MHS $5.5M HIPAA Settlement Reminds Health Plans To Implement & Audit HIPAA Compliance

February 16, 2017

A $5.5 million settlement payment that Memorial Healthcare Systems (MHS) just paid the U.S. Department of Health and Human Services (HHS) to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules sends a clear warning message to all health plans, healthcare providers and health care clearinghouses (Covered Entities) and their business associates that simply adopting HIPAA policies alone is insufficient to avoid getting nailed by OCR under HIPAA; Covered Entities and their business associates also must implement, audit and enforce those policies.

MHS, a nonprofit corporation which operates six hospitals, an urgent care center, a nursing home, and a variety of ancillary health care facilities throughout the South Florida area with affiliated physician offices through an Organized Health Care Arrangement (OHCA) also agreed to implement a robust corrective action plan as part of the Resolution Agreement.

The MHS Resolution Agreement resulted from an investigation initiated by the HHS Office for Civil Rights (OCR) after MHS reported to OCR that protected health information (PHI) of 115,143 individuals had been impermissibly accessed by its employees and impermissibly disclosed to affiliated physician office staff. This information consisted of the affected individuals’ names, dates of birth, and social security numbers. The login credentials of a former employee of an affiliated physician’s office had been used to access the ePHI maintained by MHS on a daily basis without detection from April 2011 to April 2012, affecting 80,000 individuals. 

The investigation revealed that although MHS had workforce access policies and procedures in place, MHS failed to implement procedures with respect to reviewing, modifying and/or terminating users’ right of access, as required by the HIPAA Rules. Further, MHS failed to regularly review records of information system activity on applications that maintain electronic protected health information by workforce users and users at affiliated physician practices, despite having identified this risk on several risk analyses conducted by MHS from 2007 to 2012.

MHS’ failure to follow through to implement the controls required by its policies and audit and enforce compliance with HIPAA and its HIPAA policies was a costly mistake. Other Covered Entities should heed MHS’ painful lesson and take documented steps to ensure its HIPAA policies not only are adopted, but also implemented and monitored and audited for compliance.

In response to the MHS settlement, health plans, their sponsors, fiduciaries and business associates should take documented action to audit and correct as needed both their written policies, procedures and notices as well as their operational compliance with HIPAA to mitigate theirexposure to similar enforcement action for HIPAA violations. 

About The Author
Recognized by LexisNexis® Martindale-Hubbell® as a “AV-Preeminent” (Top 1%/ the highest) and “Top Rated Lawyer,” with special recognition as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: Erisa & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, the author of this update is widely known for her 28 plus years’ of work in health care, health benefit, health policy and regulatory affairs and other health industry concerns as a practicing attorney and management consultant, thought leader, author, public policy advocate and lecturer.

Throughout her adult life and nearly 30-year legal career, Ms. Stamer’s legal, management and governmental affairs work has focused on helping health industry, health benefit and other organizations and their management use the law, performance and risk management tools and process to manage people, performance, quality, compliance, operations and risk. Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer helps these and other organizations and their leaders manage their employees, vendors and suppliers, and other workforce members, customers and other’ performance, compliance, compensation and benefits, operations, risks and liabilities, as well as to prevent, stabilize and cleanup legal and operational crises large and small that arise in the course of operations.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, current American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting, former Vice President of the North Texas Health Care Compliance Professionals Association, past Chair of the ABA Health Law Section Managed Care & Insurance Section, past ABA JCEB Council Representative, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Compliance Chair of the National Kidney Foundation of North Texas, and Board Certified in Labor & Employment Law by the Texas Board of Legal Specialization, Ms. Stamer’s includes nearly 30 years’ of work with a diverse range of health industry clients on an extensive range of matters.

Ms. Stamer has worked closely with health industry, managed care and insurance and other businesses and their management, employee benefit plans, governments and other organizations deal with all aspects of staffing, human resources and workforce performance management, internal controls and regulatory compliance, change management and other performance and operations management and compliance. She supports her clients both on a real-time, “on demand” basis and with longer term basis to deal with daily performance management and operations, emerging crises, strategic planning, process improvement and change management, investigations, defending litigation, audits, investigations or other enforcement challenges, government affairs and public policy.

As a core component of her work, Ms. Stamer has worked extensively throughout her career with health care providers, health plans and insurers, managed care organizations, health care clearinghouses, their business associates, employers, banks and other financial institutions, management services organizations, professional associations, medical staffs, accreditation agencies, auditors, technology and other vendors and service providers, and others on legal and operational compliance, risk management and compliance, public policies and regulatory affairs, contracting, payer-provider, provider-provider, vendor, patient, governmental and community relations and matters including extensive involvement advising, representing and defending public and private hospitals and health care systems; physicians, physician organizations and medical staffs; specialty clinics and pharmacies; skilled nursing, home health, rehabilitation and other health care providers and facilities; medical staff, accreditation, peer review and quality committees and organizations; billing and management services organizations; consultants; investors; technology, billing and reimbursement and other services and product vendors; products and solutions consultants and developers; investors; managed care organizations, insurers, self-insured health plans and other payers; and other health industry clients to establish and administer compliance and risk management policies; comply with requirements, investigate and respond to Board of Medicine, Health, Nursing, Pharmacy, Chiropractic, and other licensing agencies, Department of Aging & Disability, FDA, Drug Enforcement Agency, OCR Privacy and Civil Rights, Department of Labor, IRS, HHS, DOD, FTC, SEC, CDC and other public health, Department of Justice and state attorneys’ general and other federal and state agencies; JCHO and other accreditation and quality organizations; private litigation and other federal and state health care industry investigation, enforcement including insurance or other liability management and allocation; process and product development, contracting, deployment and defense; evaluation, commenting or seeking modification of regulatory guidance, and other regulatory and public policy advocacy; training and discipline; enforcement, and a host of other related concerns for public and private health care providers, health insurers, health plans, technology and other vendors, employers, and others, and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns.

Heavily involved in health care and health information technology, data and related process and systems development, policy and operations innovation and a Scribe for ABA JCEB annual agency meeting with OCR for many years who has authored numerous highly-regarded works and training programs on HIPAA and other data security, privacy and use, Ms. Stamer also is widely recognized for her extensive work and leadership on HIPAA, FACTA, PCI, trade secret, physician and other medical confidentiality and privacy, federal and state data security and data breach and other information privacy and data security rules and concerns including policy design, drafting, administration and training; business associate and other contracting; risk assessments, audits and other risk prevention and mitigation; investigation, reporting, mitigation and resolution of known or suspected breaches, violations or other incidents; and defending investigations or other actions by plaintiffs, OCR, FTC, state attorneys’ general and other federal or state agencies, other business partners, patients and others. Ms. Stamer has worked extensively with health care providers, health plans, health care clearinghouses, their business associates, employers and other plan sponsors, banks and other financial institutions, and others on risk management and compliance with HIPAA, FACTA, trade secret and other information privacy and data security rules, including the establishment, documentation, implementation, audit and enforcement of policies, procedures, systems and safeguards, investigating and responding to known or suspected breaches, defending investigations or other actions by plaintiffs, OCR and other federal or state agencies, reporting known or suspected violations, business associate and other contracting, commenting or obtaining other clarification of guidance, training and enforcement, and a host of other related concerns. Her clients include public and private health care providers, health insurers, health plans, technology and other vendors, and others. In addition to representing and advising these organizations, she also has conducted training on Privacy & The Pandemic for the Association of State & Territorial Health Plans, as well as HIPAA, FACTA, PCI, medical confidentiality, insurance confidentiality and other privacy and data security compliance and risk management for Los Angeles County Health Department, ISSA, HIMMS, the ABA, SHRM, schools, medical societies, government and private health care and health plan organizations, their business associates, trade associations and others.

A former lead consultant to the Government of Bolivia on its Pension Privatization Project with extensive domestic and international public policy and governmental and regulatory affairs experience, Ms. Stamer also is widely recognized for regulatory and policy work, advocacy and outreach on healthcare, education, aging, disability, savings and retirement, workforce, ethics, and other policies. Throughout her adult life and career, Ms. Stamer has provided thought leadership; policy and program design, statutory and regulatory development design and analysis; drafted legislation, proposed regulations and other guidance, position statements and briefs, comments and other critical policy documents; advised, assisted and represented health care providers, health plans and insurers, employers, professional. and trade associations, community and government leaders and others on health care, health, pension and retirement, workers’ compensation, Social Security and other benefit, insurance and financial services, tax, workforce, aging and disability, immigration, privacy and data security and a host of other international and domestic federal, state and local public policy and regulatory reforms through her involvement and participation in numerous client engagements, founder and Executive Director of the Coalition for Responsible Health Policy and its PROJECT COPE: the Coalition on Patient Empowerment, adviser to the National Physicians Congress for Healthcare Policy, leadership involvement with the US-Mexico Chamber of Commerce, the Texas Association of Business, the ABA JCEB, Health Law, RPTE, Tax, Labor, TIPS, International Life Sciences, and other Sections and Committees, SHRM Governmental Affairs Committee and a host of other involvements and activities.

A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical staff performance, quality, governance, reimbursement, privacy and data security, and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns. Her insights on these and other related matters appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications.

