operational liability and performance.

A Fellow in the American College of Employee Benefit Counsel and Past Chair of both the ABA Managed Care & Insurance Interest Group and it’s RPTE Employee Benefits and Other Compensation Group, Ms. Stamer also has leading edge experience in health benefit, health care, health, financial and other plan, program and process design, administration, documentation, contracting, risk management, compliance and related process and systems development, policy and operations; training; legislative and regulatory affairs, and other legal and operational concerns.

A former lead consultant to the Government of Bolivia on its Pension Privatization Project with extensive domestic and international public policy concerns in pensions, healthcare, workforce, immigration, tax, education and other areas, Ms. Stamer has been extensively involved in U.S. federal, state and local health care and other legislative and regulatory reform impacting these concerns throughout her career. Her public policy and regulatory affairs experience encompasses advising and representing domestic and multinational private sector health, insurance, employee benefit, employer, staffing and other outsourced service providers, and other clients in dealings with Congress, state legislatures, and federal, state and local regulators and government entities, as well as providing advice and input to U.S. and foreign government leaders on these and other policy concerns.

Author of leading works on a multitude of labor and employment, compensation and benefits, internal controls and compliance, and risk management matters and a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other related concerns by her service in the leadership of the Solutions Law Press, Inc. Coalition for Responsible Health Policy, its PROJECT COPE: Coalition on Patient Empowerment, and a broad range of other professional and civic organizations including North Texas Healthcare Compliance Association, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children (now Warren Center For Children); current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, past Representative and chair of various committees of ABA Joint Committee on Employee Benefits; an ABA Health Law Coordinating Council representative, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, a former member of the Board of Directors of the Southwest Benefits Association and others.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources here such as:

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here. We also invite you to join the discussion of these and other human resources, health and other employee benefit and patient empowerment concerns by participating and contributing to the discussions in our Health Plan Compliance Group or COPE: Coalition On Patient Empowerment Groupon LinkedIn or Project COPE: Coalition on Patient Empowerment Facebook Page.

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission and its content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion.otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.

©2019 Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions Law Press, Inc.™ For information about republication or the topic of this article, please contact the author directly. All other rights reserved.

Comments Off on 2/28 New Comment Deadline For NLRB Proposal To Exclude College Work Study Student Workers From NLRA Coverage | Education, Educational Privacy, employee, Employee Benefits, Employer, Employers, ERISA, Labor Management Relations, NLRA, Reporting & Disclosure, Retirement Plans, Uncategorized, Unfair Labor Practice, Union, Union certification, Union elections, Worker Classification | Tagged: Collective Bargaining, Education, Employees, higher education, NLRA, NLRB, student worker organization, Union, Worker Classification | Permalink
Posted by Cynthia Marcotte Stamer

College Pays $54,000 To Settle DOJ ADA Lawsuit For Paramedic Program’s Termination of TA With MS

November 7, 2019

Lanier Technical College, a unit of the Technical College System of Georgia, will pay $53,000 in back pay and compensatory damages and revise its policies and procedures to settle a Justice Department lawsuit alleging the College violated the Americans with Disabilities Act (ADA) by terminating along-time College employee based on her multiple sclerosis filed in the Northern District Of Georgia on November 4, 2019. In addition to this disability discrimination allegation, the Justice Department complaint also alleges the removed the employee from the teaching schedule for an entire school semester, thus reducing her hours and pay to zero, due to her multiple sclerosis after the employee took three days of sick leave one summer. The lawsuit and its settlement reminds academic health care and other public and private employers about the need to use appropriate care to avoid inappropriate discrimination against individuals with disabilities in employment and other operations.

The College had employed the terminated employee as a part-time emergency medical technician (EMT) lab assistant for over three years before the events prompting the lawsuit took place. The essential functions of her job involved assisting instructors in the classroom and in the lab, and perform “check offs” to authorize and certify that the students mastered particular technical competencies (e.g., properly taking blood pressure, starting a patient’s I.V., assessing a patient’s vital signs). In addition to her employment with the College, the former employee also worked as a paramedic for an unrelated employer. She continued to work as a full-time paramedic for nearly three years after the College terminated her employment as a part-time lab assistant.

Less than a year into her employment at the College, the former employee was diagnosed with multiple sclerosis (MS) in 2010. Shortly after her diagnosis the former employee notified among others, notified the Director of the Lanier Paramedicine Technology (PMT) Department, Sam Stone, of her condition and Mr. Stone subsequently discussed her MS and treatment with her over the course of her employment with the College. According to the Justice Department complaint, the former employee did not require any reasonable accommodations for her disability, remained qualified to perform the essential functions of the part-time lab assistant job, and did so successfully until College discharged her or otherwise altered her compensation, terms, conditions, or privileges of employment.

In 2012, the former employee assisted with classes and labs taught by Instructor Andy Booth. Instructor Booth managed the work schedule for all the part-time EMT lab assistants who assisted with his classes, including that of the former employee. This included the ability to remove lab assistants from any shifts they requested. Director Stone then completed a final review of the semester and approved the schedule and any changes to it.

During the summer of 2012, the former employee had to miss her assigned workdays on two or three occasions due to her MS and its treatment. She also was on disability leave from her paramedic job for a period during that summer, returning to work full-time in early August. Following these absences, Instructor Booth on August 30, 2012 sent an email to lab assistants, including the former employee requesting that lab assistants sign up for open shifts on the work schedule, as he was “still short on help.” The schedule with available shifts was posted for September through December 2012. The former employee signed up for seven or eight four-hour shifts over the course of the fall semester that same day and emailed Instructor Booth the evening of August 30 to inform him of this. In her email, she indicated that she was no longer on disability leave from her other job.

Two weeks later, on September 12, 2012, the College removed the former employee from the work schedule for the entire fall semester schedule on the written instructions of Instructor Booth with the approval of Director Stone. Instructor Booth’s September 12 email instructions to his assistant provided a link to the online work schedule for the lab assistants and stated: “Any day you see [the former employee], just take her off.” Director Stone was copied on this email. That same day, Director Stone replied to Instructor Booth’s email, stating that he had reviewed all of the dates up to December and approved the schedule. The College knew that, by removing the former employee from the schedule, it was terminating her employment with Lanier.

When the former employee realized that someone removed her from the schedule for the entire semester, she contacted Instructor Booth. He told the former employee, by text message, that it was Director Stone’s decision and that Director Stone wanted to give the former employee “some time to heal.” Instructor Booth also stated that Director Stone seemed upset about the former employee missing a few days in the summer due to her MS. Instructor Booth then directed the former employee to speak to Director Stone. He did not offer to reinstate her for any of the days she signed up for or for any future dates.

Thereafter, on September 26, 2012, the former employee contacted Director Stone by email. After telling Director Stone i her email that Instructor Booth said Director Stone was managing the schedule and had wanted to give her “some time to heal,” she reassured him that she appreciated his concern but that she felt she was “OK.” When Director Stone responded on September 23, he confirmed the correctness of Director Stone’s email and also confirmed that he was concerned with the former employee’s health. He offered to discuss these concerns further with her in private. He did not offer to reinstate her for any of the days she signed up for or for any future dates.

Later that day, the former employee called Director Stone. On the call, Director Stone expressed concern about legal and liability issues and whether the former employee was fit to work because of her MS. He said that he, as the Department Director, had to be concerned about her health and medical issues, because a student could challenge a grade on the basis that her MS made her unfit to evaluate students. Director Stone also referenced a couple days that the former employee missed work due to her MS during the summer, and stated that she was less reliable than other lab assistants were at that point. He did not offer to reinstate her for any of the days she signed up for or for any future dates.

Approximately six months later, College removed the former employee from the payroll and changed her payroll status to “terminated.”

On September 26, 2012, the former employee filed a timely charge of discrimination with the United States Equal Employment Opportunity Commission (EEOC), alleging that College terminated her because of her disability in violation of the ADA. The Justice Department filed the lawsuit after the EEOC referred the former employee’s complaint to it.

Title I of the ADA prohibits covered entities including the College from discriminating against a qualified individual on the basis of disability in regard to job application procedures, the hiring, advancement, or discharge of employees, employee compensation, job training, and other terms, conditions, and privileges of employment. 42 U.S.C. § 12112(a); 29 C.F.R. § 1630.4.

The Justice Department complaint against the College charged that the College violated the ADA by discriminating against her on the basis of her disability by:

Removing her from the lab assistant work schedule for a semester and reducing her work hours and compensation to zero; and
Terminating her on the basis of her disability

As a consequence of these discriminatory actions, the complaint charged the former employee suffered lost earnings, benefits and job advancement opportunities, as well as substantial emotional distress, pain and suffering and other nonpecuniary losses. The complaint asked the District Court to redress these injuries by:

Declaring the College in violation of the Title I of the ADA and its accompanying regulation;
Enjoining the College and its agents, employees, successors, and all persons in active concert or participation with it, from engaging in discriminatory employment policies and practices that violate Title I of the ADA;
Requiring the College to modify its policies, practices, and procedures as necessary to bring its employment practices into compliance with Title I of the ADA and its implementing regulation;
Ordering the College to train its supervisors and human resource staff regarding the requirements of Title I of the ADA; and
Awarding the former employee back pay with interest; the value of any lost benefits with interest; and compensatory damages, including damages for emotional distress, for injuries suffered as a result of Defendant’s failure to comply with the requirements of the ADA;

Under the settlement agreement announced November 7, 2019 by the Justice Department, the College must pay the former employee $53,000 in back pay and compensatory damages, revise its policies and training staff on the ADA to ensure compliance with the ADA, train staff on the ADA, and report to the Justice Department on implementation of the settlement agreement.

Reaching this settlement allowed the College to eliminate its exposure to potentially much greater liability. In addition to actual lost compensation and benefit damages, a loss at trial could have resulted in a jury award that also ordered the College to pay attorneys’ fees and other costs, interest and exemplary damages of up to $300,000.

For More Information

We hope this update is helpful. For more information about employment discrimination or other labor and employment, compensation, benefits or other related management and compliance concerns or developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.

About the Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of management focused employment, health care, employee benefit and insurance, workforce and other management work, public policy leadership and advocacy, coaching, teachings, and publications including extensive work with businesses on compliance, risk management and defense.

