College Pays $54,000 To Settle DOJ ADA Lawsuit For Paramedic Program’s Termination of TA With MS

November 7, 2019

Lanier Technical College, a unit of the Technical College System of Georgia, will pay $53,000 in back pay and compensatory damages and revise its policies and procedures to settle a Justice Department lawsuit alleging the College violated the Americans with Disabilities Act (ADA) by terminating along-time College employee based on her multiple sclerosis filed in the Northern District Of Georgia on November 4, 2019.  In addition to this disability discrimination allegation, the Justice Department complaint also alleges the removed the employee from the teaching schedule for an entire school semester, thus reducing her hours and pay to zero, due to her multiple sclerosis after the employee took three days of sick leave one summer.  The lawsuit and its settlement reminds academic health care and other public and private employers about the need to use appropriate care to avoid inappropriate discrimination against individuals  with disabilities in employment and other operations.

The College had employed the terminated employee as a part-time emergency medical technician (EMT) lab assistant for over three years before the events prompting the lawsuit took place.  The essential functions of her job involved assisting instructors in the classroom and in the lab, and perform “check offs” to authorize and certify that the students mastered particular technical competencies (e.g., properly taking blood pressure, starting a patient’s I.V., assessing a patient’s vital signs).  In addition to her employment with the College, the former employee also worked as a paramedic for an unrelated employer.  She continued to work as a full-time paramedic for nearly three years after the College terminated her employment as a part-time lab assistant.

Less than a year into her employment at the College, the former employee was diagnosed with multiple sclerosis (MS) in 2010.   Shortly after her diagnosis the former employee notified among others, notified the Director of the Lanier Paramedicine Technology (PMT) Department, Sam Stone, of her condition and Mr. Stone subsequently discussed her MS and treatment with her over the course of her employment with the College.  According to the Justice Department complaint, the former employee did not require any reasonable accommodations for her disability, remained qualified to perform the essential functions of the part-time lab assistant job, and did so successfully until College discharged her or otherwise altered her compensation, terms, conditions, or privileges of employment.

In 2012, the former employee assisted with classes and labs taught by Instructor Andy Booth.  Instructor Booth managed the work schedule for all the part-time EMT lab assistants who assisted with his classes, including that of the former employee.  This included the ability to remove lab assistants from any shifts they requested.  Director Stone then completed a final review of the semester and approved the schedule and any changes to it.

During the summer of 2012, the former employee had to miss her assigned workdays on two or three occasions due to her MS and its treatment.  She also was on disability leave from her paramedic job for a period during that summer, returning to work full-time in early August.  Following these absences, Instructor Booth on August 30, 2012 sent an email to lab assistants, including the former employee requesting that lab assistants sign up for open shifts on the work schedule, as he was “still short on help.”  The schedule with available shifts was posted for September through December 2012.  The former employee signed up for seven or eight four-hour shifts over the course of the fall semester that same day and emailed Instructor Booth the evening of August 30 to inform him of this.  In her email, she indicated that she was no longer on disability leave from her other job.

Two weeks later, on September 12, 2012, the College removed the former employee from the work schedule for the entire fall semester schedule on the written instructions of Instructor Booth with the approval of Director Stone.   Instructor Booth’s September 12 email instructions to his assistant provided a link to the online work schedule for the lab assistants and stated:  “Any day you see [the former employee], just take her off.”  Director Stone was copied on this email.  That same day, Director Stone replied to Instructor Booth’s email, stating that he had reviewed all of the dates up to December and approved the schedule.  The College knew that, by removing the former employee from the schedule, it was terminating her employment with Lanier.

When the former employee realized that someone removed her from the schedule for the entire semester, she contacted Instructor Booth.  He told the former employee, by text message, that it was Director Stone’s decision and that Director Stone wanted to give the former employee “some time to heal.”  Instructor Booth also stated that Director Stone seemed upset about the former employee missing a few days in the summer due to her MS.  Instructor Booth then directed the former employee to speak to Director Stone.  He did not offer to reinstate her for any of the days she signed up for or for any future dates.