Beyond her extensive involvement advising and representing clients on privacy and data security concerns and other health industry matters, Ms. Stamer also has served for several years as a scrivener for the ABA JCEB’s meeting with OCR, the Chair of the Southern California ISSA Health Care Privacy & Security Summit, and an editorial advisory board member, author, program chair or steering committee member, and faculties for a multitude of other programs and publications regarding privacy, data security, technology and other compliance, risk management and operational concerns in the health care, health and other insurance, employee benefits and human resources, retail, financial services and other arenas.
A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on HIPAA and other concerns by her service in the leadership of a broad range of other professional and civic organization including her involvement as the Vice Chair of the North Texas Healthcare Compliance Association, Executive Director of the Coalition on Responsible Health Policy and its PROJECT COPE: Coalition on Patient Empowerment, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children; former Board Compliance Chair and Board member of the National Kidney Foundation of North Texas, current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, immediate past RPTE Representative to ABA Joint Committee on Employee Benefits Council Representative and current RPTE Representative to the ABA Health Law Coordinating Council, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, a former member of the Board of Directors of the Southwest Benefits Association and others.

Ms. Stamer also is a highly popular lecturer, symposium and chair, faculty member and author, who publishes and speaks extensively on health and managed care industry, human resources, employment and other privacy, data security and other technology, regulatory and operational risk management. Examples of her many highly regarded publications on these matters include “Protecting & Using Patient Data In Disease Management: Opportunities, Liabilities And Prescriptions,” “Privacy Invasions of Medical Care-An Emerging Perspective,” “Cybercrime and Identity Theft: Health Information Security: Beyond HIPAA,” as well as thousands of other publications, programs and workshops these and other concerns for the American Bar Association, ALI-ABA, American Health Lawyers, Society of Human Resources Professionals, the Southwest Benefits Association, the Society of Employee Benefits Administrators, the American Law Institute, Lexis-Nexis, Atlantic Information Services, The Bureau of National Affairs (BNA), InsuranceThoughtLeaders.com, Benefits Magazine, Employee Benefit News, Texas CEO Magazine, HealthLeaders, the HCCA, ISSA, HIMSS, Modern Healthcare, Managed Healthcare, Institute of Internal Auditors, Society of CPAs, Business Insurance, Employee Benefits News, World At Work, Benefits Magazine, the Wall Street Journal, the Dallas Morning News, the Dallas Business Journal, the Houston Business Journal, and many other symposia and publications. She also has served as an Editorial Advisory Board Member for human resources, employee benefit and other management focused publications of BNA, HR.com, Employee Benefit News, Insurance Thought Leadership and many other prominent publications and speaks and conducts training for a broad range of professional organizations.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (469) 767-8872 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources here such as:

  • Prepare For Changing IRS Tax-Exempt Org & Employee Plan Audit & Exam Info Request Rules
  • Health Plans & Sponsors Have Much To Do To Prepare For 2017 Health Reform
  • ACA-ERISA Lawsuit Risks Likely To Continue Until Congress Acts Despite Trump Executive Order For Agencies To Issue Relief
  • Employers, Plans, Don’t Jump The Gun On ACA Relief
  • Data Thieves Thrive If Companies Mismanage Red Flags
  • Congress Taking On Health Reform Again: Get Informed & Involved!
  • PBGC Table Shows Present Value PBGC Maximum Guarantee
  • DOL Appeals Preliminary Injunction Blocking White Collar Exemption Salary Threshhold Change
  • IRS Changing Employee Plans & Exempt Organization Audit Procedures
  • DOL Barred From Forcing Employers To Report Labor Relations Advice Under Persuader Rule Injunction
  • $2.7M OCR Settlement Warns HIPAA Covered Entities To Clean Up Compliance
  • $2.4M+ St. Joseph Health HIPAA Settlement Teaching Lesson For Other HIPAA-Covered Entities & Business Associates
  • New Rule Gives ONC More Power Over Electronic Health Record Providers
  • HHS, HUD and DOJ Letter Warns State/Local Agencies Against Denying Immigrants Life & Safety Benefits 
  • Colleges post 2016 can pay student health premiums without triggering ACA penalty
  • ERISA Violations Cost More Now
  • Govt & payer mis-“management” increase
  • DOL Invites FLSA Section 14(c) Certificateholders Test Prototype Application
  • OSHA Helping Whistleblowers Win $$$ Faster With New Expedited Case Pilot Program
  • All Covered Entities Should Learn Lessons From Mississippi Medical Center’s $2.75 Million HIPAA Resolution Agreement
  • Chandy New Head Of HHS OCR Civil Rights Division
  • Providers, Health Plans Should Confirm Copy Charges Comply With New OCR HIPAA Guidance
  • $2 Million+ HIPAA Settlement, FAQ Warn Providers Protect PHI From Media, Other Recording Or Use
  • Provider Pays $750K To Settle HIPAA Business Associate Rule Breach Charges
  • Redesigned OCR Website Launched
  • Civil Rights Settlement Highlights Health Industry Discrimination Risks As OCR Prepares To Broaden Requirements
  • Use Free Cyber Security Awareness Month Resources To Boost HIPAA & Other Cyber Security Training & Skills
  • NLRB 29 Unfair Labor Practice Charges Against Community Health Systems, Inc. Shows Industry Labor Risks
  • Health Insurer/Vendor’s Claims & Appeals Deficiencies Could Trigger Significant Employer Excise Tax Liability
  • HIPAA Settlement Warns Health Plans, Sponsoring Employers & Business Associates To Manage HIPAA Risks

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating or your profile here.
©2017 Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions Law Press, Inc.™ All other rights reserved.


Learn Key Lessons From $3.2M+ Children’s HIPAA CMP

February 2, 2017

just-announced $3.2 million Health Insurance Portability & Accountability Act (HIPAA) Civil Monetary Penalty (CMP) paid by Children’s Medical Center of Dallas (Children’s)  for failing to adequately secure electronic protected health information (ePHI) and correct other HIPAA compliance deficiencies teaches many key lessons for employer and other health plans and insurers, healthcare clearinghouses, healthcare providers and their business associates (“Covered Entities”) about mistakes to avoid in managing not only ePHI on laptops and mobile devices, as well as their overall HIPAA compliance and risk management.

The Department of Health & Human Services (HHS) Office of Civil Rights (OCR) imposed the $3,217,000.00 Civil Monetary Penalty (CMP) under a January 18, 2017 Final Determination based upon findings that Children’s for years knowingly violated HIPAA by failing to encrypt or otherwise properly secure ePHI on laptops and other mobile devices and failing to comply with many other HIPAA requirements.  OCR originally notified Children’s of its intention to impose the CMP based on findings of widespread violations by Children’s of HIPAA in a September 30, 2016 Notice of Proposed Determination (Proposed Determination) that OCR sent to Children’s President of System Clinical Operations, David Berry.  Although the Proposed Determination included instructions for requesting a hearing on the Proposed Determination, Children’s paid the CMP rather than exercising these hearing rights.

Evidence Children’s Ignored Repeated Notices of Violations For Years

According to the Proposed Determination, OCR uncovered widespread HIPAA violations by Children’s while investigating the HIPAA compliance of the Dallas-based pediatric health and hospital system in response to two separate notices of large breaches of ePHI that Children’s filed with OCR in response to the HIPAA Breach Notification Rule.   Under the Breach Notification Rule, Covered Entities generally must provide notice of any breach of unsecured ePHI involving more than 500 individuals with OCR, subjects of the breached ePHI and the media within 60 days of receiving notice of the breach.  In contrast, for breaches of unsecured ePHI involving fewer than 500 individuals, Covered Entities generally must notify subjects of the breached ePHI within 60 days, but can delay notification to OCR until filing a consolidated annual report of small breaches of ePHI.

The two breach notifications that triggered the OCR investigation leading to the CMP both involved losses of mobile devices containing ePHI that Children’s filed with OCR.

The first breach report, filed on January 18, 2010, notified OCR of the loss at the Dallas/Fort Worth International Airport on November 19, 2009 of an unencrypted, non-password protected BlackBerry device containing the ePHI of approximately 3,800 individuals.

The second reported breach report filed on July 5, 2013, reported the theft of an unencrypted laptop with the ePHI of 2,462 individuals from its premises sometime between April 4 and April 9, 2013. The OCR investigation found that although Children’s implemented some physical safeguards to the operating room storage area (e.g., badge access was required, and a security camera was present at one of the entrances), it also provided access to the area to staff who were not authorized to access ePHI. Children’s janitorial staff had unrestricted access to the area where the laptop was stored but did not provide encryption to protect the ePHI on the laptop from access by such unauthorized persons.  Children’s internal investigation concluded that the laptop was probably stolen by a member of the janitorial staff.

In the course of investigating these two reported breaches, OCR took note that Children’s previously reported a small breach of unsecured ePHI on an unencrypted mobile device.  In a letter dated August 22, 2011, from Children’s Vice President of Compliance and Internal Audit and Chief Compliance Officer Ron Skillens to OCR Equal Opportunity Specialist Jamie Sorley, Mr. Skillens stated that a Children’s workforce member (an unidentified medical resident) lost an iPod device in December 2010. The iPod had been synched to the resident’s Children’s email account, which resulted in the ePHI of at least 22 individuals being placed on the device. The ePHI on the iPod was not encrypted. The loss of the iPod resulted in the impermissible disclosure of ePHI by the medical resident. OCR concluded the ePHI of 22 individuals was impermissibly disclosed, because the workforce member and agent of Children’s provided access to any unauthorized person who discovered the device.

  • OCR found that the breaches resulted from Children’s violation of the HIPAA Security Rule by failing to encrypt laptops and other mobile devices or and implement other appropriate safeguards for the protection of ePHI on mobile devices;
  • Failing to appropriately document its decision to not implement encryption on mobile devices and any applicable rationale behind a decision to use alternative security measures to encryption; and
  • Failing to implement security measures that were an equivalent alternative to the security protection available from encryption solutions.