Author of numerous highly regarding publications on disability and other discrimination and other employment, employee benefit, compensation, regulatory compliance and internal controls and other management concerns affecting health care, education, insurance, housing and other operations, Ms. Stamer’s clients include health care, insurance and financial services, educational and other employer and services organizations; employer, union, association, government and other insured and self-insured health and other employee benefit plan sponsors, benefit plans, fiduciaries, administrators, and other plan vendors; domestic and international public and private health care, education and other community service and care organizations; managed care organizations; insurers, third-party administrative services organizations and other payer organizations; and other private and government organizations and their management leaders. In addition to her legal and management operations work. Ms. Stamer’s experience includes 30 plus years’ of legislative and regulatory policy advocacy and drafting, design, compliance and enforcement including testifying to the EBSA Advisory Council on Employee Welfare and Pension Benefit Plans in on the effectiveness of employee benefit plan disclosures during 2017 hearings on on reducing the burdens and increasing the effectiveness of ERISA mandated disclosures as well as advice, representation, advocacy and testimony to and before and other work with various foreign governments, Congress, state legislatures, and a multitude of federal, state and local agencies.

For more information about Ms. Stamer or her work, services, experience and involvements, see here or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources here.

Comments Off on College Pays $54,000 To Settle DOJ ADA Lawsuit For Paramedic Program’s Termination of TA With MS | Absenteeism, Academic Medicine, Accommodation, ADA, board of directors, compliance, Corporate Compliance, directors, Disability, Disability, Disability Discrimination, Disability Leave, Education, Educational Privacy, EEOC, EEOC, employee, Employee Benefits, Employer, Employers, Employment, Employment Agreement, Employment Policies, Employment Tax, ERISA, Excise Tax, FICA, health benefit, health Care, health insurance, Income Tax, Labor Management Relations, Management, NLRA, Payroll Tax, Reporting & Disclosure, Retirement Plans, Risk Management, Tax, Tax Fraud, Uncategorized, Unfair Labor Practice, Union, Union elections, Worker Classification | Tagged: ADA, Disability Discrimination, Education, Emergency Medicine, Employees, higher education, MS, news, Paramedic, school, Training | Permalink
Posted by Cynthia Marcotte Stamer

Business Leaders Serve Jail Time For Employment Tax Crimes

November 5, 2019

Business owners and operators and the business’ tax, accounting and other service providers increasingly risk criminal prosecution when involved with a business caught shirking its obligations under the Internal Revenue Code (the “Code”) to report wages and withhold and pay federal income tax and employees’ share of social security and Medicare taxes (collectively known as “FICA taxes”) from employees’ wages and to pay the employer’s share of FICA taxes in addition to the substantial civil tax penalties that the business faces for these actions.

While various Internal Revenue Service (“IRS”) educational and enforcement initiatives across the past decade have expanded awareness among business leaders and their accounting and tax advisors more aware of the the potentially significant civil tax penalties risks aggressive employment tax practices can create for the business, many business owners and operators, and the tax, accounting and payroll service providers often overlook or fail to take seriously their potential personal exposure to civil and increasingly, even criminal liability that can arise from management, consulting or other involvement with businesses engaged in aggressive employment tax practices under the Code. With the Justice Department now increasingly using criminal prosecution of individuals as well as businesses involved in employment tax evasion a key weapon in its effort to combat the “substantial problem” of employment tax fraud, however, business owners, operators, tax counsel, accounting, payroll, staffing and others increasingly must exercise care to avoid subjecting themselves to criminal prosecution and other personal liability when dealing with businesses engaged in aggressive employment tax practices.

Employment Tax Compliance Now High Enforcement Priority

Business noncompliance with their employment tax obligations is a widespread and persistent problem in the United States for a multitude of reasons, not the least of which is budgetary. Employment taxes on employee wages represent nearly 70% of all revenue collected by the IRS and, as of June 30, 2016, more than $59.4 billion of tax reported on Employer’s Quarterly Federal Tax Returns (Forms 941) remained unpaid. When last measured prior to the Justice Department’s kickoff of its current enforcement initiative in 2018, uncollected employment tax violations represented more than $91 billion of the gross Tax Gap and, after collection efforts, $79 billion of the net Tax Gap in the U.S. See Employment Tax Enforcement.

Aside from the budgetary concerns created by the widespread business noncompliance with employment tax responsibilities, the Justice Department considers nonpayment of employment taxes a serious crime. According to its Employment Tax Enforcement page states, “When employers willfully fail to collect, account for and deposit with the IRS employment tax due, they are stealing from their employees and ultimately, the United States Treasury. In addition, employers who willfully fail to comply with their obligations and unlawfully line their own pockets with amounts withheld are gaining an unfair advantage over their honest competitors.”

To stem employment tax violations and encourage greater business compliance with these requirements, the IRS and Justice Department are using a variety of taxpayer outreach, voluntary compliance resolution, and civil and criminal enforcement tools. Along with ongoing educational outreach, for instance, the IRS tries to encourage businesses to voluntarily clean up outstanding employment tax compliance issues by making available various voluntary resolution programs. For instance, the IRS Voluntary Closing Agreement Process – Employment Tax (VCAP – ET) program offers an administrative process businesses not currently under audit may use to “permanently and conclusively” resolve outstanding IRS employment tax liabilities not involving worker classification while its Voluntary Classification Settlement Program (VCSP) for businesses not under audit and Classification Settlement Program for businesses under examination offer options for businesses may use to resolve worker classification associated employment tax liabilities.

Employment Tax Prosecution Rising

Coupled with efforts to obtain greater voluntary compliance through these voluntary resolution programs, however, the IRS and Justice Department Tax Division increasingly partner to investigate and prosecute aggressively businesses and their owners, operators and tax and other service providers for employment tax violations. As the agency responsible for conducting the civil and criminal prosecutions necessary to enforce these rules, the Justice Department brings both civil suits and criminal prosecutions against both businesses and the owners, operators and others that participate or assist businesses to willfully violate the Code’s employment tax rules. While in the past, IRS and Justice Department employment tax enforcement generally focused on high dollar employment tax fraud cases, since making employment tax fraud enforcement a priority in May 2018, the IRS and Justice Department no longer place a dollar threshold on the amount of unpaid employment taxes that could trigger more severe enforcement action. Since this change, Justice Department civil and criminal employment tax fraud prosecutions and convictions have risen significantly, resulting in the Justice Department achieving a long and growing list of civil money judgements to recover unpaid taxes, interest and penalties, permanent injunctions and criminal convictions against businesses and individuals involved in employment tax fraud over the past year.

On the civil front, the Justice Department brings litigation on behalf of the United States to enforce the IRS’ authority to collect unpaid taxes and penalties and pursues permanent injunctions against businesses, payroll and tax advisors and others for violating the Code’s employment tax requirements.

In addition to actions to collect unpaid employment taxes and penalties, the Justice Department also pursues and obtains civil injunctions against employers and their principal officers who willfully fail to truthfully collect, account for and deposit employment which impose various requirements and prohibitions designed to enforce compliance. Injunctions as a Tool to Prevent Pyramiding of Employment Taxes. Among other things, the injunctive relief sought often orders for the businesses and their principal officers to comply with the employment tax rules, provide current notice of each deposit to the IRS, and placing restrictions on their opening or operating new businesses and transfer and dissipation of assets. If a business or individual violates these injunctions, the Justice Department pursues orders of civil or criminal contempt, including incarceration of the principal officer(s), to bring the business into compliance, as well as to recover compensation from the principal officers, the business or both for the damage caused by the contempt. See, e.g., Bailey Chiropractic and Bailey, David (W.D. Pennsylvania – August 21, 2018); Bogart Title INC; Bogart Law Firm; and Bogart, Erik (D. South Carolina – May 25, 2018); Detroit Wholistic Center, Inc and Jesse R. Brown (E.D. Michigan – January 31, 2018); Doctors Hospital 1997 LP and Mohiuddin, Syed Rizwan (S.D. Texas – August 16, 2018); Dr. Robert Lee Beck (Agreed Judgement) (W.D. Texas – May 21, 2018); Easy Method Driving School and Ryan, William (D. Maryland – August 22, 2018); Four State Emergency Equipment LLC; Price, William; Price, Michelle; and West Potomac Fire & Rescue, Inc (D. Maryland – June 15, 2018); Court Permanently Enjoins Baltimore-Area Importer of Stone From Accruing Payroll Tax Liabilities

Criminal Employment Tax Fraud Prosecutions & Convictions Show Justice Department Ready To Nail Businesses & Individuals Cheating On Employment Taxes

While these and other civil enforcement successes are powerful tools in the arsenal of the Justice Department and IRS employment tax enforcement efforts, however, it is the Justice Department’s growing prosecution and success in securing criminal convictions resulting in prison sentences against business owners and operators, tax advisors and others for employment tax fraud that most clearly demonstrates the Justice Department’s announced commitment to employment tax fraud enforcement has real teeth. Over the past year, the Justice Department as racked up an impressive and growing number of federal grand jury criminal tax fraud indictments, convictions and sentences, many of which include prison sentences ordered against business owners, operators, advisors and other individuals convicted of employment tax fraud. See e.g., North Carolina Office Manager Sentenced to Prison for Employment Tax Fraud; see also Recent Criminal Employment Enforcement News.

The criminal employment tax prosecution actions reported by the Justice Department during the just ended month of October 2019 are typical of this prosecutorial trend over the past year. Among others, during October the Justice Department Tax Division announced its employment tax enforcement efforts resulting in it securing separate federal grand jury criminal indictments against staffing business operators in New York and North Carolina.

October Criminal Employment Tax Indictments

On October 24, for instance, the Justice Department announced that a New York grand jury had issued criminal tax indictments against the owner/operator of a Long Island City, New York temporary employment staffing businesses including PTP Staffing Associates Inc. (PTP), and PPS Associates Inc. (PPS). The indictments charge that as the alleged sole owner of PTP and PPS, Heppenheimer was required to collect, account for, and pay to the IRS federal employment taxes withheld from the wages of PTP and PPS employees, but from 2013 through 2017, failed to report more than $270,000 in employment taxes to the IRS. If convicted, Heppenheimer faces a statutory maximum sentence of five years imprisonment for each count charged, plus substantial monetary penalties, supervised release, and restitution. Owner of New York City Temporary Staffing Firms Indicted for Employment Tax Fraud

Mere days later, the Justice Department also announced that a North Carolina federal grand jury had indicted Rebecca Adams and her daughter Elizabeth Wood with conspiring to defraud the United States government by withholding taxes from employees’ paychecks and failing to pay those taxes over to the Internal Revenue Service (IRS). See e.g., Owners of Greensboro Temporary Staffing Firms Indicted for Employment Tax Fraud. The indictment alleges Adams and Wood created Forms W-2 for the staffing business employees but failed to file these forms with the government as required. Instead of paying the taxes withheld from employees, the indictment alleges that Adams and Wood used the funds to pay for personal expenses, such as a personal maid, personal landscaping services, and pet spa services. The staffing business allegedly changed names twice, even though it did not otherwise change its actual business operations. Adams was also charged with tax evasion based on her allegedly evading payment of more than $400,000 in previously assessed employment taxes and penalties to the IRS. If convicted, both defendants face significant punishment. If convicted on these charges both Adam and Woods can expect their punishment will include prison time. Adams and Wood each face a statutory maximum sentence of five years in prison for each charge of conspiracy, employment tax fraud, and tax evasion, plus probation and monetary penalties.