Thereafter, on September 26, 2012, the former employee contacted Director Stone by email.  After telling Director Stone i her email that Instructor Booth said Director Stone was managing the schedule and had wanted to give her “some time to heal,” she reassured him that she appreciated his concern but that she felt she was “OK.”  When Director Stone responded on September 23, he confirmed the correctness of Director Stone’s email and also confirmed that he was concerned with the former employee’s health. He offered to discuss these concerns further with her in private.  He did not offer to reinstate her for any of the days she signed up for or for any future dates.

Later that day, the former employee called Director Stone.  On the call, Director Stone expressed concern about legal and liability issues and whether the former employee was fit to work because of her MS.  He said that he, as the Department Director, had to be concerned about her health and medical issues, because a student could challenge a grade on the basis that her MS made her unfit to evaluate students.   Director Stone also referenced a couple days that the former employee missed work due to her MS during the summer, and stated that she was less reliable than other lab assistants were at that point.  He did not offer to reinstate her for any of the days she signed up for or for any future dates.

Approximately six months later, College removed the former employee from the payroll and changed her payroll status to “terminated.”

On September 26, 2012, the former employee filed a timely charge of discrimination with the United States Equal Employment Opportunity Commission (EEOC), alleging that College terminated her because of her disability in violation of the ADA.  The Justice Department filed the lawsuit after the EEOC referred the former employee’s complaint to it.

Title I of the ADA prohibits covered entities including the College from discriminating against a qualified individual on the basis of disability in regard to job application procedures, the hiring, advancement, or discharge of employees, employee compensation, job training, and other terms, conditions, and privileges of employment.  42 U.S.C. § 12112(a); 29 C.F.R. § 1630.4.

The Justice Department complaint against the College charged that the College violated the ADA by discriminating against her on the basis of her disability by:

  • Removing her from the lab assistant work schedule for a semester and reducing her work hours and compensation to zero; and
  • Terminating her on the basis of her disability

As a consequence of these discriminatory actions, the complaint charged the former employee suffered lost earnings, benefits and job advancement opportunities, as well as substantial emotional distress, pain and suffering and other nonpecuniary losses.  The complaint asked the District Court to redress these injuries by:

  • Declaring the College in violation of the Title I of the ADA and its accompanying regulation;
  • Enjoining the College and its agents, employees, successors, and all persons in active concert or participation with it, from engaging in discriminatory employment policies and practices that violate Title I of the ADA;
  • Requiring the College to modify its policies, practices, and procedures as necessary to bring its employment practices into compliance with Title I of the ADA and its implementing   regulation;
  • Ordering the College to train its supervisors and human resource staff regarding the requirements of Title I of the ADA; and
  • Awarding the former employee back pay with interest; the value of any lost benefits with interest; and compensatory damages, including damages for emotional distress, for injuries suffered as a result of Defendant’s failure to comply with the requirements of the ADA;

Under the settlement agreement announced November 7, 2019 by the Justice Department, the College must pay the former employee $53,000 in back pay and compensatory damages, revise its policies and training staff on the ADA to ensure compliance with the ADA, train staff on the ADA, and report to the Justice Department on implementation of the settlement agreement.

Reaching this settlement allowed the College to eliminate its exposure to potentially much greater liability.  In addition to actual lost compensation and benefit damages, a loss at trial could have resulted in a jury award that also ordered the College to pay attorneys’ fees and other costs, interest and exemplary damages of up to $300,000.

For More Information

We hope this update is helpful. For more information about employment discrimination or other labor and employment, compensation, benefits or other related management and compliance concerns or developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.

Solutions Law Press, Inc. invites you receive future updates and join discussions about these and other human resources, health and other employee benefit and patient empowerment concerns by participating and contributing to the discussions in our Solutions Law Press HR & Benefits Update Compliance Update Group and registering for updates on our Solutions Law Press Website..

About the Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of management focused employment, health care, employee benefit and insurance, workforce and other management work, public policy leadership and advocacy, coaching, teachings, and publications including extensive work with businesses on compliance, risk management and defense.