The Proposed Determination also reports that the OCR ’s investigation revealed that Children repeatedly over several years knowingly failed to implement and administer proper encryption and other safeguards on laptops and other mobile devices containing ePHI despite actual knowledge of the unaddressed risks to unencrypted ePHI in violation of the HIPAA Security Rule dating back to at least 2007. The Proposed Determination notes, for instance, that:

  • A Security Gap Analysis and Assessment conducted for Children’s December 2006-February 2007 by Strategic Management Systems, Inc. (SMS) (SMS Gap Analysis) identified the absence of risk management as a major finding and recommended that Children’s implement encryption to avoid loss of PHI on stolen or lost laptops.
  • A separate PricewaterhouseCoopers (PwC) analysis of threats and vulnerabilities to certain ePHI (PwC Analysis) conducted in August, 2008 for Children’s determined that encryption was necessary and appropriate. The PwC Analysis also determined that a mechanism was not in place to protect data on a laptop, workstation, mobile device, or USB thumb drive if the device was lost or stolen and identified the loss of data at rest through unsecured mobile devices as being “high” risk. PwC identified data encryption as a “high priority” item and recommended that Children’s implement data encryption in the fourth quarter of 2008.
  • Furthermore, in September 2012, the HHS Office of the Inspector General (OIG) issued the findings from its audit of Children’s that focused on information technology controls for devices such as smartphones and USB drives. Among other things, the report, entitled “Universal Serial Bus Control Weaknesses Found at Children’s Medical Center,” found that Children’s had insufficient controls to prevent data from being written onto unauthorized and unencrypted USB devices and that “without sufficient USB controls, there was a risk that ePHI could have been written onto an unauthorized/unencrypted USB device and taken out of the hospital, resulting in a data breach.” A copy of this report was provided to Mr. Skillens.
  • Despite the prior breach notifications and warnings from the SMS Gap Analysis, the PwC Analysis and the OIG audit report, Children’s failed to take the necessary steps to encrypt and otherwise safeguard its ePHI on mobile devices.  Children’s still had not implemented encryption on all devices as of April 9, 2013 even though appropriate commercial encryption products were available to achieve encryption of laptops, workstations, mobile devices, and USB thumb drives in use by Children’s staff by, at least, the time of the PwC Analysis in 2008.  Furthermore, while leaving these deficiencies unresolved, the Proposed Determination notes that Children’s issued unencrypted BlackBerry devices to nurses beginning in 2007 and allowed its workforce members to continue using unencrypted laptops and other mobile devices until at least April 9, 2013 despite the findings of SMS and PwC and Children’s actual knowledge about the risk of maintaining unencrypted ePHI on its devices.

Based on this evidence, OCR concluded that Children’s had “actual knowledge” of the unaddressed threats to ePHI as early as March 2007 and at least one year prior to the reported security incidents. Furthermore, OCR also found that Children’s additionally violated HIPAA by failing to implement sufficient policies and procedures governing the receipt and removal of hardware and electronic media that contain ePHI into and out of its facility, and the movement of these items within the facility prior to at least November 9, 2012.  Prior to November 2012, Children’s information technology (IT) assets were inventoried and managed separately from the inventory of devices used within its Biomedical Department. Children’s IT asset policies did not apply to devices that accessed or stored ePHI that were managed by the Biomedical Department. Consequently, Children’s was unable to identify all devices to which the device and media control policy should apply prior to completing a full-scope inventory to identify all information systems containing ePHI in November 9, 2012. As Children’s did not conduct a complete inventory to identify all devices to which its IT asset policies apply to ensure that all devices were covered by its device and media control policies, the Proposed Determination concluded Children’s was out of compliance with the Security Rule at 45 C.P.R. § 164.310(d)(l).

After OCR’s investigation indicated widespread Privacy and Security Rule noncompliance by Children’s, the Proposed Determination states that OCR attempted to negotiate a resolution with Children’s through its informal resolution agreement process from approximately November 6, 2015, to August 30, 2016.  When these efforts failed, OCR issued a May 10,2016 Letter of Opportunity that formally informed Children’s that since OCR had been unable to resolve its findings that Children’s violated the Privacy and Security Rules by informal means, OCR was informing Children’s of the preliminary indications of non-compliance and providing Children’s with an opportunity to submit written evidence of mitigating factors under 45 C.F.R. § 160.408 or affirmative defenses under 45 C.F.R. § 160.410 for OCR’s consideration in making a determination of a CMP pursuant to 45 C.F.R. § 160.404. The letter stated that Children’s could also submit written evidence to support a waiver of a CMP for the indicated areas of non-compliance. Each of Children’s indicated acts of noncompliance and the potential CMP for them were described in the letter. The letter was delivered to Children’s and received by Children’s agent on May 12, 2016.

Children’s responded to OCR’s letter on or about June 9, 2016.  The Proposed Determination states that OCR determined that the information and arguments submitted by Children’s in its June 9, 2016 letter did not support an affirmative defense pursuant to 45 C.F.R. § 160.410 or a waiver of the CMP pursuant to 45 C.F.R. § 160.412.  Accordingly, OCR notified Children’s in its September 30, 2016 Proposed Determination of OCR’s intent to implement the $3,217,000.00 CMP and procedures for appealing this planned CMP assessment. When Children’s did not file an appeal, OCR issued the Final Determination assessing the CMP.  OCR reports that Children now has paid the $3,217,000.00 CMP.

Important Lessons For Other Covered Entities

The Children’s CMP and underlying circumstances provide many key lessons for other Covered Entities.  Obviously, the Final Decision drives home the importance of:

  • Proper encryption and other security and access controls of devices and systems containing ePHI; and
  • Proper documentation of risk assessments, audits, breach investigations and other events, compliance analysis and conclusions taken in response, and corrective actions selected and implemented in response to these events.

Beyond the importance of documented compliance with encryption and other requirements, the Children’s CMP and its associated Proposed Determination and Final Determinations also illustrate the importance of proper behavior in response to a known or suspected breach.  The Proposed Determination and Final Determination make clear that beyond the breaches uncovered in the course of the investigation, OCR’s decision to implement the CMP was influenced by, among other things:

  • OCR investigates all large breach reports;
  • Small breach reports can count too;
  • The recurrent disregard and failure by Children to act to address the HIPAA security violations over a period of years despite both repeated notifications of its noncompliance and actual breaches resulting from these compliance deficiencies; and
  • The failure of Children’s to cooperate with OCR to reach a voluntary resolution agreement which might have allowed Children to resolve its liability for the breaches OCR found by paying a potentially smaller settlement payment and implementing corrective actions to OCR’s satisfaction.

About The Author

Recognized by LexisNexis® Martindale-Hubbell® as a “AV-Preeminent” (Top 1%/ the highest) and “Top Rated Lawyer,” with special recognition  as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of  “Labor & Employment,” “Tax: Erisa & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, the author of this update is widely known for her 28 plus years’ of work in health care, health benefit, health policy and regulatory affairs and other health industry concerns as a practicing attorney and management consultant, thought leader, author, public policy advocate and lecturer.

Throughout her adult life and nearly 30-year legal career, Ms. Stamer’s legal, management and governmental affairs work has focused on helping health industry, health benefit and other organizations and their management use the law, performance and risk management tools and process to manage people, performance, quality, compliance, operations and risk. Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer helps these and other organizations and their leaders manage their employees, vendors and suppliers, and other workforce members, customers and other’ performance, compliance, compensation and benefits, operations, risks and liabilities, as well as to prevent, stabilize and cleanup legal and operational crises large and small that arise in the course of operations.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, current American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting, former Vice President of the North Texas Health Care Compliance Professionals Association, past Chair of the ABA Health Law Section Managed Care & Insurance Section, past ABA JCEB Council Representative, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Compliance Chair of the National Kidney Foundation of North Texas, and Board Certified in Labor & Employment Law by the Texas Board of Legal Specialization, Ms. Stamer’s includes nearly 30 years’ of work with a diverse range of health industry clients on an extensive range of matters.

Ms. Stamer has worked closely with health industry, managed care and insurance and other businesses and their management, employee benefit plans, governments and other organizations deal with all aspects of staffing, human resources and workforce performance management, internal controls and regulatory compliance, change management and other performance and operations management and compliance. She supports her clients both on a real-time, “on demand” basis and with longer term basis to deal with daily performance management and operations, emerging crises, strategic planning, process improvement and change management, investigations, defending litigation, audits, investigations or other enforcement challenges, government affairs and public policy.

As a core component of her work,  Ms. Stamer has worked extensively throughout her career with health care providers, health plans and insurers, managed care organizations, health care clearinghouses, their business associates, employers, banks and other financial institutions, management services organizations, professional associations, medical staffs, accreditation agencies, auditors, technology and other vendors and service providers, and others on legal and operational compliance, risk management and compliance, public policies and regulatory affairs, contracting, payer-provider, provider-provider, vendor, patient, governmental and community relations and matters including extensive involvement advising, representing and defending public and private hospitals and health care systems; physicians, physician organizations and medical staffs; specialty clinics and pharmacies; skilled nursing, home health, rehabilitation and other health care providers and facilities; medical staff, accreditation, peer review and quality committees and organizations; billing and management services organizations; consultants; investors; technology, billing and reimbursement and other services and product vendors; products and solutions consultants and developers; investors; managed care organizations, insurers, self-insured health plans and other payers; and other health industry clients to establish and administer compliance and risk management policies; comply with requirements, investigate and respond to Board of Medicine, Health, Nursing, Pharmacy, Chiropractic, and other licensing agencies, Department of Aging & Disability, FDA, Drug Enforcement Agency, OCR Privacy and Civil Rights, Department of Labor, IRS, HHS, DOD, FTC, SEC, CDC and other public health, Department of Justice and state attorneys’ general and other federal and state agencies; JCHO and other accreditation and quality organizations; private litigation and other federal and state health care industry investigation, enforcement including  insurance or other liability management and allocation; process and product development, contracting, deployment and defense; evaluation, commenting or seeking modification of regulatory guidance, and other regulatory and public policy advocacy; training and discipline; enforcement, and a host of other related concerns for public and private health care providers, health insurers, health plans, technology and other vendors, employers, and others, and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns.