October Criminal Employment Tax Convictions

Along with securing these new criminal tax indictments, the Justice Department also was successful in obtaining new criminal tax convictions against business owners in West Virginia and Florida for employment tax violations.

On October 21, two West Virginian business owners plead guilty today to conspiring to defraud the United States regarding their employment taxes and individual income taxes in a Federal District Court in West Virginia. According to court documents, Russell and Karen Rucker, a married couple, operated Rucker, Billups and Fowler Inc. (RBF), an insurance agency located in Huntington, West Virginia. Russell Rucker was the president of RBF and since approximately late 2013, Karen Rucker served as a financial officer. Between September 2015 and September 2018, the Ruckers withheld approximately $143,226 in payroll taxes from the wages of RBF’s employees, which they did not pay over to the IRS. Instead, the Justice Department charged the Ruckers diverted portions of the withheld funds for their own personal benefit. For instance, from 2014 through 2016 the Ruckers continued to pay themselves over $500,000 in salary. The Justice Department also charges that in response to IRS collection efforts in an attempt to conceal funds from the IRS, the Ruckers deposited money into the bank account of another individual, attempted to evade IRS levies by using a series of bank accounts that they did not disclose to the IRS, and by paying their mortgage and many other bills in cash. The Justice Department also claims the Ruckers also attempted to evade payment of $114,911 of Russell Rucker’s 2001, 2002, and 2005 individual income taxes by disguising paychecks issued to Russell Rucker as non-taxable “note proceeds and failed to file their individual income tax returns and RBF’s corporate returns for 2014 through 2017. The Justice Department valued the intended tax loss caused to the IRS by their conduct is more than $250,000. Currently awaiting sentencing scheduled on January 27, 2020, the Ruckers each face a statutory maximum sentence of five years in prison as well as monetary penalties, a period of supervised release, and restitution. See West Virginian Business Owners Plead Guilty to Failing to Pay Employment Taxes and Individual Income Taxes.

Less than a week later, the Justice Department achieved another prosecutorial success when Miami, Florida business owner Ricardo Betancourt plead guilty on October 29 to causing the multiple parcel delivery businesses he owned and operated in South Florida to fail to pay over employment taxes. According to the Justice Department, Betancourt’s multiple South Florida parcel delivery businesses earned gross revenues of more than $100 million and employed hundreds of employees. Betancourt as the owner and operator of these businesses was responsible for ensuring the businesses collected and paid over to the IRS the employment taxes withheld from employees’ paychecks. The Justice Department charged that Betancourt withheld payroll taxes from his employees, but deliberately failed to pay over those withholdings and other associated taxes to the IRS. The Justice Department claimed that in 2013 and 2014, Betancourt did not pay over approximately 97 percent of the federal employment taxes he withheld from his employees. In 2015 and 2016, Betancourt did not pay over any of the federal employment taxes he withheld from his employees. For the quarter ending December 2016, Betancourt admitted that he failed to truthfully account for and pay over payroll taxes of approximately $727,478. In his sentencing currently scheduled for February 12, 2020, Betancourt faces a statutory maximum sentence of five years in prison as well as a period of supervised release, restitution, and monetary penalties. See Miami Business Owner Pleads Guilty to Employment Tax Fraud.

October Criminal Employment Tax Prison Sentencings

The prison sentences imposed during October against individuals convicted of employment tax fraud also show business owners, operators and others criminally convicted on employment tax related tax evasion and tax fraud charges should expect to serve time in prison. Take the sentencing of Gail Cooper, who was sentenced for the employment tax crimes she committed as owner of a commercial and residential glass installation company, Greenville Architectural Glass (GAG). According to the Justice Department, as the owner of GAG responsible for GAG’s finances, Cooper was legally responsible for ensuring that GAG properly withheld and paid over to the IRS federal income, Social Security and Medicare taxes on the wages GAG paid to its employees during the years 2013 through 2015. Cooper was also required to file quarterly employment tax returns with the IRS. Although Cooper caused GAG to withhold taxes from employees’ wages, the Justice Department shared she neither filed the required quarterly returns for the first quarter of 2013 through the second quarter of 2015, nor paid the withheld amounts over to the IRS. Cooper also failed to pay over to the IRS unemployment taxes. In all, Cooper caused more than $280,000 in payroll taxes not to be paid. Furthermore, the Justice Department also charged Cooper filed false individual income tax returns for 2008, 2009, and 2010, on which she understated GAG’s gross receipts and overstated its expenses. Cooper caused GAG’s bookkeeper to manipulate and delete entries in the company’s accounting records. Specifically, she directed the bookkeeper to delete invoices from the software after GAG received payment from a client to make it appear as if GAG had not received the payment. Cooper also paid personal expenses with business funds, including utility bills for her residence and rental properties, and caused these to be classified as business expenses. After filing fraudulent returns for 2008-2010, Cooper did not file any individual income tax returns for the next several years. In total, the Justice Department charged Cooper’s conduct caused a tax loss of $587,516 to the United States. As punishment for these criminal convictions, U.S. District Judge Thomas M. Rose on October 29^th ordered Cooper to serve 14 months in prison, two years of supervised release and pay restitution to the IRS in the amount of $659,262.39. Ohio Glass Company Owner Sentenced to Prison For Not Paying Employment Taxes.

That same day, Justice Department Tax Division prosecutors also obtained a 24-month prison sentence against a Tulsa, Oklahoma computer software development company owner for his criminal conviction on failing to account for and pay over employment taxes withheld from his employees’ wages. According to documents and information provided to the Court, as the owner and operator of Tulsa-based Zealcon Corporation, Earnest J. Grayson Jr. was responsible for withholding, and paying over to the IRS payroll taxes on the wages paid to Zealcon employees. For the period January 2014 through June of 2016, Justice Department prosecutors showed Grayson caused a tax loss of approximately $1 million by intentionally not paying to the IRS income and social security taxes withheld from Zealcon employees’ wages and the employer portion of social security taxes due from Zealcon on those wages. As punishment for these crimes, Grayson was sentenced to serve a 24 month prison sentence, ordered to pay restitution to the IRS in the amount of $904,091, and to serve three years of supervised release. Owner of Tulsa Software Company Sentenced to Prison for Employment Tax Fraud.

Enforcement Activity Shows Greater Employment Tax Compliance Needed

With the Justice Department promising to continue to pursue ongoing enforcement effort, businesses, individuals with ownership or management authority over the collection and payment of employment taxes, and their tax, accounting, payroll, staffing and other service providers need to use care to avoid exposing themselves to liability when advising, assisting or dealing with a business engaged in aggressively classifying workers as contractors rather than employees, or otherwise failing to properly track, account for, report and pay over income tax and employment taxes properly.

When evaluate these potential risks, businesses and business leaders responsible for income and employment tax withholding, reporting and payment and those negotiating, reviewing or engaging in transactions with them should be particularly careful when participating in arrangements that the IRS might consider employment tax fraud schemes such as:

“Pyramiding” of employment taxes, which the IRS views as a fraudulent practice where a business withholds taxes from its employees but intentionally fails to remit them to the IRS. Businesses involved in pyramiding frequently file for bankruptcy to discharge the liabilities accrued and then start a new business under a different name and begin a new scheme.
Abusive employee leasing arrangements where the business contracts with outside businesses to handle all administrative, personnel, and payroll concerns for employees where the leasing entity fails to properly report wages and withhold and payover income or employment taxes to the IRS. The IRS and other agencies often pursue tax collection and other enforcement actions against businesses that have used leasing or other staffing businesses when the leasing or staffing company fails to properly report, withhold or pay over income and employment taxes to the IRS.
Paying workers in whole or partially, in cash without properly accounting for, withholding and paying income or employment taxes due on a worker’s wages where the facts and circumstances indicated the worker qualified as a common law employee of the business; or
Filing false payroll tax returns understating the amount of wages on which taxes are owed, or failing to file employment tax returns to evade employment or other taxes.

When evaluating the adequacy of employment tax compliance, proper worker classification is a critical starting point. Business owners, operators and others in the scope of employment tax liability risk should scrutinize the defensibility of how a business classifies those performing services or other work as employees versus independent contractors, employees or contractors of another business or in some other status and document the evidence supporting these characterization and other compliance efforts.

When performing these activities, business owners and operators are encouraged to resist the urge to assume that they can rely upon the contractual or labels of workers as contractors or employed by a staffing, leasing or other service provider to avoid characterization and resulting liability for employment and income tax obligations as the employer of workers. Under the Code the defensibility of these characterizations of workers generally is determined based on whether the facts and circumstances reflect that the business in operation possessed the requisite control to qualify as a common law employer with little or no deference to how the parties have labeled the arrangement or the historical duration of the practices within the organization or its respective industry. Rather, the analysis must focus on evaluating these and other potentially suspect arrangements to realistically assess the likelihood that the IRS or Justice Department could challenge the business’ employment tax practices as willful or other violations of the Code’s employment tax requirements. Wise individuals and businesses operating or dealing with businesses involved in arrangements or practices identified as potentially suspect by the IRS and Justice Department also should pursue contractual, audit and other operational safeguards to document their efforts to require, enforce and monitor compliance and to capture and retain records and other evidence that would be helpful to defend the business’ or their own action in the event the IRS or Justice Department audits or initiates enforcement action with respect to the arrangements in the future.