Author of numerous highly regarding publications on disability and other discrimination and other employment, employee benefit, compensation, regulatory compliance and internal controls and other management concerns affecting health care, education, insurance, housing and other operations, Ms. Stamer’s clients include health care, insurance and financial services, educational and other employer and services organizations; employer, union, association, government and other insured and self-insured health and other employee benefit plan sponsors, benefit plans, fiduciaries, administrators, and other plan vendors;   domestic and international public and private health care, education and other community service and care organizations; managed care organizations; insurers, third-party administrative services organizations and other payer organizations; and other private and government organizations and their management leaders.  In addition to her legal and management operations work. Ms. Stamer’s experience includes 30 plus years’ of  legislative and regulatory policy advocacy and drafting, design, compliance and enforcement including testifying to the EBSA Advisory Council on Employee Welfare and Pension Benefit Plans in  on the effectiveness of employee benefit plan disclosures during 2017 hearings on on reducing the burdens and increasing the effectiveness of ERISA mandated disclosures  as well as advice, representation, advocacy and testimony to and before and other work with various foreign governments, Congress, state legislatures, and a multitude of federal, state and local agencies.

Throughout her 30 plus year career, Ms. Stamer has continuously worked with these and other management clients to design, implement, document, administer and defend hiring, performance management, compensation, promotion, demotion, discipline, reduction in force and other workforce, employee benefit, insurance and risk management, health and safety, and other programs, products and solutions, and practices; establish and administer compliance and risk management policies; manage labor-management relations, comply with requirements, investigate and respond to government, accreditation and quality organizations, regulatory and contractual audits, private litigation and other federal and state reviews, investigations and enforcement actions; evaluate and influence legislative and regulatory reforms and other regulatory and public policy advocacy; prepare and present training and discipline;  handle workforce and related change management associated with mergers, acquisitions, reductions in force, re-engineering, and other change management; and a host of other workforce related concerns. Ms. Stamer’s experience in these matters includes supporting these organizations and their leaders on both a real-time, “on demand” basis with crisis preparedness, intervention and response as well as consulting and representing clients on ongoing compliance and risk management; plan and program design; vendor and employee credentialing, selection, contracting, performance management and other dealings; strategic planning; policy, program, product and services development and innovation; mergers, acquisitions, bankruptcy and other crisis and change management; management, and other opportunities and challenges arising in the course of workforce and other operations management to improve performance while managing workforce, compensation and benefits and other legal and operational liability and performance.

A Fellow in the American College of Employee Benefit Counsel and Past Chair of both the ABA Managed Care & Insurance Interest Group and it’s RPTE Employee Benefits and Other  Compensation Group, Ms. Stamer also has leading edge experience in health benefit, health care, health, financial and other plan, program and process design, administration, documentation, contracting, risk management, compliance and related process and systems development, policy and operations; training; legislative and regulatory affairs, and other legal and operational concerns.

A former lead consultant to the Government of Bolivia on its Pension Privatization Project with extensive domestic and international public policy concerns in pensions, healthcare, workforce, immigration, tax, education and other areas, Ms. Stamer has been extensively involved in U.S. federal, state and local health care and other legislative and regulatory reform impacting these concerns throughout her career. Her public policy and regulatory affairs experience encompasses advising and representing domestic and multinational private sector health, insurance, employee benefit, employer, staffing and other outsourced service providers, and other clients in dealings with Congress, state legislatures, and federal, state and local regulators and government entities, as well as providing advice and input to U.S. and foreign government leaders on these and other policy concerns.

Author of leading works on a multitude of labor and employment, compensation and benefits, internal controls and compliance, and risk management matters and a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other related concerns by her service in the leadership of the Solutions Law Press, Inc. Coalition for Responsible Health Policy, its PROJECT COPE: Coalition on Patient Empowerment, and a broad range of other professional and civic organizations including North Texas Healthcare Compliance Association, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children (now Warren Center For Children); current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, past Representative and chair of various committees of ABA Joint Committee on Employee Benefits; an ABA Health Law Coordinating Council representative, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, a former member of the Board of Directors of the Southwest Benefits Association and others.

For more information about Ms. Stamer or her work, services, experience and involvements, see here or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources here.

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.  We also invite you to join the discussion of these and other human resources, health and other employee benefit and patient empowerment concerns by participating and contributing to the discussions in our Health Plan Compliance Group or COPE: Coalition On Patient Empowerment Groupon LinkedIn or Project COPE: Coalition on Patient Empowerment Facebook Page.