Heavily involved in health care and health information technology, data and related process and systems development, policy and operations innovation and a Scribe for ABA JCEB annual agency meeting with OCR for many years who has authored numerous highly-regarded works and training programs on HIPAA and other data security, privacy and use, Ms. Stamer also is widely recognized for her extensive work and leadership on HIPAA, FACTA, PCI, trade secret, physician and other medical confidentiality and privacy, federal and state data security and data breach and other information privacy and data security rules and concerns including policy design, drafting, administration and training; business associate and other contracting; risk assessments, audits and other risk prevention and mitigation; investigation, reporting, mitigation and resolution of known or suspected breaches, violations or other incidents; and defending investigations or other actions by plaintiffs, OCR, FTC, state attorneys’ general and other federal or state agencies, other business partners, patients and others.   Ms. Stamer has worked extensively with health care providers, health plans, health care clearinghouses, their business associates, employers and other plan sponsors, banks and other financial institutions, and others on risk management and compliance with HIPAA, FACTA, trade secret and other information privacy and data security rules, including the establishment, documentation, implementation, audit and enforcement of policies, procedures, systems and safeguards, investigating and responding to known or suspected breaches, defending investigations or other actions by plaintiffs, OCR and other federal or state agencies, reporting known or suspected violations, business associate and other contracting, commenting or obtaining other clarification of guidance, training and enforcement, and a host of other related concerns. Her clients include public and private health care providers, health insurers, health plans, technology and other vendors, and others. In addition to representing and advising these organizations, she also has conducted training on Privacy & The Pandemic for the Association of State & Territorial Health Plans, as well as HIPAA, FACTA, PCI, medical confidentiality, insurance confidentiality and other privacy and data security compliance and risk management for Los Angeles County Health Department, ISSA, HIMMS, the ABA, SHRM, schools, medical societies, government and private health care and health plan organizations, their business associates, trade associations and others.

A former lead consultant to the Government of Bolivia on its Pension Privatization Project with extensive domestic and international public policy and governmental and regulatory affairs experience, Ms. Stamer also is widely recognized for regulatory and policy work, advocacy and outreach on healthcare, education, aging, disability, savings and retirement, workforce, ethics, and other policies.  Throughout her adult life and career, Ms. Stamer has provided thought leadership; policy and program design, statutory and regulatory development design and analysis; drafted legislation, proposed regulations and other guidance, position statements and briefs, comments and other critical policy documents; advised, assisted and represented health care providers, health plans and insurers, employers, professional. and trade associations, community and government leaders and others on health care, health, pension and retirement, workers’ compensation, Social Security and other benefit, insurance and financial services, tax, workforce, aging and disability, immigration, privacy and data security and a host of other international and domestic federal, state and local public policy and regulatory reforms through her involvement and participation in numerous client engagements, founder and Executive Director of the Coalition for Responsible Health Policy and its PROJECT COPE: the Coalition on Patient Empowerment, adviser to the National Physicians Congress for Healthcare Policy, leadership involvement with the US-Mexico Chamber of Commerce, the Texas Association of Business, the ABA JCEB, Health Law, RPTE, Tax, Labor, TIPS, International Life Sciences, and other Sections and Committees, SHRM Governmental Affairs Committee and a host of other  involvements and activities.

A popular lecturer and widely published author on health industry concerns, Ms. Stamer continuously advises health industry clients about compliance and internal controls, workforce and medical  staff performance, quality, governance, reimbursement, privacy and data security, and other risk management and operational matters. Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns. Her insights on these and other related matters appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications.

Beyond her extensive involvement advising and representing clients on privacy and data security concerns and other health industry matters, Ms. Stamer also has served for several years as a scrivener for the ABA JCEB’s meeting with OCR, the Chair of the Southern California ISSA Health Care Privacy & Security Summit, and an editorial advisory board member, author, program chair or steering committee member, and faculties for a multitude of other programs and publications regarding privacy, data security, technology and other compliance, risk management and operational concerns in the health care, health and other insurance, employee benefits and human resources, retail, financial services and other arenas.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on HIPAA and other concerns by her service in the leadership of a broad range of other professional and civic organization including her involvement as the Vice Chair of the North Texas Healthcare Compliance Association, Executive Director of the Coalition on Responsible Health Policy and its PROJECT COPE: Coalition on Patient Empowerment, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children; former Board Compliance Chair and Board member of the National Kidney Foundation of North Texas, current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, immediate past RPTE Representative to ABA Joint Committee on Employee Benefits Council Representative and current RPTE Representative to the ABA Health Law Coordinating Council, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, a former member of the Board of Directors of the Southwest Benefits Association and others.

Ms. Stamer also is a highly popular lecturer, symposium and chair, faculty member and author, who publishes and speaks extensively on health and managed care industry, human resources, employment and other privacy, data security and other technology, regulatory and operational risk management. Examples of her many highly regarded publications on these matters include “Protecting & Using Patient Data In Disease Management: Opportunities, Liabilities And Prescriptions,” “Privacy Invasions of Medical Care-An Emerging Perspective,” “Cybercrime and Identity Theft: Health Information Security: Beyond HIPAA,” as well as thousands of other publications, programs and workshops these and other concerns for the American Bar Association, ALI-ABA, American Health Lawyers, Society of Human Resources Professionals, the Southwest Benefits Association, the Society of Employee Benefits Administrators, the American Law Institute, Lexis-Nexis, Atlantic Information Services, The Bureau of National Affairs (BNA), InsuranceThoughtLeaders.com, Benefits Magazine, Employee Benefit News, Texas CEO Magazine, HealthLeaders, the HCCA, ISSA, HIMSS, Modern Healthcare, Managed Healthcare, Institute of Internal Auditors, Society of CPAs, Business Insurance, Employee Benefits News, World At Work, Benefits Magazine, the Wall Street Journal, the Dallas Morning News, the Dallas Business Journal, the Houston Business Journal, and many other symposia and publications. She also has served as an Editorial Advisory Board Member for human resources, employee benefit and other management focused publications of BNA, HR.com, Employee Benefit News, Insurance Thought Leadership and many other prominent publications and speaks and conducts training for a broad range of professional organizations.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (469) 767-8872 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources here such as:

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating or your profile here.

©2017 Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions Law Press, Inc.™  All other rights reserved.


DOL Appeals Preliminary Injunction Blocking White Collar Exemption Salary Threshhold Change

December 2, 2016

The US Department of Labor (DOL) is appealing the November 22 Nevada v US Department of Labor ruling preliminarily enjoining DOL from implementing or enforcing a modification to the DOL Fair Labor Standards Act (FLSA) White Collar Exemption Regulations that would have nearly doubled the minimum salary that an employer must pay an employee on a salaried basis in reliance on the White Collar Exemption.

The Department of Justice on behalf of the Department of Labor filed a notice to appeal the preliminary injunction to the U.S. Circuit Court of Appeals for the Fifth Circuit yesterday.  

The November 22 Nevada preliminary injunction order barred DOL nationwide from implementing a change to its White Collar Regulations on  December 1, 2016 that would automatically excluded any employee earning a salary of less than $913 per week ($47,476 per year) from coverage by the most commonly relied upon FLSA exemption, White Collar Exemption,  pending a future ruling on the merits lifting the injunction.  

The Obama Administration’s final rule change published in the Federal Register on May 23, 2016, increases the threshold salary for the exemption from $455 per week to $913 per week ($47,476 per year) effective December 1, 2016 and provides for automatic adjustments to this amount every three years beginning January 1, 2020

DOL’s full statement regarding the litigation is here.

The appeal likely surprises many who assumed that the impending change in Administration would put an end to the Obama Administration’s change.  It remains to be seen how quickly the Fifth Circuit will hear the appeal as well as the fate of the rule change and the litigation after President-Elect Trump takes office. Either way, however, zealous and often successful private plaintiff and DOL enforcement of other elements of the While Collar Exemption and other FLSA requirements makes it imperative that employers be prepared to produce the necessary proof to defend their payment of any worker on a salaried basis as well as.compliance with all minimum wage, overtime, record keeping and other FLSA requirements.

About The Author
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,”“Tax: Erisa & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney and management consultant, author, public policy advocate and lecturer widely known for work, teachings and publications.

Ms. Stamer works with businesses and their management, employee benefit plans, governments and other organizations deal with all aspects of human resources and workforce, internal controls and regulatory compliance, change management and other performance and operations management and compliance. She supports her clients both on a real-time, “on demand” basis and with longer term basis to deal with daily performance management and operations, emerging crises, strategic planning, process improvement and change management, investigations, defending litigation, audits, investigations or other enforcement challenges, government affairs and public policy.
A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares shared her thought leadership, experience and advocacy on these and other concerns by her service in the leadership of a broad range of other professional and civic organization including her involvement as the Vice Chair of the North Texas Healthcare Compliance Association, Executive Director of the Coalition on Responsible Health Policy and its PROJECT COPE: Coalition on Patient Empowerment, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children; former Board Compliance Chair and Board member of the National Kidney Foundation of North Texas, current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, immediate past RPTE Representative to ABA Joint Committee on Employee Benefits Council Representative and current RPTE Representative to the ABA Health Law Coordinating Council, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, a former member of the Board of Directors of the Southwest Benefits Association and others.