Tax preparers, tax and other attorneys, accountants and others that participating in operations, preparation of returns, transactions or other activities also should be sensitive to special ethical and legal requirements and standards that can attach to advice or involvement in operations, transactions or providing advice or representation potentially involving practices that might raise employment tax fraud or other employment tax withholding and payment, wage reporting, or related employment tax concerns might arise. See, e.g., IRS Circular 230. Along side of the Justice Department’s civil and criminal employment tax enforcement, tax practitioners, tax preparers, and other third parties expose themselves to discipline for failing to properly report, pay and file employment tax or other returns or other violations of professional standards of tax practice when giving advice or other engaging in other activities adhere to professional standards and follow the law.

Additionally, tax and other professionals are reminded that tax return preparer fraud is one of the IRS’ Dirty Dozen Tax Scams. In the past decade, the Tax Division has obtained injunctions against hundreds of unscrupulous tax preparers. Information about these cases is available on the Justice Department website.

Leaders, legal and other advisors, and service providers of businesses involved in these arrangements generally should use care to critically evaluate these should react to the growing enforcement risks and acting to mitigate their own and their organization’s potential exposure to criminal or civil tax or other enforcement. These efforts should start by assessing realistically the likely defensibility of their arrangements and risks of liabily from their own or other associated businesses employment tax or worker classification practices in the event of a challenge based on a realistic assessment of the real acts and circumstances within the scope of attorney-client priviledge as well as seek contractual, audit and other operational safeguards to require and document compliance and to capture and retain records and other evidence that the business might need to defend itself against a future audit or enforcement action associated with these suspect arrangements.

Businesses leaders, advisors and service providers also should keep in mind that aggressive worker classification and employment tax practices generally also extend to a business’ other relationships with workers and service providers such as minimum wage, over time, recordkeeping and other wage and hour; I-9 eligibility to work verification, occupational heath and safety, workers’ compensation, employment discrimination and other worker associated legal obligations also currently subject to heavy worker misclassification and other enforcement. As a consequence, businesses, legal counsel, accounting and other service providers should recognize the need for a holistic review and assessment of risk and planning to manage these risks, as well as the need to use care to safeguard attorney-client privilege and avoid unprotected discussion of sensitive facts and analysis outside the scope of attorney-client privilege with other parties without prior approval of their legal counsel.

For More Information

We hope this update is helpful. For more information about worker classification and employment tax compliance and enforcement or other labor and employment developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.

About the Author

Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine.

Author of numerous highly regarding publications on worker classification and other employment, payroll, and employee benefit tax compliance publications, Ms. Stamer’s clients include employers and other workforce management organizations; employer, union, association, government and other insured and self-insured health and other employee benefit plan sponsors, benefit plans, fiduciaries, administrators, and other plan vendors; domestic and international public and private health care, education and other community service and care organizations; managed care organizations; insurers, third-party administrative services organizations and other payer organizations; and other private and government organizations and their management leaders. As part of this work, she has worked extensively on employee benefit communication and other employee benefit plan legislative and regulatory policy, design, compliance and enforcement including testifying to the EBSA Advisory Council on Employee Welfare and Pension Benefit Plans in on the effectiveness of employee benefit plan disclosures during 2017 hearings on on reducing the burdens and increasing the effectiveness of ERISA mandated disclosures.

For more information about Ms. Stamer or herexperience and involvements, see here or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources here.

Comments Off on Business Leaders Serve Jail Time For Employment Tax Crimes | board of directors, compliance, Corporate Compliance, directors, Education, Educational Privacy, employee, Employee Benefits, Employer, Employers, Employment, Employment Agreement, Employment Policies, Employment Tax, ERISA, Excise Tax, FICA, Income Tax, Labor Management Relations, Management, NLRA, Payroll Tax, Reporting & Disclosure, Retirement Plans, Risk Management, Tax, Tax Fraud, Uncategorized, Unfair Labor Practice, Union, Union elections, Worker Classification | Tagged: Collective Bargaining, Education, Employees, higher education, NLRA, NLRB, student worker organization, Union, Worker Classification | Permalink
Posted by Cynthia Marcotte Stamer

New $2.15M OCR Penalty Shows Health Plans Risks Of HIPAA Violations

October 23, 2019

Health plans and insurers and their service providers should heed as a warning of the potential perils they could face for violating the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security and Breach Notification Rules the just-announced $2.15 million plus civil monetary penalty that Jackson Health System (JHS) paid the Department of Health & Human Services Office of Civil Rights (OCR).

While the HIPAA-covered entity that paid the $2,154,000 civil monetary penalty, JHS, is a Florida-based nonprofit academic medical system, rather than a health plan, the $1,500,000 HIPAA resolution payment OCR previously collected from Blue Cross Blue Shield of Tennessee (BCBST) in 2012 for its breaches of HIPAA make clear that health plans and insurers risk similar penalties for HIPAA violations. Consequently, health plans, health insurers and other health care providers and their business associates should construe the JHS civil monetary penalty as evidence of the need to re-verify and remain constantly vigilant about maintaining compliance with HIPAA’s privacy, security and breach notification rules currently and on an ongoing basis.

JHS HIPAA Breaches Found By OCR

The $2.1 million plus payment was required to satisfy a civil monetary penalty assessment OCR imposed in a Notice of Proposed Determination and Notice of Final Determination made public by OCR on October 23, 2019 in response to findings from a series of investigations of HIPAA breach and compliance concerns raised between 2013 and 2016 raised by various HIPAA-mandated breach reports and media reports that raised concerns about improper access disclosure and use of patient PHI between 2013 and 2016. When JHS did not challenge the findings or determination became final. OCR reports JHS has paid the specified $2.154,000 civil monetary penalty.

JHS operates six major hospitals, a network of urgent care centers, multiple primary care and specialty care centers, long-term care nursing facilities, and corrections health services clinics, provides health services to approximately 650,000 patients annually, and employs about 12,000 individuals.

On August 22, 2013, JHS submitted a breach report to OCR stating that its Health Information Management Department lost paper records containing the protected health information (PHI) of 756 patients in January 2013. JHS’s internal investigation determined that an additional three boxes of patient records also were lost in December 2012; however, JHS did not report the additional loss or the increased number of individuals affected to 1,436, until June 7, 2016.

In July 2015, OCR initiated an investigation following a media report that disclosed the PHI of a JHS patient. A reporter had shared a photograph of a JHS operating room screen containing the patient’s medical information on social media. JHS subsequently determined that two employees had accessed this patient’s electronic medical record without a job-related purpose.

On February 19, 2016, JHS submitted a breach report to OCR reporting that an employee had been selling patient PHI. The employee had accessed inappropriately over 24,000 patients’ records since 2011.

According to OCR Director Roger Severino, “OCR’s investigation revealed a HIPAA compliance program that had been in disarray for a number of years. …This hospital system’s compliance program failed to detect and stop an employee who stole and sold thousands of patient records; lost patient files without notifying OCR as required by law; and failed to properly secure PHI that was leaked to the media.”

These and other findings led to the OCR determination in the Notice of Proposed Determination and Notice of Final Determination that JHS failed to provide timely and accurate breach notification to the Secretary of HHS, conduct enterprise-wide risk analyses, manage identified risks to a reasonable and appropriate level, regularly review information system activity records, and restrict authorization of its workforce members’ access to patient ePHI to the minimum necessary to accomplish their job duties. OCR assessed the $2.1 million civil monetary penalty based on these determinations.

The JHS civil monetary penalty is The latest in a growing series of OCR enforcement and regulatory actions that drive home the perils HIPAA-covered health care providers, health plans and insurers, healthcare clearinghouses and business associates risk by failing to responsibly and effectively manage their HIPAA compliance including the one against mega-health plan and business associate, BCBST, that resulted in its payment of a $1,500,000 resolution payment. For details of the BCBS Resolution Agreement and Settlement payment, see here.

OCR enforcement data documents a steady rise in OCR investigation and enforcement activity. OCR set all-time records for HIPAA Enforcement in 2018. Heavy enforcement activity has continued in 2019. Before its October 23, 2019 announcement of the JHS civil monetary penalties, OCR already had announced:

A $10,000 resolution agreement with a dental practice for improperly disclosing patient PHI on social media at the beginning of October;
Its first HIPAA right of access resolution agreement against a health care provider for violating HIPAA’s right of access rules on September 9, 2019 as part of its recently announced HIPAA access rule enforcement initiative;
A $100,000 resolution payment from an Indiana Medical Records Service resulting from a breach of electronic protected health information at a business associate;
The collection of a $3 million resolution payment collected from a Tennessee diagnostic medical imaging services company to settle HIPAA civil monetary penalty exposures arising from a breach that exposed the protected health information of more than 300,000 patients; and
A multitude of other audits and enforcement activities resolved through corrective action without collection of any resolution payment or civil monetary penalties.

Given these and other previously announced enforcement initiatives and actions, all HIPAA covered entities and their business associates are urged to maintain hypervigilance about their own HIPAA compliance with long standing as well as emerging HIPAA requirements taking into account old, recent, and emerging guidance and enforcement activities of OCR. Of course health plans and other covered entities also need to additionally weigh their exposure under various other state and federal law likely to arise from such breaches and the investigation, mitigation and public and customer trust consequences that almost always accompany and frequently exceed the actual HIPAA liability imposed. Considered together, these and other consequences of HIPAA vioations or other sloppy dealings with protected health inforamtion or ther sensitive health care or financial information make a clear case for investing appropriately in HIPAA and related compliance.

For More Information

About the Author

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources here.

1 Comment | Association Health Plan, Education, Educational Privacy, employee, Employee Benefits, Employer, Employers, ERISA, health benefit, Health Benefits, health Care, health insurance, health insurance marketplace, Health IT, health plan, Health Plans, HIPAA, HIPAA, Labor Management Relations, NLRA, Protected Health Information, Reporting & Disclosure, Retirement Plans, Uncategorized, Unfair Labor Practice, Union, Union certification, Union elections, Worker Classification | Tagged: Data Breach, Health Plan, HIPAA, Jackson Health System, Medical Privacy, OCR, Office of Civil Rights, PHI, Protected Health Information | Permalink
Posted by Cynthia Marcotte Stamer

Proposed NLRB Employee Definition To Exclude College Study Workers

October 23, 2019

Monday, December 16, 2019 is the new comment deadline for providing feedback to the National Labor Relations Board (NLRB) ion a proposed rule that would exempt undergraduate and graduate students performing services for financial compensation in connection with their studies from the NLRB’s definition of “employee” for purposes of the National Labor Relations Act (NLRA) and other collective bargaining and union organizing and representation laws under the NLRB’s jurisdiction. The extended comment deadline was announced here October 17, 2019.