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission and its content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion.otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.

©2019 Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions Law Press, Inc.™ For information about republication or the topic of this article, please contact the author directly. All other rights reserved.


Identity Theft Scan Targets Employee Tax Records

December 7, 2018

The Internal Revenue Service is warning human resources and other business leaders about a growing wave of identity theft and W-2 scams targeting sensitive tax data employers collect on their employees. The warning highlights one of the many growing data breach exposures businesses must manage as identity thieves become ever more sophisticated.

Such data like Form W-2 data – is highly valued by identity thieves. While identity thieves use a variety of tactics to steal this information including hacking into the IRS’ own systems, the IRS this week is warning about one scheme that the IRS says has become one of the more dangerous email scams.

All employers are targets for the W-2 scam, according to the IRS.

Here’s how it works:

  • These emails appear to be from an executive or organization leader to a payroll or human resources employee.
  • The message usually starts with a simple greeting, like: “Hey, you in today?”
  • By the end of the email exchange, all of an organization’s Forms W-2 for their employees may be in the hands of cybercriminals.
  • Because payroll officials believe they are corresponding with an executive, it may take weeks for someone to realize a data theft has occurred.
  • Generally, the criminals are trying to quickly take advantage of their theft, sometimes filing fraudulent tax returns a day or two.

The IRS warns this scam is such a threat to taxpayers that a special IRS reporting process has been established. The IRS says employers victimized should:

  • Email dataloss@irs.gov to notify the IRS of a W-2 data loss and provide contact information. In the subject line, type “W2 Data Loss” so that the email can be routed properly. The business should not attach any employee personally identifiable information data.
  • Email the Federation of Tax Administrators at StateAlert@taxadmin.org to get information on how to report victim information to the states.
  • File a complaint with the FBI’s Internet Crime Complaint Center. Businesses and payroll service providers may be asked to file a report with their local law enforcement agency.
  • Notify employees. The employee may then take steps to protect themselves from identity theft. The Federal Trade Commission’s www.identitytheft.govprovides guidance on general steps employees should take.
  • Forward the scam email to phishing@irs.gov.
  • The IRS also recommends the following resources:
  • The IRS alert reminds businesses again about the growing challenges they face guarding sensitive tax, health and other employee benefit plan and other data about employees, customers, business partners and others. Aside from the disruptions businesses incur to organizations and relationships with employees, customers, business partners or others and often tremendous costs of investigation and mitigation, breaches also commonly trigger substantial legal liability under a myriad of federal and state laws and regulations, contracts, and common law tort claims. Businesses generally and Human Resources, tax and other systems and operations should take well documented steps to prevent and prepare for a potential breach.
  • About the Author

    Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of management focused employment, employee benefit and insurance, workforce and other management work, public policy leadership and advocacy, coaching, teachings, and publications.

    Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving and author of “What To Do When Your Employee’s Personal Life Becomes Your Business@ and a multitude of other highly regarded works on data protection and breach, her work includes career-long, leading edge involvement counseling and representing human resources, employee benefit, insurance and financial, tax, healthcare and other businesses about data and other sensitive information privacy and breach.

    Ms. Stamer’s clients include employers and other workforce management organizations; employer, union, association, government and other insured and self-insured health and other employee benefit plan sponsors, benefit plans, fiduciaries, administrators, and other plan vendors;   domestic and international public and private health care, education and other community service and care organizations; managed care organizations; insurers, third-party administrative services organizations and other payer organizations;  and other private and government organizations and their management leaders.