Ms. Stamer also is a highly popular lecturer, symposia chair and author, who publishes and speaks extensively on health and managed care industry, human resources, employment, employee benefits, compensation, and other regulatory and operational risk management. Examples of her many highly regarded publications on these matters include the “Texas Payday Law” Chapter of Texas Employment Law, as well as thousands of other publications, programs and workshops these and other concerns for the American Bar Association, ALI-ABA, American Health Lawyers, Society of Human Resources Professionals, the Southwest Benefits Association, the Society of Employee Benefits Administrators, the American Law Institute, Lexis-Nexis, Atlantic Information Services, The Bureau of National Affairs (BNA), InsuranceThoughtLeaders.com, Benefits Magazine, Employee Benefit News, Texas CEO Magazine, HealthLeaders, the HCCA, ISSA, HIMSS, Modern Healthcare, Managed Healthcare, Institute of Internal Auditors, Society of CPAs, Business Insurance, Employee Benefits News, World At Work, Benefits Magazine, the Wall Street Journal, the Dallas Morning News, the Dallas Business Journal, the Houston Business Journal, and many other symposia and publications. She also has served as an Editorial Advisory Board Member for human resources, employee benefit and other management focused publications of BNA, HR.com, Employee Benefit News, InsuranceThoughtLeadership.com and many other prominent publications and speaks and conducts training for a broad range of professional organizations and for clients on the Advisory Boards of InsuranceThoughtLeadership.com, HR.com, Employee Benefit News, and many other publications. For additional information about Ms. Stamer, see CynthiaStamer.com or contact Ms. Stamer via email here or via telephone to (469) 767-8872.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources at SolutionsLawPress.com such as:

  • DOL Aggressively Targeting Restaurants For Wage & Hour & Child Labor Law Violations
  • Stop Bullying Month Opportunity to Strengthen Workplace Anti-Harassment Efforts
  • Health Plans, Other Covered Entities Have Continuing Duty To Reevaluate HIPAA Enterprise Risk To PHI & Address Security Risks & Other Compliance Concern On Ongoing Basis
  • New ACA Student Health Insurance Guidance Allows College Payment Of Working Students’ Student Health Insurance Premiums Post 2016
  • ERISA Violations Cost More Now
  • IRS Qualified Plan Correction Procedures Changing 1/1/17
  • DOL Invites FLSA Section 14(c) Certificateholders Test Prototype Application
  • Private Exchanges: Employer Health Program Panacea or Problem? Consider Carefully!
  • New DOL, IRS & HHS FAQ Confirms Employers Can’t Pay, Use HRAs to Reimburse Employees For Individual Policy Premiums
  • Review Health Plans With Reference-Based Reimbursement Designs Under New Agency FAQ Guidance
  • IRS Guidance Raises Concerns For Many Employers Offering “Skinny” & Other Limited Coverage Health Plans
  • Plan’s Purchase of Company Stock Triggers $6.48 Million Award Against ESOP Sponsor, Shareholder, Board Members & Trustees
  • Encourage Workers To Review Withholding As Part Of Annual Enrollment
  • Making Wellness Work On A Shoestring Budget
  • Brace For OCR HIPAA Audits
  • Check Health Plan Privacy For New Guidance Compliance
  • Health Benefit Still Top Employer Benefit Cost
  • Congress Passess Joint Resolution Overturning NLRB “Quickie Election Rule”
  • U.S. Businesses & Their Leaders Face Rising FLSA Collective Action Liability Risks
  • Improve HR Value To Company By Making HR A Performance Rather Than People Department
  • Sponsoring Employers Face Excise Taxes, Other Liabilities Unless Health Plans Comply With ACA Out-Of-Pocket & Other Federal Rules
  • Legal Review Of Health Plan Documents, Processes Needed To Mitigate Employer’s Excise Tax & Other Health Plan Risks
  • EEOC ADA Suit Against Magnolia Health Highlights US Employer’s Growing Disability Discrimination Risks
  • 10 Practical Pointers To Use Law To Better Strengthen The Legal Defensibility Of Your Business & Its Leaders
  • Health Insurer/Vendor’s Claims & Appeals Deficiencies Could Trigger Significant Employer Excise Tax Liability
  • EEOC Charges Employer Violated ADA By Terminating Employment At FMLA Leave End
  • Businesses Should Verify Proper Tracking, Withholding & Reporting On Tips & Gratuities

If you or someone else you know would like to receive future updates about developments on these and other concerns, please provide your current contact information and preferences including your preferred e-mail by creating or updating your profile here.

©2016 Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions Law Press, Inc. All other rights reserved.


IRS Changing Employee Plans & Exempt Organization Audit Procedures

November 21, 2016

Employee benefit plans and tax-exempt organizations facing Internal Revenue Service (IRS) audits or investigations after April, 2016, their leaders and advisors should prepare for some changes in the practices IRS agents will use to issue and enforce document requests (IDRs) after March 31.

The IRS  Tax Exempt and Government Entities Division (TEGE) just issued updated internal guidance (Guidance) governing the procedures its agents will use to gather information for employee benefit plan and exempt organization examinations including information requests made in connection with:

  • Employee Benefit Form 5500 Examination Procedures
  • Exempt Organizations Pre-Audit Procedures
  • On-Site Examinations
  • Tax Exempt Bonds Examinations
  • Indian Tribal Government Examinations and
  • Federal, State and Local Governments (FSLG) Examinations

The new Guidance follows other recent announcements of changes of IRS employee plan or exempt organization procedures such as recently announced changes in IRS employee plan correction procedures.  See, e.g., IRS Qualified Plan Correction Procedures Changing 1/1/17.

The new procedures defined in the Guidance apply more broadly and take effect April 1, 2017.  The Guidance also requires that TEGE update the following IRMs to specifically reflect the new procedures within the next two years:

  • IRM 4.71.1, Overview of Form 5500 Examination Procedures;
  • IRM 4.75.10, Exempt Organizations Pre-Audit Procedures;
  • IRM 4.75.11, On-Site Examination Guidelines;
  • IRM 4.81.5, Tax Exempt Bonds Examination Program Procedures – Conducting the Examination;
  • IRM 4.86.5, Conducting Indian Tribal Government Examinations; and
  • IRM 4.90.9, Federal, State and Local Governments (FSLG) – Procedures, Workpapers and Report Writing.

Among other things, the new Guidance will require “active involvement” by managers of IRS examiners’ early in the process.  The Guidance also calls for:

  • Taxpayers to be involved in the IDR process.
  • Examiners to discuss the issue being examined and the information needed with the taxpayer prior to issuing an IDR.
  • Examiners to ensure that the IDR clearly states the issue and the relevant information they are requesting.
  • If the taxpayer does not timely provide the information requested in the IDR by the agreed upon date, including extensions, examiners to issue a delinquency notice.
  • If the taxpayer fails to respond to the delinquency notice or provides an incomplete response, for the examiner to issue a pre-summons notice to advise the taxpayer that the IRS will issue a summons unless the missing items are fully provided.
  • For a summons to be issued if the taxpayer fails to provide a complete response to the pre-summons letter by its response due date.

According to TEGE the new procedures set forth in the Guidance are designed to “ensure” that IRS Counsel is prepared to enforce IDRs through the issuance of a summons when necessary while also reinforcing the IRS’ commitment to the respect of taxpayer rights under the Taxpayer Bill of Rights.  TEGE says the updated procedures established in the Guidance will promote these goals by:

  • Providing for open and meaningful communication between the IRS and taxpayers;
  • Reducing taxpayer burdens
  • Providing for consistent treatment of taxpayers;
  • Allowing the IRS to secure more complete and timely responses to IDRs;
  • Providing consistent timelines for IRS agents to review IDR responses; and
  • Promoting timely issue resolution.

While it remains to be seen exactly how well the new procedures will promote these goals in operation, leaders, sponsors, administrators and tax advisors to employee benefit plans and exempt organizations tagged for audits after the Guidelines take effect will want to ensure that they review and fully understand the new procedures as soon as possible after receiving notice of the audit.

A clear understanding of the procedures can help the entities and their representatives to take advantage of all available options for mitigating exposures and liability from the audit as well as to avoid unfortunate missteps that could result in forfeiture of otherwise available tax-related rights and options or otherwise increase the tax and other associated risks and liabilities of the entities or others associated with them arising from the audit.

Along with responding to these tax-related risks, leaders and advisors of employee benefit plan and exempt organizations also need to keep in mind the often substantial non-tax related risks that may arise concurrently or evolve from a TEGE or other tax-related audit or investigation. The often substantial tax and non-tax exposures typically makes it desirable if not necessary to involve experienced legal counsel in the process as soon as possible.

To help respond to the audit and manage its tax and non-tax related risks and, leaders responsible for these entities generally not only will want to seek legal advice within the scope of attorney-client privilege from legal counsel immediately after receiving an IDR or other notice of an audit or investigation, as well as consider periodically consulting experienced legal counsel for assistance in conducting pre-audit assessment of compliance and other compliance and risk management planning.

Early involvement of legal counsel generally is necessary both to understand and manage both the tax and non-tax exposures associated with the audit, as well as to preserve and utilize the potential benefits of attorney-client privilege and other evidentiary privileges that could help to mitigate both the tax and non-tax related risks.  While federal tax rules afford some evidentiary privileges to certain accounting professionals when providing tax representation or advice, the protective scope of such privileges generally are more limited than attorney-client privilege and work product evidentiary privileges and typically do not apply to non-tax matters. As a result, most entities and their leaders will want to consider involvement of legal counsel to maximize privilege protections and non-tax related exposures even if the parties plan for a qualified tax professional or other consultant to play a significant role in assisting them to prepare for and respond to the audit.