The NLRB says this proposed rulemaking “is intended to bring stability to an area of federal labor law in which the NLRB, through adjudication, has reversed its approach three times since 2000. The NLRB has stated this proposed standard on the exclusion of students from the NLRA definition of employee is consistent with the purposes and policies of the NLRA, which contemplates jurisdiction over economic relationships, not those that are primarily educational in nature.

The proposed regulation is one of several regulatory projects that the now Trump-appointee dominated NLRB has undertaken in the past year in its effort to undue a host of pro-labor changes to NLRB policy changes initiated and enforced during the Obama Administration when President Obama appointees dominated the NLRB and its policies. Another example of these regulatory efforts include the NLRB’s current efforts to reverse a change in interpretation and enforcement of the “joint employer” rules of the NLRA and Fair Labor Standards Act that substantially expanded the imputation of liability for collective bargaining and other labor-management and wage and hour law violations by treating companies as joint employers that received the benefit of work performed even when the recipient company did not control the details of the work or the nominal employer. Employers generally will want to carefully monitor and provide appropriate input on these and other developments.

For More Information

About the Author

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources here.

Comments Off on Proposed NLRB Employee Definition To Exclude College Study Workers | Education, Educational Privacy, employee, Employee Benefits, Employer, Employers, ERISA, Labor Management Relations, Labor Management Relations, NLRA, Reporting & Disclosure, Retirement Plans, Uncategorized, Unfair Labor Practice, Union, Union, Union certification, Union elections, Worker Classification | Tagged: Collective Bargaining, Education, Employees, higher education, NLRA, NLRB, student worker organization, Union, Worker Classification | Permalink
Posted by Cynthia Marcotte Stamer

Identity Theft Scan Targets Employee Tax Records

December 7, 2018

The Internal Revenue Service is warning human resources and other business leaders about a growing wave of identity theft and W-2 scams targeting sensitive tax data employers collect on their employees. The warning highlights one of the many growing data breach exposures businesses must manage as identity thieves become ever more sophisticated.

Such data like Form W-2 data – is highly valued by identity thieves. While identity thieves use a variety of tactics to steal this information including hacking into the IRS’ own systems, the IRS this week is warning about one scheme that the IRS says has become one of the more dangerous email scams.

All employers are targets for the W-2 scam, according to the IRS.

Here’s how it works:

These emails appear to be from an executive or organization leader to a payroll or human resources employee.
The message usually starts with a simple greeting, like: “Hey, you in today?”
By the end of the email exchange, all of an organization’s Forms W-2 for their employees may be in the hands of cybercriminals.
Because payroll officials believe they are corresponding with an executive, it may take weeks for someone to realize a data theft has occurred.
Generally, the criminals are trying to quickly take advantage of their theft, sometimes filing fraudulent tax returns a day or two.

The IRS warns this scam is such a threat to taxpayers that a special IRS reporting process has been established. The IRS says employers victimized should:

Email dataloss@irs.gov to notify the IRS of a W-2 data loss and provide contact information. In the subject line, type “W2 Data Loss” so that the email can be routed properly. The business should not attach any employee personally identifiable information data.
Email the Federation of Tax Administrators at StateAlert@taxadmin.org to get information on how to report victim information to the states.
File a complaint with the FBI’s Internet Crime Complaint Center. Businesses and payroll service providers may be asked to file a report with their local law enforcement agency.
Notify employees. The employee may then take steps to protect themselves from identity theft. The Federal Trade Commission’s www.identitytheft.govprovides guidance on general steps employees should take.
Forward the scam email to phishing@irs.gov.

The IRS also recommends the following resources:

Taxes. Security. Together.

Publication 4524

Protect Your Clients; Protect Yourself

Tax Security 101

The IRS alert reminds businesses again about the growing challenges they face guarding sensitive tax, health and other employee benefit plan and other data about employees, customers, business partners and others. Aside from the disruptions businesses incur to organizations and relationships with employees, customers, business partners or others and often tremendous costs of investigation and mitigation, breaches also commonly trigger substantial legal liability under a myriad of federal and state laws and regulations, contracts, and common law tort claims. Businesses generally and Human Resources, tax and other systems and operations should take well documented steps to prevent and prepare for a potential breach.

About the Author

Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving and author of “What To Do When Your Employee’s Personal Life Becomes Your Business@ and a multitude of other highly regarded works on data protection and breach, her work includes career-long, leading edge involvement counseling and representing human resources, employee benefit, insurance and financial, tax, healthcare and other businesses about data and other sensitive information privacy and breach.

Ms. Stamer’s clients include employers and other workforce management organizations; employer, union, association, government and other insured and self-insured health and other employee benefit plan sponsors, benefit plans, fiduciaries, administrators, and other plan vendors; domestic and international public and private health care, education and other community service and care organizations; managed care organizations; insurers, third-party administrative services organizations and other payer organizations; and other private and government organizations and their management leaders.

Throughout her 30 plus year career, Ms. Stamer has continuously worked with these and other management clients to design, implement, document, administer and defend hiring, performance management, compensation, promotion, demotion, discipline, reduction in force and other workforce, employee benefit, insurance and risk management, health and safety, and other programs, products and solutions, and practices; establish and administer compliance and risk management policies; comply with requirements, investigate and respond to government, accreditation and quality organizations, regulatory and contractual audits, private litigation and other federal and state reviews, investigations and enforcement actions; evaluate and influence legislative and regulatory reforms and other regulatory and public policy advocacy; prepare and present training and discipline; handle workforce and related change management associated with mergers, acquisitions, reductions in force, re-engineering, and other change management; and a host of other workforce related concerns. Ms. Stamer’s experience in these matters includes supporting these organizations and their leaders on both a real-time, “on demand” basis with crisis preparedness, intervention and response as well as consulting and representing clients on ongoing compliance and risk management; plan and program design; vendor and employee credentialing, selection, contracting, performance management and other dealings; strategic planning; policy, program, product and services development and innovation; mergers, acquisitions, bankruptcy and other crisis and change management; management, and other opportunities and challenges arising in the course of workforce and other operations management to improve performance while managing workforce, compensation and benefits and other legal and operational liability and performance.

Past Chair of the ABA Managed Care & Insurance Interest Group and, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, heavily involved in health benefit, health care, health, financial and other information technology, data and related process and systems development, policy and operations throughout her career, and scribe of the ABA JCEB annual Office of Civil Rights agency meeting, Ms. Stamer also is widely recognized for her extensive work and leadership on leading edge health care and benefit policy and operational issues. She regularly helps employer and other health benefit plan sponsors and vendors, health industry, insurers, health IT, life sciences and other health and insurance industry clients design, document and enforce plans, practices, policies, systems and solutions; manage regulatory, contractual and other legal and operational compliance; vendors and suppliers; deal with Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA, state insurance law and other private payer rules and requirements; contracting; licensing; terms of participation; medical billing, reimbursement, claims administration and coordination, and other provider-payer relations; reporting and disclosure, government investigations and enforcement, privacy and data security; and other compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; HIPAA administrative simplification, meaningful use, EMR, HIPAA and other technology, data security and breach and other health IT and data; STARK, antikickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA, HEDIS and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; 1557 and other Civil Rights; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources here such as the following:

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advise or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The presenter and the program sponsor disclaim, and have no responsibility to provide any update or otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

©2018 Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions Law Press, Inc.™ For information about republication or the topic of this article, please contact the author directly. All other rights reserved.

Comments Off on Identity Theft Scan Targets Employee Tax Records | ADA, Attorney-Client Privilege, Civil Rights, Claims Administration, Consumer Protection, Corporate Compliance, corporate governance, Cybercrime, Data Breach, Data Security, defined benefit plan, defined contribution plan, directors, Disability, Disability Plans, Discrimination, Educational Privacy, Employee Benefits, Employer, Employers, Employment, Employment Policies, Employment Tax, ERISA, fiduciary duty, Fiduciary Responsibility, Government Contractors, Identity Theft, Insurance, insurers, Non-Compete, Non-compete, Non-Competition Agreement, Protected Health Information, Retail, Tax, third party administrators, Trade secret, Uncategorized | Permalink
Posted by Cynthia Marcotte Stamer

Dealing With HR, Benefits & Other Headaches From Equifax and Other Data Breach

October 6, 2017

As businesses continue to struggle to comply with the growing plethora of federal and state laws mandating data security, the identity theft and cyber security epidemic keeps growing.

As human resources and other business leaders work to guard their own data and respond to employee demands for assistance in responding to breaches of their personal financial and other data, this weeks’ announcement that embattled credit monitoring giant Equifax has been awarded the exclusive contract to provide taxpayer identification and fraud prevention services to the Internal Revenue Service has many questioning whether these investments are futile.

The IRS’ announcement comes despite the September 7, 2017 announcement by Equifax of a data breach of its records impacting sensitive personal information of millions of consumers including:

The names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers of an estimated 143 million U.S. consumers;
Credit card numbers for approximately 209,000 U.S. consumers,
Certain dispute documents with personal identifying information for approximately 182,000 U.S. consumers,and
Personal information for certain U.K. and Canadian consumers.

The huge breach already was creating many headaches for many businesses and their human resources departments before the IRS announced the award of the contract to Equifax. Due to the massive size of the breach, mist companies have been required to respond to concerns of workers impacted directly by the breach as well as requests of employees and identity theft protection companies that the business consider offering cybersecurity protection for employees or customers.

Beyond helping their workforce understand and cope with the news, many businesses and employee benefit plans also face the added headache of needing to investigate and respond to concerns about their own potential responsibilities to provide breach notification or take other actions. This added headache arises due to their or their plans’ use of Equifax or vendors utilizing Equifax to run employee or vendor background checks or carry out internal employee or employee benefit plan, customer or other business activities. These involvements often give rise to duties to conduct investigations and potentially provide notification or other responses to employees, applicants, benefit plan members, contractors or customers whose data may have been impacted under the Fair and Accurate Credit Transactions Act (FACTA), the Health Insurance Portability and Accountability Act (HIPAA), the Employee Retirement Income Security Act (ERISA) Fiduciary Responsibility rules or various other federal and state laws and regulations, vendor contracts or their own data privacy or security policies.