    Throughout her 30 plus year career, Ms. Stamer has continuously worked with these and other management clients to design, implement, document, administer and defend hiring, performance management, compensation, promotion, demotion, discipline, reduction in force and other workforce, employee benefit, insurance and risk management, health and safety, and other programs, products and solutions, and practices; establish and administer compliance and risk management policies; comply with requirements, investigate and respond to government, accreditation and quality organizations, regulatory and contractual audits, private litigation and other federal and state reviews, investigations and enforcement actions; evaluate and influence legislative and regulatory reforms and other regulatory and public policy advocacy; prepare and present training and discipline;  handle workforce and related change management associated with mergers, acquisitions, reductions in force, re-engineering, and other change management; and a host of other workforce related concerns. Ms. Stamer’s experience in these matters includes supporting these organizations and their leaders on both a real-time, “on demand” basis with crisis preparedness, intervention and response as well as consulting and representing clients on ongoing compliance and risk management; plan and program design; vendor and employee credentialing, selection, contracting, performance management and other dealings; strategic planning; policy, program, product and services development and innovation; mergers, acquisitions, bankruptcy and other crisis and change management; management, and other opportunities and challenges arising in the course of workforce and other operations management to improve performance while managing workforce, compensation and benefits and other legal and operational liability and performance.

    Past Chair of the ABA Managed Care & Insurance Interest Group and, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, heavily involved in health benefit, health care, health, financial and other information technology, data and related process and systems development, policy and operations throughout her career, and scribe of the ABA JCEB annual Office of Civil Rights agency meeting, Ms. Stamer also is widely recognized for her extensive work and leadership on leading edge health care and benefit policy and operational issues. She regularly helps employer and other health benefit plan sponsors and vendors, health industry, insurers, health IT, life sciences and other health and insurance industry clients design, document and enforce plans, practices, policies, systems and solutions; manage regulatory, contractual and other legal and operational compliance; vendors and suppliers; deal with Medicare, Medicaid, CHIP, Medicare/Medicaid Advantage, ERISA, state insurance law and other private payer rules and requirements; contracting; licensing; terms of participation; medical billing, reimbursement, claims administration and coordination, and other provider-payer relations; reporting and disclosure, government investigations and enforcement, privacy and data security; and other compliance and enforcement; Form 990 and other nonprofit and tax-exemption; fundraising, investors, joint venture, and other business partners; quality and other performance measurement, management, discipline and reporting; physician and other workforce recruiting, performance management, peer review and other investigations and discipline, wage and hour, payroll, gain-sharing and other pay-for performance and other compensation, training, outsourcing and other human resources and workforce matters; board, medical staff and other governance; strategic planning, process and quality improvement; HIPAA administrative simplification, meaningful use, EMR, HIPAA and other technology, data security and breach and other health IT and data; STARK, antikickback, insurance, and other fraud prevention, investigation, defense and enforcement; audits, investigations, and enforcement actions; trade secrets and other intellectual property; crisis preparedness and response; internal, government and third-party licensure, credentialing, accreditation, HCQIA, HEDIS and other peer review and quality reporting, audits, investigations, enforcement and defense; patient relations and care; internal controls and regulatory compliance; payer-provider, provider-provider, vendor, patient, governmental and community relations; facilities, practice, products and other sales, mergers, acquisitions and other business and commercial transactions; government procurement and contracting; grants; tax-exemption and not-for-profit; 1557 and other Civil Rights; privacy and data security; training; risk and change management; regulatory affairs and public policy; process, product and service improvement, development and innovation, and other legal and operational compliance and risk management, government and regulatory affairs and operations concerns.

    A former lead consultant to the Government of Bolivia on its Pension Privatization Project with extensive domestic and international public policy concerns in pensions, healthcare, workforce, immigration, tax, education and other areas, Ms. Stamer has been extensively involved in U.S. federal, state and local health care and other legislative and regulatory reform impacting these concerns throughout her career. Her public policy and regulatory affairs experience encompasses advising and representing domestic and multinational private sector health, insurance, employee benefit, employer, staffing and other outsourced service providers, and other clients in dealings with Congress, state legislatures, and federal, state and local regulators and government entities, as well as providing advice and input to U.S. and foreign government leaders on these and other policy concerns.

    Author of leading works on a multitude of labor and employment, compensation and benefits, internal controls and compliance, and risk management matters and a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her thought leadership, experience and advocacy on these and other related concerns by her service in the leadership of the Solutions Law Press, Inc. Coalition for Responsible Health Policy, its PROJECT COPE: Coalition on Patient Empowerment, and a broad range of other professional and civic organizations including North Texas Healthcare Compliance Association, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children (now Warren Center For Children); current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, past Representative and chair of various committees of ABA Joint Committee on Employee Benefits; an ABA Health Law Coordinating Council representative, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, a former member of the Board of Directors of the Southwest Benefits Association and others.