About The Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: Erisa & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney and management consultant, author, public policy advocate and lecturer widely known for work, teachings and publications.

Ms. Stamer works with health industry and other businesses and their management, employee benefit plans, governments and other organizations deal with all aspects of human resources and workforce, internal controls and regulatory compliance, change management and other performance and operations management and compliance. She supports her clients both on a real-time, “on demand” basis and with longer term basis to deal with daily performance management and operations, emerging crises, strategic planning, process improvement and change management, investigations, defending litigation, audits, investigations or other enforcement challenges, government affairs and public policy.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other concerns by her service in the leadership of a broad range of other professional and civic organization including her involvement as the Vice Chair of the North Texas Healthcare Compliance Association; Executive Director of the Coalition on Responsible Health Policy and its PROJECT COPE: Coalition on Patient Empowerment; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children; former Gulf Coast TEGE Council Exempt Organization Coordinator; a founding Board Member and past President of the Alliance for Healthcare Excellence; former board member and Vice President of the Managed Care Association; past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; a member and advisor to the National Physicians’ Council for Healthcare Policy; current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee; current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section; Past Chair of the ABA Health Law Section Managed Care & Insurance Section; a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group; immediate past RPTE Representative to ABA Joint Committee on Employee Benefits Council Representative and current RPTE Representative to the ABA Health Law Coordinating Council; past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee; a former member of the Board of Directors, Treasurer, Member and Continuing Education Chair of the Southwest Benefits Association and others.

Ms. Stamer also is a highly popular lecturer, symposia chair and author, who publishes and speaks extensively on health and managed care industry, human resources, employment, employee benefits, compensation, and other regulatory and operational risk management. Examples of her many highly regarded publications on these matters include the “Texas Payday Law” Chapter of Texas Employment Law, as well as thousands of other publications, programs and workshops these and other concerns for the American Bar Association, ALI-ABA, American Health Lawyers, Society of Human Resources Professionals, the Southwest Benefits Association, the Society of Employee Benefits Administrators, the American Law Institute, Lexis-Nexis, Atlantic Information Services, The Bureau of National Affairs (BNA), InsuranceThoughtLeaders.com, Benefits Magazine, Employee Benefit News, Texas CEO Magazine, HealthLeaders, the HCCA, ISSA, HIMSS, Modern Healthcare, Managed Healthcare, Institute of Internal Auditors, Society of CPAs, Business Insurance, Employee Benefits News, World At Work, Benefits Magazine, the Wall Street Journal, the Dallas Morning News, the Dallas Business Journal, the Houston Business Journal, and many other symposia and publications. She also has served as an Editorial Advisory Board Member for human resources, employee benefit and other management focused publications of BNA, HR.com, Employee Benefit News, InsuranceThoughtLeadership.com and many other prominent publications and speaks and conducts training for a broad range of professional organizations and for clients on the Advisory Boards of InsuranceThoughtLeadership.com, HR.com, Employee Benefit News, and many other publications. For additional information about Ms. Stamer, see CynthiaStamer.com   or contact Ms. Stamer via email here  or via telephone to (469) 767-8872.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources at SolutionsLawPress.com such as:

If you or someone else you know would like to receive future updates about developments on these and other concerns, please provide your current contact information and preferences including your preferred e-mail by creating or updating your profile here.

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as an admission.  The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues.  Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The presenter and the program sponsor disclaim, and have no responsibility to provide any update or otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein

©2016 Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions Law Press, Inc.™  All other rights reserved.


DOL Barred From Forcing Employers To Report Labor Relations Advice Under Persuader Rule Injunction

November 18, 2016

Employers paying lawyers or other labor relations consultants for advice or help deterring or responding to unionization organizing activities do not have comply with the controversial “Persuader Rule” reporting and disclosure requirements the Department Of Labor (DOL) tried to impose as part of the Obama Administration’s broader aggressive efforts to empower unions and worker organizing efforts.  That’s the effect of U.S. District Court Justice Sam Cummings’ November 16, 2016 National Federation of Independent Business v. Perez decision striking down as invalid and permanently enjoining the DOL from enforcing its regulation officially titled “Interpretation  of  the  ‘Advice’  Exemption  in  Section  203(c)  of  the  Labor-Management  Reporting  and  Disclosure  Act,” commonly referred to as the “Persuader Rule.”

Before DOL adopted the Persuader Rule, there was no requirement to when lawyers or consultants spoke with or advised employers about opposition to union efforts unless the consultant had direct contact with workers.  As revised by the Obama Administration, however, the Persuader Rule required employers and consultants—including lawyers—to report both direct contact with workers as well as advice or other help provided to employers by lawyers or consultants about persuading employees on union issues such as training supervisors or employer representatives to conduct meetings; coordinating or directing the activities of supervisors or employer representatives; establishing or facilitating employee committees; drafting, revising or providing speeches; conducting union avoidance seminars; developing or implementing employer personnel policies; involvement in disciplinary action, reward, or other targeting of workers; or various other activities designed to influence union organization matters.

Scheduled to take effect in July, 2016, DOL’s implementation and enforcement of the Persuader Rule originally was delayed by a June 27, 2016 preliminary injunction issued by Justice Cummings that nationally enjoined DOL from implementing any and all aspects of the Persuader Rule based on his findings, among other things, that the plaintiffs likely would succeed on the merits in showing the Persuader Rule:

  • Violated their right to hire and consult with an attorney, free speech, expression and association rights protected by the First Amendment;
  • Was overly broad and unacceptably vague;
  • Violated the Regulatory Flexibility Act; and
  • Would irreparably harm employers.

After a hearing on the merits, Justice Cummings ruled that the June, 2016 injunction should be made permanent.  His November 16, 2016 final order in National Federation of Independent Business v. Perez, permanently enjoins DOL from implementing the Persuader Rule nationwide.  Accordingly, employers and their labor attorneys and other labor management consultants are excused from responsibility to comply with the reporting requirements of the Persuader Rule.

About The Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,”“Tax: Erisa & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney and management consultant, author, public policy advocate and lecturer widely known for work, teachings and publications.

Ms. Stamer works with businesses and their management, employee benefit plans, governments and other organizations deal with all aspects of human resources and workforce, internal controls and regulatory compliance, change management and other performance and operations management and compliance. She supports her clients both on a real-time, “on demand” basis and with longer term basis to deal with daily performance management and operations, emerging crises, strategic planning, process improvement and change management, investigations, defending litigation, audits, investigations or other enforcement challenges, government affairs and public policy.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares shared her thought leadership, experience and advocacy on these and other concerns by her service in the leadership of a broad range of other professional and civic organization including her involvement as the Vice Chair of the North Texas Healthcare Compliance Association, Executive Director of the Coalition on Responsible Health Policy and its PROJECT COPE: Coalition on Patient Empowerment, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children; former Board Compliance Chair and Board member of the National Kidney Foundation of North Texas, current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, immediate past RPTE Representative to ABA Joint Committee on Employee Benefits Council Representative and current RPTE Representative to the ABA Health Law Coordinating Council, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, a former member of the Board of Directors of the Southwest Benefits Association and others.

Ms. Stamer also is a highly popular lecturer, symposia chair and author, who publishes and speaks extensively on health and managed care industry, human resources, employment, employee benefits, compensation, and other regulatory and operational risk management. Examples of her many highly regarded publications on these matters include the “Texas Payday Law” Chapter of Texas Employment Law, as well as thousands of other publications, programs and workshops these and other concerns for the American Bar Association, ALI-ABA, American Health Lawyers, Society of Human Resources Professionals, the Southwest Benefits Association, the Society of Employee Benefits Administrators, the American Law Institute, Lexis-Nexis, Atlantic Information Services, The Bureau of National Affairs (BNA), InsuranceThoughtLeaders.com, Benefits Magazine, Employee Benefit News, Texas CEO Magazine, HealthLeaders, the HCCA, ISSA, HIMSS, Modern Healthcare, Managed Healthcare, Institute of Internal Auditors, Society of CPAs, Business Insurance, Employee Benefits News, World At Work, Benefits Magazine, the Wall Street Journal, the Dallas Morning News, the Dallas Business Journal, the Houston Business Journal, and many other symposia and publications. She also has served as an Editorial Advisory Board Member for human resources, employee benefit and other management focused publications of BNA, HR.com, Employee Benefit News, InsuranceThoughtLeadership.com and many other prominent publications and speaks and conducts training for a broad range of professional organizations and for clients on the Advisory Boards of InsuranceThoughtLeadership.com, HR.com, Employee Benefit News, and many other publications. For additional information about Ms. Stamer, see CynthiaStamer.com  or contact Ms. Stamer via email here or via telephone to (469) 767-8872.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources at SolutionsLawPress.com such as:

If you or someone else you know would like to receive future updates about developments on these and other concerns, please provide your current contact information and preferences including your preferred e-mail by creating or updating your profile here.

©2016 Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions Law Press, Inc.  All other rights reserved.


DOL Aggressively Targeting Restaurants For Wage & Hour & Child Labor Law Violations

November 3, 2016

Restaurant employers beware! Restaurants are the target of a highly successful, U.S. Department of Labor Wage and Hour Division (WHD) restaurant enforcement and compliance initiative that WHD already has used to nail a multitude of restaurants across the country for “widespread violations” of Fair Labor Standards Act (FLSA) minimum wage, overtime, child labor and other wage and hour laws (WH Law).