When notification is recommended or required, human resources and other business leaders also have to consider if modifications should be considered to standard protocols recommended to data breach victims. Notification and registration as an identity theft victim with Equifax long has been a standard part of the federal and state government recommended protocol for recommended to consumers impacted by identity theft or other data breaches. See,e.g., IRS Taxpayer Guide To Identity Theft. Although government agencies as of yet have not changed this recommendation to remove Equifax reporting, many consumers and others view reporting to Equifax as akin to the fox watching the hen house. Consequently, employers and other parties helping consumers respond to the breach often receive push back or questions from consumers about the appropriateness and security reporting to Equifax in light of its breach.

Beyond evaluating and handling their own legal responsibilities to investigate and deal with any breach impacting their data, employers and other business leaders also likely are or should consider what claims against Equifax, other vendors and business partners involved with Equifax and their own liability insurers are available and warranted to help cover the costs and potential liabilities for the business arising from the breach and it’s fall out.

As employers and other businesses work through these issues, They should keep in mind that the fallout is likely to continue for years and be further complicated by past and subsequent breaches impacting other governmental and private organizations. Human resources, employee benefits and other businesses and their leaders can expect to experience challenges dealing with fraudulent uses of misappropriated information as well as demands that they tighten up their background check, data security and usage and other practices and documentation to mitigate risks from the compromised data.

Human resources, employee benefits and other business leaders need to secure the assistance of counsel experienced in guiding their organizations through these and other challenges.

About The Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: Erisa & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for management work, coaching, teachings, and publications.

Ms. Stamer works with businesses and their management, employee benefit plans, governments and other organizations deal with all aspects of human resources and workforce, internal controls and regulatory compliance, change management and other performance and operations management and compliance. Her day-to-day work encompasses both labor and employment issues, as well as independent contractor, outsourcing, employee leasing, management services and other nontraditional service relationships. She supports her clients both on a real-time, “on demand” basis and with longer term basis to deal with all aspects for workforce and human resources management, including, recruitment, hiring, firing, compensation and benefits, promotion, discipline, compliance, trade secret and confidentiality, noncompetition, privacy and data security, safety, daily performance and operations management, emerging crises, strategic planning, process improvement and change management, investigations, defending litigation, audits, investigations or other enforcement challenges, government affairs and public policy.

Well-known for her extensive work with health, insurance, financial services, technology, energy, manufacturing, retail, hospitality, governmental and other highly regulated employers, her nearly 30 years’ of experience encompasses domestic and international businesses of all types and sizes. Author of numerous works on privacy and data security, Ms. Stamer‘s experience includes involvement in cyber security and other data privacy and security matters for more than 20 years.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other concerns by her service as a management consultant, business coach and consultant and policy strategist as well through her leadership participation in professional and civic organizations such her involvement as the Vice Chair of the North Texas Healthcare Compliance Association; Executive Director of the Coalition on Responsible Health Policy and its PROJECT COPE: Coalition on Patient Empowerment; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children; former Gulf Coast TEGE Council Exempt Organization Coordinator; a founding Board Member and past President of the Alliance for Healthcare Excellence; former board member and Vice President of the Managed Care Association; past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; a member and policy adviser to the National Physicians’ Council for Healthcare Policy; current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee; current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section; Past Chair of the ABA Health Law Section Managed Care & Insurance Section; ABA Real Property Probate and Trust (RPTE) Section former Employee Benefits Group Chair, immediate past RPTE Representative to ABA Joint Committee on Employee Benefits Council Representative, and Defined Contribution Committee Co-Chair, past Welfare Benefit Committee Chair and current Employee Benefits Group Fiduciary Responsibility Committee Co-Chair, Substantive and Group Committee member, Membership Committee member and RPTE Representative to the ABA Health Law Coordinating Council; past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee; a former member of the Board of Directors, Treasurer, Member and Continuing Education Chair of the Southwest Benefits Association and others.

Ms. Stamer also is a widely published author, highly popular lecturer, and serial symposia chair, who publishes and speaks extensively on human resources, labor and employment, employee benefits, compensation, occupational safety and health, and other leadership, performance, regulatory and operational risk management, public policy and community service concerns for the American Bar Association, ALI-ABA, American Health Lawyers, Society of Human Resources Professionals, the Southwest Benefits Association, the Society of Employee Benefits Administrators, the American Law Institute, Lexis-Nexis, Atlantic Information Services, The Bureau of National Affairs (BNA), InsuranceThoughtLeaders.com, Benefits Magazine, Employee Benefit News, Texas CEO Magazine, HealthLeaders, the HCCA, ISSA, HIMSS, Modern Healthcare, Managed Healthcare, Institute of Internal Auditors, Society of CPAs, Business Insurance, Employee Benefits News, World At Work, Benefits Magazine, the Wall Street Journal, the Dallas Morning News, the Dallas Business Journal, the Houston Business Journal, and many other symposia and publications. She also has served as an Editorial Advisory Board Member for human resources, employee benefit and other management focused publications of BNA, HR.com, Employee Benefit News, InsuranceThoughtLeadership.com and many other prominent publications and speaks and conducts training for a broad range of professional organizations and for clients on the Advisory Boards of InsuranceThoughtLeadership.com, HR.com, Employee Benefit News, and many other publications.

Want to know more? See here for details about the author of this update, attorney Cynthia Marcotte Stamer, e-mail her here or telephone Ms. Stamer at (469) 767-8872.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources at SolutionsLawPress.com such as the following:

▪RAISE Act Immigration Reforms Touted As “Giving Americans A Raise”

▪Health Clinic At Houston Convention Center, Other HHS Help For Hurricane Harvey Victims

▪IRS Updates Amounts Used To Calculate 2017 Obamacare Individual Individual Shares Responsibility Tax Penalties

▪DB Plan Sponsors Check Out New Bifurcated Distribution Model Amendmentsy

▪U.S. News Names 2017-2018 “Best” Hospitals; Patient Usefulness Starts With Metholodogy Understanding

▪Use Lessons Of Past Mistakes or Injustice To Build Better Future

▪Prepare For Turnover, Other Challenges From Rising Workforce Competition

▪Employers, Health Plans Should Brace For Tightened Federal Mental Health Coverage Mandate Disclosure And Enforcement

▪Withholding Calculator Tool Helps Workers Figure Withholding

▪Better Preparing U.S. Workers To Fill Your Jobs

▪SCOTUS Ruling Bars Many State Arbitration Agreement Restrictions

▪$2.4M HIPAA Settlement Message Warns Health Plans & Providers Against Sharing Medical Info With Media, Others

If you or someone else you know would like to receive future updates about developments on these and other concerns, please provide your current contact information and preferences including your preferred e-mail by creating or updating your profile here.

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The presenter and the program sponsor disclaim, and have no responsibility to provide any update or otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

©2017 Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions Law Press, Inc.™ For information about republication, please contact the author directly. All other rights reserved.

Comments Off on Dealing With HR, Benefits & Other Headaches From Equifax and Other Data Breach | Banking, board of directors, Brokers, Civil Monetary Penalties, Claims, Claims Administration, compliance, conflict of interest, Consumer Protection, Corporate Compliance, corporate governance, Cybercrime, Data Breach, Data Security, defined benefit plan, Defined Benefit Plans, defined contribution plan, Defined Contribution Plans, directors, E-Verify, EBSA, Educational Privacy, employee, Employee Benefits, Employer, Employers, Employment, Employment Policies, Employment Tax, ERISA, ESOP, Excise Tax, FACTA, Fair Credit Reporting Act, FICA, fiduciary duty, Fiduciary Responsibility, Financial Security, Form 5500, GINA, Government Contractors, health benefit, Health Benefits, health Care, health insurance, health plan, Health Plans, HIPAA, Hiring, HR, Human Resources, I-9, Identity Theft, Income Tax, Insurance, insurers, Internal Controls, Internal Investigations, Internal Revenue Code, Internet, IRC, Labor Management Relations, Leadership, Management, Managment, Patient Empowerment, Payroll Tax, pension plan, Physician, Plan Admistrator, Privacy, Professional Liability, Protected Health Information, Provider, Reporting & Disclosure, retirement plan, Retirement Plans, Retirements, Risk Management, Security, Tax, Tax Credit, Tax Qualification, Technology, third party administrators, visas, Workforce | Tagged: ADA, Corporate Compliance, Data Breach, Employee Benefits, Employer, Employers, employment law, Equifax, ERISA, Health Care, Health Insurance, HIPAA, Human Resources, Insurance, Insurer, Labor Department, Privacy, Retirement Plans, Risk Management, Tax, Technology, wage and hour, Worker Classification | Permalink
Posted by Cynthia Marcotte Stamer

Stamer To Moderate, Talk Medical CyberSecurity At 5/19 ISSA-LA IT Security Meedical Privacy Forum

May 12, 2017

Solutions Law Press, Inc. editor and attorney Cynthia Marcotte Stamer will speak and moderate two key panel programs on health care privacy and data security scheduled at the Healthcare Privacy & Security Form hosted on May 19, 2017 by the Information Security Systems Association of Los Angeles County (ISSA-LA) as a component of its 9th Annual ISSA-LA Information Security Summit. The presentations of Ms. Stamer and others at the conference are particularly timely coming on the heels of the May 12 Cyber alerts to U.S. health industry and other businesses about the urgent need to defend against the spread of an epidemic international malware threat targeting U.S. healthcare and other businesses. See Urgent WannaCry Ransomware Cyber Warning Issued; Alert: Guard Health E-Mail, Other IT Against WannaCry Malware Attack.

The Medical Privacy & Security Summit is part of the 9th Annual ISSA-LA Information Security Summit scheduled for May 18-19, 2017 at the Universal City Hilton in Los Angeles. Recognized as a premier information security education and networking event, the Summit is expected to bring together 1000 or more health industry and other IT and InfoSec executives, leaders, analysts, and practitioners to learn from the experts, exchange ideas with their peers, and enjoy conversations with the community.