    For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

    About Solutions Law Press, Inc.™

    Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources here such as the following:

    If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.

    NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advise or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The presenter and the program sponsor disclaim, and have no responsibility to provide any update or otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

    Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.

    ©2018 Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions Law Press, Inc.™ For information about republication or the topic of this article, please contact the author directly. All other rights reserved.


    Maintaining Current Enterprise Wide Security Risk Assessment Critical To Managing HIPAA Security Rule & Other Breach Risks

    October 17, 2018

    Following on the heels of Monday’s announcement that Anthem, Inc. is paying a record setting $16 million to resolve charges its violations of the enterprise risk assessment and other requirements of the Health Insurance Portability & Accountability Act (HIPAA) Security Rule allowed cybercriminals to breach the electronic protected health information (ePHI) of more than 79 million patients, physicians and other health care providers, health plans and health insurers, health care clearinghouses (covered entities) and their service providers acting as their business associates (business associates) (hereafter collectively “HIPAA Entities”) should reconfirm their own and their business associates’ compliance with the HIPAA Security Rule’s enterprise risk assessment and other ePHI security requirements. In addition, employer, union, association and other health plan sponsors and fiduciaries should consider incorporating enterprise risk assessments of their health plans and its vendors as well as specific contractual assurance requirements into their business associate agreements to help mitigate their health plan related liabilities and risks.

    When conducting these assessments, HIPAA Entities generally will want to ensure that their new enterprise risk assessment documents their consideration of the newly updated Security Risk Assessment (SRA) Tool jointly announced yesterday (October 16, 2018) by the Department of Health & Human Services (HHS) Office of the National Coordinator for Health Information Technology (ONC) and OCR, lessons shared in OCR’s $16 million Anthem, Inc. resolution agreement, $5.55 million resolution agreement with Memorial Healthcare System and other OCR HIPAA resolution agreements, civil monetary penalty assessments and other Security Rule guidance, as well as other emergent internal and external data suggesting potential susceptibilities of their own systems and data to breach or loss.

    HIPAA Entities are reminded that HIPAA requires that all HIPAA covered entities and business associates to conduct an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of electronic protected health information held by their organization.  Any HIPAA Entity that hasn’t already conducted a recent, appropriately documented enterprise wide risk analysis or updated their analysis in response to changes in equipment, vendors or emerging threats and developments should do so as soon as possible.

    HIPAA’s requirement that HIPAA entities conduct and maintain an appropriately comprehensive and timely updated enterprise-wide risk analysis of potential security threats to ePHI both an affirmative requirement of the HIPAA Security Rule and an indispensable process to help healthcare organizations understand their security posture to prevent, detect, respond to and mitigate potential legal, operational and reputational costs that commonly result when ePHI or other sensitive information is breached or destroyed.

    The importance of HIPAA entities having and being able to produce in the event of a breach or OCR audit an up-to-date, comprehensively enterprise risk assessment and response plan cannot be overstated.  Beyond OCR’s publication of extensive regulatory guidance and educational outreach discussing the responsibility to conduct and maintain documentation of appropriate enterprise risk assessments, virtually every announced HIPAA Security Rule civil monetary penalty assessment and other enforcement action identifies violation of the HIPAA Security Rule’s enterprise risk assessment requirements among the material transgressions committed and required to be corrected by HIPAA entities like Anthem, Inc. subjected to Security Rule enforcement.

    The updated SRA Tool jointly released by OCR and ONC on October 16, 2018 further reinforces the importance of complying with the enterprise wide risk assessment requirement while simultaneously encouraging and facilitating compliance by small to medium sized health care practices.  Particularly designed with an eye to helping health care providers that work as solo practitioners or in groups with 10 or less health care providers and their business associates identify risks and vulnerabilities to ePHI, OCR says the updated SRA Tool “provides enhanced functionality to document how such organizations can implement or plan to implement appropriate security measures to protect ePHI” and incorporates new features to make the tool “more user friendly.” New features OCR hopes will make the SRA tool more user friendly include:

    • Enhanced User Interface
    • Modular workflow with question branching logic
    • Custom Assessment Logic
    • Progress Tracker
    • Improved Threats & Vulnerabilities Rating
    • Detailed Reports
    • Business Associate and Asset Tracking
    • Overall improvement of the user experience

    HIPAA Entities should take note, however, that as of its October 16, 2018 released date, the updated version of the SRA Tool currently is only available in Windows format.  OCR has indicated that the OCR and ONC have not yet updated the OS iPad version of the previously published version of the SRA Tool. While the previous OS iPad version remains available at the Apple App Store exit disclaimer icon (search under “HHS SRA Tool”), HIPAA Entities that presently use or plan to use the OS iPad tool should consider comparing the prior tool against the updated Windows SRA Tool to verify the continued suitability of its continued use and any adjustments in understanding or application that might be warranted by these differences.  Additionally, HIPAA Entities also should review the revised User Guide available on the SRA Tool’s website before starting the assessment.

    While the SRA Tool provides valuable guidance to help HIPAA Entities to conduct their own enterprise wide risk assessment, HIPAA Entities should keep in mind that the responsibility to assess their enterprise wide risk and to update their security safeguards to respond to these risks is a continuous one.  While using the SRA Tool is an excellent starting point for beginning this assessment, HIPAA Entities need to realize that OCR expects HIPAA Entities to tailor their assessments to identify and respond to the full range of risks and exposures to their ePHI and associated systems and to constantly reevaluate and adjust these assessments in response to emerging system and ePHI threats identified in the course of their operations as well as external developments suggesting previously unidentified or inadequately appreciated threats.  Moreover, in addition to conducting the risk assessment, OCR regulatory guidance and guidance drawn from OCR’s civil monetary settlements resolution agreements and other enforcement and audit activities also make clear that in addition to conducting the enterprise wide risk analysis, HIPAA entities also need to be prepared to produce documentation that their organizations took appropriate and timely action to address the risks identified in the risk assessment in accordance with the HIPAA Security Rule.

    In addition to mitigate their exposure to potentially substantial HIPAA civil monetary penalties for violating the HIPAA Security Rule, HIPAA Entities also should keep in mind the potential role that their conduct and maintenance of appropriately comprehensive enterprise wide security risk assessments can play in helping to mitigate other legal, financial, operational and reputational risks that commonly also arise along with the HIPAA exposures associated with a breach of HIPAA.  In addition to HIPAA’s Security Rules for ePHI, HIPAA Entities typically also are subject to a hodgepodge of non-HIPAA statutory, regulatory and/or contractual obligations to safeguard patient, employee, business partners and other individual, financial, health, tax, peer review and credentialing, trade secrets and other confidential information against improper use, access, destruction or disclosure.  Examples of such obligations include the privacy and data security rules of the Fair and Accurate Credit Transaction Act (FACTA), the Internal Revenue Code and other tax laws, federal and state consumer debt and information, electronic crime, data security and identity theft statutes; federal and state trade secret and intellectual property laws; and others, for which violations often equal or substantially exceed the civil monetary penalty liability that commonly arise under the HIPAA Security Rule.  The experience of Anthem, Inc. illustrates this point.  While the $16 million resolution payment that OCR announced Anthem, Inc. is paying to resolve its HIPAA civil monetary penalty exposures for allowing the breach of the ePHI of 79 million individuals, this payment reflects only a very small portion of the overall liability that Anthem, Inc. incurred from data breach that lead to this resolution payment.  Anthem, Inc. also separately already reportedly also has paid more than $115 million to settle other statutory and contractual liabilities arising from the breach separate as well as substantial investigatory and defense costs in addition to the HIPAA liabilities settled under the resolution agreement announced Monday.  Other HIPAA Entities subjected to HIPAA civil monetary penalties or paying resolution payments to OCR also typically also have incurred substantial non-HIPAA sanctions and settlements, as well as other defense, investigation, operational and reputational losses as a result of their breaches.  HIPAA Entities should strive to ensure that their HIPAA enterprise wide risk assessment and compliance efforts are properly coordinated and administered to manage these overall risks and responsibilities in addition to their HIPAA-specific responsibilities and liabilities.