Having reportedly found WH Law violations in “nearly every one” of the WH Law investigations conducted against restaurant employers during 2016 and recovered millions of dollars of back pay and penalties from restaurants caught through investigations conducted under its WHD Restaurant Enforcement Initiative, WHD Administrator Dr. David Weil recently confirmed WHD plans to expand the restaurant employers targeted for investigation and other efforts to punish and correct WH Law violations under the Restaurant Enforcement Initiative through 2017 in an October 5, 2016 WHD News Release: Significant Violations In The Austin Restaurant Industry Raise Concerns For Us Labor Department Officials (News Release).

The News Release quotes Administrator Weil as stating:

The current level of noncompliance found in these investigations is not acceptable …WHD will continue to use every tool we have available to combat this issue. This includes vigorous enforcement as well as outreach to employer associations and worker advocates to ensure that Austin restaurant workers receive a fair day’s pay for a fair day’s work.

Given the substantial back pay, interest, civil or in the case of willful violations, criminal penalties, costs of defense and prosecution and other sanctions that restaurant employers, their owners and management can face if their restaurant is caught violating FLSA or other WH Laws, restaurants and their leaders should arrange for a comprehensive review within the scope of attorney-client privilege of the adequacy and defensibility of their existing policies, practices and documentation for classifying, assigning duties, tracking regular and overtime hours, paying workers and other WH Law compliance responsibilities and opportunities to mitigate risks and liabilities from WH Law claims and investigations.

Many Restaurants Already Nailed Through Restaurant Enforcement Initiative

Even before the planned 2017 expansion of its Restaurant Enforcement Initiative, WHD’s enforcement record shows WHD’s efforts to find and punish restaurants that violate WH Laws are highly successful. Restaurant employers overwhelmingly are the employers targeted by WHD in the vast majority of the WH Law settlements and prosecutions announced in WHD News Releases published over the past two years, including aggregate back pay and penalty awards of more than $11.4 million recovered through the following 31 actions announced by WHD between January 1, 2016 and October 31, 2016:

Enforcement Actions Highlight Common Restaurant WH Law Compliance Concerns

Restaurant employers, like employers in most other industries, are subject to a host of minimum wage, overtime and other requirements including the FLSA requirement that covered, nonexempt employees earn at least the federal minimum wage of $7.25 per hour for all regular hours worked, plus time and one-half their regular rates, including commissions, bonuses and incentive pay, for hours worked beyond 40 per week. Employers also are required to maintain accurate time and payroll records and must comply with child labor, anti-retaliation and other WH Law requirements.

The News Release identified some of the common violations WHD uncovered in these investigations included employers:

  • Requiring employees to work exclusively for tips, with no regard to minimum-wage standards;
  • Making illegal deductions from workers’ wages for walkouts, breakages, credit card transaction fees and cash register shortages, which reduce wages below the required minimum wage;
  • Paying straight-time wages for overtime hours worked.
  • Calculating overtime incorrectly for servers based on their $2.13 per hour base rates before tips, instead of the federal minimum wage of $7.25 per hour.
  • Failing to pay proper overtime for salaried non-exempt cooks or other workers;
  • Creating illegal tip pools involving kitchen staff;
  • Failing to maintain accurate and thorough records of employees’ wages and work hours.
  • Committing significant child labor violations, such as allowing minors to operate and clean hazardous equipment, including dough mixers and meat slicers.

Use Care To Verify Tipped Employees Paid Properly

Based on the reported violations, restaurants employing tipped employees generally will want to carefully review their policies, practices and records regarding their payment of tipped employees. Among other things, these common violations reflect a widespread misunderstanding or misapplication of special rules for calculating the minimum hourly wage that a restaurant must pay an employee that qualifies as a tipped employee.  While special FLSA rules for tipped employees may permit a restaurant to claim tips (not in excess of $5.12 per hour) actually received and retained by a “tipped employee,” not all workers that receive tips are necessarily covered by this special rule. For purposes of this rule, the definition of “tipped employee” only applies to an employee who customarily and regularly receives more than $30 per month in tips.

Also, contrary to popular perception, the FLSA as construed by the WHD does not set the minimum wage for tipped employees at $2.13 per hour. On the contrary, the FLSA requirement that non-exempt workers be paid at least the minimum wage of $7.25 per hour for each regular hour worked also applies to tipped employees. When applicable, the special rule for tipped employees merely only allows an employer to claim the amount of the tips that the restaurant can prove the tipped employee actually received and retained (not in excess of $5.13 per hour) as a credit against the minimum wage of $7.25 per hour the FLSA otherwise would require the employer to pay the tipped employee. Only tips actually received by the employee may be counted in determining whether the employee is a tipped employee and in applying the tip credit.  If a tipped employee earns less than $5.13 per hour in tips, the restaurant must be able to demonstrate that the combined total of the tips retained by the employee and the hourly wage otherwise paid to the tipped employee by the restaurant equaled at least the minimum wage of $7.25 per hour.

Furthermore, restaurant or other employers claiming a tip credit must keep in mind that the FLSA generally provides that tips are the property of the employee. The FLSA generally prohibits an employer from using an employee’s tips for any reason other than as a credit against its minimum wage obligation to the employee (“tip credit”) or in furtherance of a valid tip pool.

Also, whether for purposes of applying the tip credit rules or other applicable requirements of the FLSA and other wage and hour laws, restaurant employers must create and retain appropriate records and other documentation regarding worker age, classification, hours worked, tips and other compensation paid and other evidence necessary to defend their actions with respect to tipped or other employees under the FLSA and other WH Law rules. Beyond accurately and reliably capturing all of the documentation required to show proper payment in accordance with the FLSA, restaurants also should use care to appropriately document leave, discipline and other related activities as necessary to show compliance with anti-retaliation, equal pay, family and medical leave, and other mandates, as applicable.  Since state law also may impose additional minimum leave, break time or other requirements, restaurants also generally will want to review their policies, practices and records to verify their ability to defend their actions under those rules as well.

Child Labor Rules Require Special Care When Employing Minors

While hiring workers under the age of 18 (minors) can help a restaurant fulfill its staffing needs while providing young workers valuable first time or other work experience, restaurants that hire minors must understand and properly comply with any restrictions on the duties, work hours or other requirements for employment of the minor imposed by federal or state child labor laws.

As a starting point, the legal requirements for employing minors generally greater, not less, than those applicable to the employment of an adult in the same position.  Employers employing workers who are less than 18 years of age (minors) should not assume that the employer can pay the minor less than minimum wage or skip complying with other legal requirements that normally apply to the employment of an adult in that position by employing the minor in an “internship” or other special capacity. The same federal and state minimum wage, overtime, safety and health and nondiscrimination rules that generally apply to the employment of an adult generally will apply to its employment of a worker who is a minor.

Beyond complying with the rules for employment of adults, restaurants employing minors also must ensure that they fully comply with all applicable requirements for the employment of minors imposed under the FLSA child labor rules and applicable state law enacted to ensure that when young people work, the work is safe and does not jeopardize their health, well-being or educational opportunities.   Depending on the age of the minor, the FLSA or state child labor rules may necessitate that a restaurant tailor the duties and hours of work of an employee who is a minor to avoid the substantial liability that can result when an employer violates one of these child labor rules.

The FLSA child labor rules, for instance, impose various special requirements for the employment of youth 14 to 17 years old. See here.  As a starting point, the FLSA child labor rules prohibit the any worker less than 18 years of age from operating or cleaning dough mixers, meat slicers or other hazardous equipment. Depending on the age of the minor worker, the FLSA child labor rules or state child labor laws also may impose other restrictions on the duties that the restaurant can assign or allow the minor to perform.  Restaurants hiring any worker that is a minor must evaluate the duties identified as hazardous “occupations” that the FLSA child labor rules prohibit a minor of that age to perform here as an “occupation” and take the necessary steps to ensure the minor is not assigned and does not perform any of those prohibited activities in the course of his employment.

In addition to ensuring that minors don’t perform prohibited duties, restaurants employing minors also comply with all applicable restrictions on the hours that the minor is permitted to work based on the age of the minor worker.  For instance, the FLSA and state child labor rules typically prohibit scheduling a minor less than 16 years of age to work during school hours and restrict the hours outside school hours the minor can work based on his age.  Additional restrictions on the types of jobs and hours 14- and 15-year-olds may work also may apply.

Compliance with the FLSA child labor rules is critically important for any restaurant or other employer that employs a minor, particularly since the penalties for violation of these requirements were substantially increased in 2010, as Streets Seafood Restaurant learned earlier this year.

According to a WHD News Release, Street’s Seafood Restaurant paid $14,288 in minimum wage and overtime back wages and an equal amount in liquidated damages totaling $28,577 to eight employees, and also was assessed a civil money penalty of $14,125 for FLSA child labor violations committed in the course of its employment of four minors ages 15 to 17. Specifically, investigators found Street’s Seafood Restaurant:

WHD’s announcement of the settlement resolving these child labor laws quotes Kenneth Stripling, director of the division’s Birmingham District Office as stating:

Employing young people provides valuable experience, but that experience must never come at the expense of their safety …Additionally, employers have an obligation to pay employees what they have legally earned. All workers deserve a fair day’s pay for a fair day’s work. Unfortunately, Street’s Seafood violated not only child labor laws, but has also shorted workers’ pay. The resolution of this case sends a strong message that we will not tolerate either of those behaviors.

Restaurants Must Act To Minimize Risks

Beyond WHD’s direct enforcement actions, WHD also is seeking to encourage private enforcement of WH Law violations by conducting an aggressive outreach to employees, their union and private plaintiff representatives, states and others. Successful plaintiffs in private actions typically recover actual back pay, double damage penalties plus attorneys’ fees and costs. The availability of these often lucrative private damages makes FLSA and other WH Law claims highly popular to disgruntled or terminated workers and their lawyers.  When contemplating options to settle claims WH Law claims made by a worker, employers need to keep in mind that WHD takes the position that settlements with workers do not bar the WHD from taking action unless the WHD joins in the settlement and in fact, past settlements may provide evidence of knowingness or willfulness by the employer in the event of a WHD prosecution.  The substantial private recoveries coupled with these and other WHD enforcement and other compliance actions mean bad news for restaurant employers that fail to manage their FLSA and other WH Law compliance.  Restaurant employers should act within the scope of attorney-client privilege to review and verify their compliance and consult with legal counsel about other options to minimize their risk and streamline and strengthen their ability to respond to and defend against audits, investigations and litigation.