The Healthcare Privacy & Security Forum offered for the 5^th year as a component of the annual Summit on May 19 specifically focuses on leading challenges, issues and opportunities confronted by health industry privacy and security professionals and their organizations. Ms. Stamer has served on the steering committee, moderator and popular faculty member for the 2017 Forum for the 5^th consecutive year. During the 2017 Forum, she will moderate and speak on two panels:

“Finding & Negotiating The Mine Fields: CISO, CIO & Privacy Officer’s Playbook for Promoting Compliance & Security Without Getting Fired,” a luncheon interactive panel discussion with the audience exploring the challenging mission CISOs, CIOs and Privacy Officers face to ensure their healthcare, financial and other critical information, data and systems continue to support the patient care and operating functions of their organizations, while at the same time defending these systems, operations and their sensitive, but mission critical data against malicious or innocent misappropriation, use, access or destruction; and
The closing panel on “What Initiatives Are on the Horizon in Healthcare, and How Can We Secure Them?”, which will explore likely future emerging privacy and security threats and technologies, regulatory challenges and enforcement, and other trends that Privacy and Security professionals are likely to face and tips and strategies for preparing to leverage these likely new opportunities and manage new challenges.

Register or get the full schedule of programs and other events scheduled at the Healthcare Privacy & Security Forum specifically along with the overall Information Security Summit here.

About Ms. Stamer

Cynthia Marcotte Stamer is a Martindale-Hubble “AV-Preeminent (Top 1%) rated practicing attorney and management consultant, health industry public policy advocate, widely published author and lecturer, recognized for her nearly 30 years’ of work on health industry and other privacy and data security and other health care, health benefit, health policy and regulatory affairs and other health industry legal and operational as a LexisNexis® Martindale-Hubbell® “LEGAL LEADER™ and “Top Rated Lawyer,” in Health Care Law and Labor and Employment Law; a D Magazine “Best Lawyers In Dallas” in the fields of “Health Care,” “Labor & Employment,” “Tax: Erisa & Employee Benefits” and “Business and Commercial Law,” a Fellow in the American Bar Foundation, the Texas Bar Foundation and the American College of Employee Benefit Counsel.

Scribe for ABA JCEB annual agency meeting with OCR for many years, Ms. Stamer is well-known for her extensive work and leadership throughout her career on HIPAA, FACTA, PCI, IRC and other tax, Social Security, GLB, trade secret, physician and other medical confidentiality and privacy, federal and state data security and data breach and other information privacy and data security rules and concerns. Ms. Stamer has worked extensively throughout her career with health care providers, health plans, health care clearinghouses, their business associates, employers and other plan sponsors, banks, insurers and other financial institutions, and others on trade secret confidentiality, privacy, data security and other risk management and compliance including design, establishment, documentation, implementation, audit and enforcement of policies, procedures, systems and safeguards, drafting and negotiation of business associate, chain of custody, confidentiality, and other contracting; risk assessments, audits and other risk prevention and mitigation; investigation, reporting, mitigation and resolution of known or suspected breaches, violations or other incidents; and defending investigations or other actions by plaintiffs, OCR, FTC, state attorneys’ general and other federal or state agencies, other business partners, patients and others; reporting known or suspected violations; commenting or obtaining other clarification of guidance and other regulatory affairs, training and enforcement, and a host of other related concerns.

Her clients include public and private health care providers, health insurers, health plans, employers, payroll, staffing, recruitment, insurance and financial services, health and other technology and other vendors, and others.

Author of a multitude of highly-regarded works and training programs on HIPAA and other data security, privacy and use published by BNA, the ABA and other premier legal industry publishers In addition to representing and advising these organizations, she also speaks extensively and conducts training on health care and other privacy and data security and many other matters Privacy & The Pandemic for the Association of State & Territorial Health Plans, as well as HIPAA, FACTA, PCI, medical confidentiality, insurance confidentiality and other privacy and data security compliance and risk management for Los Angeles County Health Department, ISSA, HIMMS, the ABA, SHRM, schools, medical societies, government and private health care and health plan organizations, their business associates, trade associations and others.

Beyond these involvements, Ms. Stamer also is active in the leadership of a broad range of other professional and civic organizations. Through these and other involvements, she helps develop and build solutions, build consensus, garner funding and other resources, manage compliance and other operations, and take other actions to identify promote tangible improvements in health care and other policy and operational areas.

For additional information about Ms. Stamer, see here or contact Ms. Stamer directly by e-mail here or by telephone at (469) 767-8872. ©2017 Cynthia Marcotte Stamer. Limited, non-exclusive right to republish granted to Solutions Law Press, Inc. All other rights reserved.

Comments Off on Stamer To Moderate, Talk Medical CyberSecurity At 5/19 ISSA-LA IT Security Meedical Privacy Forum | ADA, ARRA, board of directors, Brokers, Child Safety, Civil Monetary Penalties, compliance, Consumer Protection, Corporate Compliance, corporate governance, Cybercrime, Data Breach, Data Security, EBSA, Educational Privacy, Electronic Medical Record, employee, Employee Benefits, Employer, Employers, EMR, ERISA, FACTA, Fair Credit Reporting Act, FICA, fiduciary duty, FINRA, Government Contractors, health benefit, Health Benefits, health Care, health insurance, health insurance marketplace, health plan, Health Plans, HIPAA, HIPAA, HR, Human Resources, Identity Theft, Insurance, insurers, Internal Controls, Internal Investigations, Internet, Management, Mental Health, officers, Physician, Plan Admistrator, Privacy, Professional Liability, Protected Health Information, Provider, Public Policy, Security, Technology, third party administrators, Uncategorized | Tagged: Cyber Security, Cybercrime, Data Security, Information Security, IT, medical data, Medical Privacy, medical security, Protected Health Information, speech | Permalink
Posted by Cynthia Marcotte Stamer

Strengthen Your Cyber Security By Sharing National Cyber Security Awareness Month Resources This Week

October 25, 2015

Halloween’s annual celebration of spooks and goblins peak is a perfect time to promote awareness and help American businesses and citizens build their skills to guard against the real and growing menace of identity thieves and other cybercriminals by getting involved with the 12^th annual National Cyber Security Awareness Month (NCSAM) in October, begin preparing to participate in the next annual “Data Privacy Day” on January 28, 2016 and joining in other activities highlighted through NCSAM and Data Privacy Day to help deter Cybercrime and identity theft threats. Even if your organization or family choose not to participate in any official or public way, checking out and using the many free resources provides an invaluable, free opportunity to raise your defenses against this rising risk.

With virtually every American business and citizen now connected to and using the Internet to conduct key personal and business transactions and the constant drive by government and business to digitize regular business transactions, no one agency, business or individual alone can truly know where and who has their sensitive data, much less reliably can defend this data against the identity and other theft and other cybercriminals lurking in the digital world’s virtual streets waiting to strike, then disappear in “Jack The Ripper” style into the darkness of the Internet. That’s why every American and American business should take time to participate and urge others to Get Involved in the 12^th Annual NCSAM activities this month and use the supportive resources offered through that involvement throughout the year.

Celebrated annually in October, NCSAM was created to provide resources to help Americans stay safer and more secure online through public-private collaboration between the U.S. Department of Homeland Security and industry led by the National Cyber Security Alliance (NCSA). NCSAM and its associated activities outreach to consumers, small and medium-sized businesses, corporations, educational institutions and young people across the nation. NCSAM 2015 particularly focuses on the consumer and his/her needs regarding cybersecurity and safety continuing the overall message of STOP. THINK. CONNECT. Campaign founded in 2010 and its capstone concepts: “Keep a Clean Machine,” “Protect Your Personal Information,” “Connect with Care,” “Be Web Wise” and “Be a Good Online Citizen.” NCSAM seeks to remind Americans to incorporate “STOP. THINK. CONNECT.” into their online routines and offers resources to help individuals understand and put these principles into practice into their online routine at the home, the office and elsewhere.

Designed to be accessible and understandable by consumers, many business and government organizations may want to support and promote their Cyber Security employee and customer training and awareness efforts by participating annually in NCSAM in October, signing up your organization to Data Privacy Day Champion and/or participating in Data Privacy Day on January 28, 2016, or otherwise using and sharing tips, tools and other resources in the Privacy Library such as:

General Privacy & Cyber Security Awareness

Be A Good Citizen On Line
Protect All Devices
Practice Good Online Safety Habits With These Tips & Advice
Spam & Phishing
Hacked Accounts
Check Your Privacy Settings
Privacy Tips for Teens – A video with STOP. THINK. CONNECT. tips to help teens be privacy-savvy and manage their online reputation.
“Perceptions of Privacy Online and in the Digitally Connected World,” a summary of the results of a 2013-2014 data privacy study conducted by the National Cyber Security Alliance’s Privacy Messaging Development Committee.
Data is Permanent Too – STOP.THINK. is this TMI? A short video created by the Intel Corporation.
Why Privacy Matters – The first in the series of explainers from Zero Knowledge Privacy Foundation.
The Fine Print of Privacy – The second in the series of explainers from Zero Knowledge Privacy Foundation.
“The Right to Fail in Citizenville,” a blog by David Hoffman, Director of Security Policy and Global Privacy Officer, Intel (March, 2013).
The Privacy Engineer’s Manifesto: Getting from Policy to Code to QA to Value, an e-book by McAfee’s Michelle Finneran Dennedy, Jonathan Fox, and Thomas R. Finneran.

Keep a Clean Machine/Cookies & Behavioral Tracking

Malware & Botnets
A video about cookies and why they matter created by the Wall Street Journal.
Information about the Network Advertising Initiative (NAI) offering opt-out of online behavior advertising and provides factual information about online behavioral advertising, privacy, cookies.

Health Privacy

What is HIPAA and Why Should You Care? A Patient’s Guide to HIPAA (Health Insurance Portability and Accountability Act)
Medical Records Privacy from Privacy Rights Clearinghouse
Understanding Health Information Privacy by the U.S. Department of Health and Human Services

Identity Theft Prevention & Clean Up

Links to resources at fraud.org about how to spot a scam, file a complaint and learn about scams.
“ID Theft & Account Fraud – Prevention & Cleanup” a helpful resource provided by Consumer Action offered in numerous languages.
Fighting Back Against Identity Theft and other information for consumers on how to deter, detect and defend against identity theft
IRS resources about how to report phishing.

Mobile App Privacy & Security

“Your Apps Are Watching You,” an investigative report from the Wall Street Journal found popular iPhone and Android apps are collecting and transmitting information without users’ awareness or consent.
Net Safety Tips On The Go app for Android phones app provides quick, practical, friendly advice one tip at a time.
Tips to help protect your privacy when using a mobile device provided by the National Cyber Security Alliance.
Microsoft’s “Location & Privacy: Where are we headed?” and “What Does Your Online Reputation Say About You?”
Protect your personal information while using public Wi-Fi with this video.
10 travel tips for protecting your privacy from PUBLIC WiFi.
Online Services – Banking, Dating & General Guidelines
Don’t Upload Financial Data to Questionable Sources video created by the Intel Corporation
The Perils and Pitfalls of Online Dating: How to Protect Yourself from the Privacy Rights Clearinghouse.
The Google Privacy Channel on YouTube offers a number of short informative videos on privacy issues including: interest-based advertising; use of privacy settings in Google Latitude; advertising privacy; and how to protect your privacy on Google Chrome.