Beyond verifying the appropriateness of their timekeeping and compensation activities and documentation, restaurants and staffing or management organizations working with them also should use care to mitigate exposures that often arise from missteps or overly aggressive conduct by others providing or receiving management services or staffing services. All parties to these arrangements and their management should keep in mind that both parties participating in such arrangements bear significant risk if responsibilities are not properly performed.   Both service and staffing providers and restaurants using their services should insist on carefully crafted commitments from the other party to properly classify, track hours, calculate and pay workers, keep records, and otherwise comply with WH Laws and other legal requirements.  Parties to these arrangements both generally also will want to insist that these contractual reassurances are backed up with meaningful audit and indemnification rights and carefully monitor the actions of service providers rendering these services.

About The Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,”“Tax: Erisa & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney and management consultant, author, public policy advocate and lecturer widely known for work, teachings and publications.

Ms. Stamer works with businesses and their management, employee benefit plans, governments and other organizations deal with all aspects of human resources and workforce, internal controls and regulatory compliance, change management and other performance and operations management and compliance. She supports her clients both on a real-time, “on demand” basis and with longer term basis to deal with daily performance management and operations, emerging crises, strategic planning, process improvement and change management, investigations, defending litigation, audits, investigations or other enforcement challenges, government affairs and public policy.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares shared her thought leadership, experience and advocacy on these and other concerns by her service in the leadership of a broad range of other professional and civic organization including her involvement as the Vice Chair of the North Texas Healthcare Compliance Association, Executive Director of the Coalition on Responsible Health Policy and its PROJECT COPE: Coalition on Patient Empowerment, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children; former Board Compliance Chair and Board member of the National Kidney Foundation of North Texas, current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, immediate past RPTE Representative to ABA Joint Committee on Employee Benefits Council Representative and current RPTE Representative to the ABA Health Law Coordinating Council, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, a former member of the Board of Directors of the Southwest Benefits Association and others.

Ms. Stamer also is a highly popular lecturer, symposia chair and author, who publishes and speaks extensively on health and managed care industry, human resources, employment, employee benefits, compensation, and other regulatory and operational risk management. Examples of her many highly regarded publications on these matters include the “Texas Payday Law” Chapter of Texas Employment Law, as well as thousands of other publications, programs and workshops these and other concerns for the American Bar Association, ALI-ABA, American Health Lawyers, Society of Human Resources Professionals, the Southwest Benefits Association, the Society of Employee Benefits Administrators, the American Law Institute, Lexis-Nexis, Atlantic Information Services, The Bureau of National Affairs (BNA), InsuranceThoughtLeaders.com, Benefits Magazine, Employee Benefit News, Texas CEO Magazine, HealthLeaders, the HCCA, ISSA, HIMSS, Modern Healthcare, Managed Healthcare, Institute of Internal Auditors, Society of CPAs, Business Insurance, Employee Benefits News, World At Work, Benefits Magazine, the Wall Street Journal, the Dallas Morning News, the Dallas Business Journal, the Houston Business Journal, and many other symposia and publications. She also has served as an Editorial Advisory Board Member for human resources, employee benefit and other management focused publications of BNA, HR.com, Employee Benefit News, InsuranceThoughtLeadership.com and many other prominent publications and speaks and conducts training for a broad range of professional organizations and for clients on the Advisory Boards of InsuranceThoughtLeadership.com, HR.com, Employee Benefit News, and many other publications. For additional information about Ms. Stamer, see CynthiaStamer.com or contact Ms. Stamer via email here or via telephone to (469) 767-8872.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources at http://www.solutionslawpress.com such as:

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating or updating your profile here.

©2016 Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions Law Press, Inc.™ All other rights reserved.


Stop Bullying Month Opportunity to Strengthen Workplace Anti-Harassment Efforts

October 28, 2016

Cyber and other bullying usually is discussed as a child protection concern.  However bullying of adults in the workplace also can be a big employment issue.

Applying the term “harassment” to adult bullying in the workplace allows most businesses to rapidly recognize need to prevent bullying and harassment in the workplace.

The connection between bullying and harassment is rapidly apparent from the definition of bullying.  The government website stopbullying.gov defines “bullying” as unwanted, aggressive behavior among school aged children that involves a real or perceived power imbalance. The behavior is repeated, or has the potential to be repeated, over time. Bullying includes actions such as making threats, spreading rumors, attacking someone physically or verbally, and excluding someone from a group on purpose.”

In employment or other adult environments, the word “harassment” typically is used instead of bullying to refer to aggressive unwarranted behavior against an adult.  Regardless of which term is used, bullying and harassment in workplaces and other communities is disruptive for the victims, co-workers, the employment or other community and those who interact with them.

Of course by now, all businesses and their leaders are legally accountable to know that the law generally requires businesses to prevent and protect their employees against harassment by management or other employees, customers, vendors and others with whom they do business on account of sex, sexual preference, race, age, disability, National origin, religion, whistleblower status, worker’s compensation or certain other benefit claims and the exercise of a host of other protected types of conduct.

Beyond the substantial legal exposures that businesses risk from harassment in the workplace, harassment or other pulling in the work place also inevitably creates other substantial operation costs for businesses by undermining job performance of bullying victims and others, undermining morale,  increasing employee turnover, creating distractions, increasing management demands, eroding trust and team work, and more.

To reduce their exposure to these legal and operational risks, most US businesses have policies, conduct training and investigations, and engage in a host of other anti-harassment activities.  Even with these efforts, however, effective prevention, detection and management of bullying and other harassment behaviors in most workplaces remains a challenge.  For this reason businesses and their management should constantly be on the watch for tips and tools ate them in this endeavor.

The United States government’s annual Stop Bullying Month observances each October provide an excellent opportunity for US businesses and employers to strengthen their anti-harassment risks and compliance by joining in the celebration in October and using the resources available in their anti-harassment efforts throughout the year.

Businesses also may want to take advantage of resources like stopbullying.gov that provide tips and training for identifying and addressing bullying of children and others requiring special protection.

Stopbullying.gov, for instance includes a multitude of resources for ParentsEducatorsCommunities, and others that can be reworked and applied and workplace and other business contexts.  Beyond these generally applicable tips, The website also includes videos and other materials addressing special topics like Cyberbullying and what to do about itSexual Preference Harassment and many others.

Human resources and other business leaders should check out these resources and leverage them to expand their tools and strengthen their anti-harassment efforts and risk management.

About The Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: Erisa & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney and management consultant, author, public policy advocate and lecturer widely known for work, teachings and publications.

Ms. Stamer works with businesses and their management, employee benefit plans, governments and other organizations deal with all aspects of human resources and workforce, internal controls and regulatory compliance, change management and other performance and operations management and compliance. She supports her clients both on a real time, “on demand” basis and with longer term basis to deal with daily performance management and operations, emerging crises, strategic planning, process improvement and change management, investigations, defending litigation, audits, investigations or other enforcement challenges, government affairs and public policy.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares shared her thought leadership, experience and advocacy on these and other concerns by her service in the leadership of a broad range of other professional and civic organization including her involvement as the Vice Chair of the North Texas Healthcare Compliance Association, Executive Director of the Coalition on Responsible Health Policy and its PROJECT COPE: Coalition on Patient Empowerment, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children; former Board Compliance Chair and Board member of the National Kidney Foundation of North Texas, current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, immediate past RPTE Representative to ABA Joint Committee on Employee Benefits Council Representative and current RPTE Representative to the ABA Health Law Coordinating Council, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, a former member of the Board of Directors of the Southwest Benefits Association and others.

Ms. Stamer also is a highly popular lecturer, symposia chair and author, who publishes and speaks extensively on health and managed care industry, human resources, employment and other privacy, data security and other technology, regulatory and operational risk management for the American Bar Association, ALI-ABA, American Health Lawyers, Society of Human Resources Professionals, the Southwest Benefits Association, the Society of Employee Benefits Administrators, the American Law Institute, Lexis-Nexis, Atlantic Information Services, The Bureau of National Affairs (BNA), InsuranceThoughtLeaders.com, Benefits Magazine, Employee Benefit News, Texas CEO Magazine, HealthLeaders, the HCCA, ISSA, HIMSS, Modern Healthcare, Managed Healthcare, Institute of Internal Auditors, Society of CPAs, Business Insurance, Employee Benefits News, World At Work, Benefits Magazine, the Wall Street Journal, the Dallas Morning News, the Dallas Business Journal, the Houston Business Journal, and many other symposia and publications. She also has served as an Editorial Advisory Board Member for human resources, employee benefit and other management focused publications of BNA, HR.com, Employee Benefit News, InsuranceThoughtLeadership.com and many other prominent publications and speaks and conducts training for a broad range of professional organizations and for clients on the Advisory Boards of InsuranceThoughtLeadership.com, HR.com, Employee Benefit News, and many other publications. For additional information about Ms. Stamer, see www.CynthiaStamer.com or contact Ms. Stamer via email here  or via telephone to (469) 767-8872.

 

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources at http://www.solutionslawpress.com such as:

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating or updating your profile here.

©2016 Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions Law Press, Inc.  All other rights reserved.