Student & Educational Privacy & Security

I want to each online safety for Grades K-2, Grades 3-5 Middle and High School Higher Education and CSave Volunteer Lesson Plans & Materials
The Protecting Privacy in Connected Learning toolkit is an in-depth, step-by-step guide to navigating the Family Education Rights and Privacy Act (FERPA), the Children’s Online Privacy Protection Act (COPPA) and related privacy issues.
Securing Your Home Network
The Family Educational Rights and Privacy Act, or FERPA, is the main federal law that deals with education privacy, but there are a host of other laws, best practices, and guidelines that are essential to understanding education privacy. FERPA|SHERPA aims to provide service providers, parents, school officials, and policymakers with easy access to those materials to help guide responsible uses of student’s data.
General guidance for parents provided by the department of education Family Educational Rights and Privacy Act (FERPA)
Student Privacy 101: FERPA for parents and students – Ever have questions about your rights regarding education records? This short video highlights the key points of the family education rights and privacy act (FERPA).

Other Resources

About the Author

Cynthia Marcotte Stamer is a practicing attorney and Managing Shareholder of Cynthia Marcotte Stamer, P.C., a member of Stamer│Chadwick │Soefje PLLC, author, pubic speaker, management policy advocate and industry thought leader with more than years’ experience helping business and government organizations and their leaders manage. Ms. Stamer’s legal and management consulting work throughout her 28 plus year career has focused on helping organizations and their management understand and use the law and process to manage people, process, compliance, operations and risk including significant work in the prevention, investigation and remediation of data breach and other Cybercrime events.

Scribe responsible for leading the American Bar Association (ABA) Joint Committee on Employee Benefits (JCEB) annual agency meeting with the Department of Health & Human Services Office of Civil Rights,Scribe responsible for leading the American Bar Association (ABA) Joint Committee on Employee Benefits (JCEB) annual agency meeting with the Department of Health & Human Services Cynthia Marcotte Stamer’s practice has focused on advising and representing government and private technology, security, health care providers, health plans, health, schools and other educational organizations, insurance, banking and financial services, retail, employer and other organizations about privacy and data security compliance and risk management, breach and other investigations and enforcement, workforce and performance management and other risk management, compliance, public policy, regulatory, staffing, and other operations and risk management concerns.

With data and technology use, protection and management imbedded in virtually every aspect of her client’s operations, data and other confidential information and systems use, protection, breach or other abuse investigation and response, enforcement and liability mitigation and defense and other Cybercrime and Cyber Security challenges are a continuous component of Ms. Stamer’s management work. Ms. Stamer helps public and private, domestic and international businesses, governments, and other organizations and their leaders manage their employees, vendors and suppliers, and other workforce members, customers and other’ performance, compliance, compensation and benefits, operations, risks and liabilities, as well as to prevent, stabilize and cleanup workforce, data breach and Cybercrime, and other legal and operational crises large and small that arise in the course of operations. Ms. Stamer regularly helps clients design, administer and defend HIPAA, FACTA, data breach, identity theft and other risk management, compliance and other privacy, data security, confidential information and other data security, technology and management policies and practices affecting their operations. She also helps clients prevent, investigate and mitigate HIPAA, FACTA, PHI and other data breach hacking, identity theft, data breach, data loss or destruction, theft of trade secrets or other sensitive data, spoofing, industrial espionage, insider and other parties misuse of data or technology and other cybercrime and technology use concerns. Best-known for her extensive work helping health care, insurance and other highly regulated entities manage both general employment and management concerns and their highly complicated, industry specific corporate compliance, internal controls and risk management requirements, Ms. Stamer’s clients and experience also includes a broad range of other businesses. Her clients range from highly regulated entities like employers, contractors and their employee benefit plans, their sponsors, management, administrators, insurers, fiduciaries and advisors, technology and data service providers, health care, managed care and insurance, financial services, government contractors and government entities, as well as retail, manufacturing, construction, consulting and a host of other domestic and international businesses of all types and sizes. Common engagements include internal and external privacy and data security compliance, risk management, investigation and remediation, workforce hiring, management, training, performance management, compliance and administration, discipline and termination, and other aspects of workforce management including employment and outsourced services contracting and enforcement, sentencing guidelines and other compliance plan, policy and program development, administration, and defense, performance management, wage and hour and other compensation and benefits, reengineering and other change management, internal controls, compliance and risk management, communications and training, worker classification, tax and payroll, investigations, crisis preparedness and response, government relations, safety, government contracting and audits, litigation and other enforcement, and other legal and operational compliance, risk management, disaster preparedness and response, and liability defense and mitigation concerns arising out of organization’s operations.

Cindy also is widely recognized for her regulatory and public policy advocacy, publications, and public speaking on privacy and other compliance, risk management concerns. Among others, she is the author of “Privacy & Securities Standards-A Brief Nutshell,” “Privacy Invasions of Medical Care-An Emerging Perspective,” the E-Health Business and Transactional Law Chapter on Other Liability-Tort and Regulatory;” “Cybercrime and Identity Theft: Health Information Security Beyond HIPAA;” “Personal Identity Management Legal Demands and Technology Solutions;” “Tailoring A Records Management Plan And Process To Meet Your Legal And Operational Needs;” “Brokers & Insurers Identity Theft and Privacy Perils;” “HR’s Role In Personal Identity Theft & Cyber Crime Prevention;” “Protecting & Using Patient Data In Disease Management Opportunities, Liabilities And Prescriptions;” “Why Your Business Needs A Cybercrime Prevention and Compliance Program;” “Leveraging Your Enterprise Digital Identity Management Investments and Breaking though the Identity Management Buzz;” “When Your Employee’s Private Life Becomes Your Business;” and hundreds of other works. Her insights on privacy, data security, and other matters have appeared in The Wall Street Journal, Business Insurance, the Dallas Morning News, Spencer Publications, and a host of other publications. She speaks and has conducted privacy training for the Association of State & Territorial Health Plans (ASTHO), the Los Angeles Health Department, the American Bar Association, the Health Care Compliance Association, a multitude of health industry, health plan, insurance and financial services, education, employer employee benefit and other clients, trade and professional associations and others.

Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer works with businesses and government organizations and their management, employee benefit plans, schools, financial institutions, retail, hospitality, and other organizations deal with all aspects of these and other operations performance and compliance management. She supports her clients both on a real time, “on demand” basis and with longer term basis to deal with daily performance management and operations, emerging crises, strategic planning, process improvement and change management, investigations, defending litigation, audits, investigations or other enforcement challenges, government affairs and public policy.

Ms. Stamer also is active in the leadership of a broad range of other professional and civic organizations. For instance, Ms. Stamer presently serves on an American Bar Association (ABA) Joint Committee on Employee Benefits Council representative; Vice President of the North Texas Healthcare Compliance Professionals Association; Immediate Past Chair of the ABA RPTE Employee Benefits & Other Compensation Committee, its current Welfare Benefit Plans Committee Co-Chair, on its Substantive Groups & Committee and its incoming Defined Contribution Plan Committee Chair and Practice Management Vice Chair; Past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group and a current member of its Healthcare Coordinating Council; current Vice Chair of the ABA TIPS Employee Benefit Committee; the former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division; on the Advisory Boards of InsuranceThoughtLeadership.com, HR.com, Employee Benefit News, and many other publications. She also previously served as a founding Board Member and President of the Alliance for Healthcare Excellence, as a Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; the Board President of the early childhood development intervention agency, The Richardson Development Center for Children; Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee; a member of the Board of Directors of the Southwest Benefits Association. For additional information about Ms. Stamer, see here, or the Stamer Chadwick Soefje PLLC website here. To contact Ms. Stamer, e-mail her at here or telephone (469) 767-8872.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources at http://www.solutionslawpress.com including:

Comments Off on Strengthen Your Cyber Security By Sharing National Cyber Security Awareness Month Resources This Week | Banking, Child Safety, Cybercrime, Data Breach, Education, Educational Privacy, Employer, FACTA, Fair Credit Reporting Act, Financial Security, FINRA, Gaming, health Care, HIPAA, Hospitality, HR, Human Resources, Identity Theft, Insurance, Internet, Managment, NCSAM, Privacy, Retail, Risk Management, Safety, Schools, Security, Technology | Tagged: Cyber Security, Cybercrime, Data Breach, Data Security, FACTA, FERPA, Health Care, HIPAA, Identity Theft, Internet Security, On-line Dating Safety, On-line Security, Privacy, Schools, Security, Teen Safety, Teens | Permalink
Posted by Cynthia Marcotte Stamer

$2.7 Million FCA Cyber Liability Settlement Shows New Tool In Government’s Strategy To Fight Cyber Insecurity By Holding Businesses & Leaders Accountable

Government Contractor False Claims Act Cyber Risk

$2.7 Million Insight FCA Cyber Settlement

Cyber Risk Implications For Government Contractor & Other Organizations

For Additional Information

About the Author

About Solutions Laws Press, Inc.™

IMPORTANT NOTICE

2/28 New Comment Deadline For NLRB Proposal To Exclude College Work Study Student Workers From NLRA Coverage

College Pays $54,000 To Settle DOJ ADA Lawsuit For Paramedic Program’s Termination of TA With MS

Business Leaders Serve Jail Time For Employment Tax Crimes

New $2.15M OCR Penalty Shows Health Plans Risks Of HIPAA Violations

Proposed NLRB Employee Definition To Exclude College Study Workers

Identity Theft Scan Targets Employee Tax Records

About the Author

About Solutions Law Press, Inc.™

Dealing With HR, Benefits & Other Headaches From Equifax and Other Data Breach

Stamer To Moderate, Talk Medical CyberSecurity At 5/19 ISSA-LA IT Security Meedical Privacy Forum

Strengthen Your Cyber Security By Sharing National Cyber Security Awareness Month Resources This Week

Email Subscription

Pages

Recent Posts

Archives

Share this blog

Solutions Law Press HR & Benefits Update