    Beyond these generally applicable breach related risks, health plan sponsors and fiduciaries also need to be concerned about potential fiduciary responsibility obligations of fiduciaries under the Employee Retirement Income Security Act, plan and employer confidentiality requirements under the Internal Revenue Code, and other legal or contractual obligations to participants or employees, indemnification obligations to vendors and operational and trust disruptions that can result from a breach of sensitive health plan data or associated systems or records.  Meanwhile, third party administrators, insurers, brokers, consultants, accountants and other vendors also typically face their own unique their own unique licensure, ethics and contractual  responsibilities.

    Because enterprise wide risk assessments and discussions of their structuring, scope and findings are likely to produce legally sensitive evidence, HIPAA Entities are encouraged to seek the advice of qualified and suitably experienced legal counsel about the advisability of conducting all or certain aspects of an enterprise wide risk analysis and their documentation of their risk evaluation and response to take advantage of possible attorney-client privilege, work-product or other evidentiary rules before or throughout the risk assessment and response process and deliberations.

    About The Author

    A practicing attorney and Managing Shareholder of Cynthia Marcotte Stamer, P.C, Cynthia Marcotte Stamer’s more than 30 years’ of leading edge work as an practicing attorney, author, lecturer and industry and policy thought leader have resulted in her recognition as a “Top” attorney in employee benefits, labor and employment and health care law.

    Board certified in labor and employment law by the Texas Board of Legal Specialization, a Fellow in the American College of Employee Benefit Counsel, Scribe for the American Bar Association (ABA) Joint Committee on Employee Benefits (JCEB) Annual Agency Meeting with the Office of Civil Rights and a former JCEB Council Representative; former Chair of the ABA Health Law Section Managed Care & Insurance Interest Group; and past Chair, former Welfare Benefit Committee Co-Chair and current Fiduciary Responsibility Committee Co-Chair of the American Bar Association (ABA) RPTE Section Employee Benefits Group, former Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, Ms. Stamer is recognized nationally and internationally for her practical and creative insights and leadership on HIPAA and other health care, managed care and insurance, and other employee benefit, human resources, and related antitrust, corporate, privacy and data security, tax and other internal controls, regulatory affairs and public policy concerns.

    Ms. Stamer’s legal and management consulting work throughout her career has focused on helping organizations and their management use the law and process to manage people, process, compliance, operations and risk. Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer helps public and private, domestic and international health, insurance and financial security, and other businesses, governments, and other organizations and their leaders manage their employees, vendors and suppliers, and other workforce members, customers and other’ performance, compliance, compensation and benefits, operations, risks and liabilities, as well as to prevent, stabilize and cleanup legal and operational crises large and small that arise in the course of operations.

    In this respect, Ms. Stamer works with businesses and their management, employee benefit plans, governments and other organizations deal with all aspects of human resources and workforce, regulatory compliance and operational and performance management. She supports her clients both on a real time, “on demand” basis and with longer term basis to deal with daily performance management and operations, emerging crises, strategic planning, process improvement and change management, investigations, defending litigation, audits, investigations or other enforcement challenges, government affairs and public policy.

    Well known for her extensive work with health care, insurance and other highly regulated entities on corporate compliance, internal controls and risk management, her clients range from highly regulated entities like employers, contractors and their employee benefit plans, their sponsors, management, administrators, insurers, fiduciaries and advisors, technology and data service providers, health care, managed care and insurance, financial services, government contractors and government entities, as well as retail, manufacturing, construction, consulting and a host of other domestic and international businesses of all types and sizes.

    As a key part of this work, Ms. Stamer uses her deep and highly specialized health, insurance, labor and employment and other knowledge and experience to help health industry, insurance and financial services and other employers and other employee benefit plan sponsors; health, pension and other employee benefit plans, their fiduciaries, administrators and service providers, insurers, and others design legally compliant, effective compliance and internal controls, risk management, human resources and other workforce performance, discipline, compensation, employee benefits and related programs, products and arrangements.

    In the course of this work, Ms. Stamer has accumulated an impressive resume of experience advising and representing clients on HIPAA and other privacy and data security concerns. The scribe for the American Bar Association (ABA) Joint Committee on Employee Benefits annual agency meeting with the Department of Health & Human Services Office of Civil Rights for several years, Ms. Stamer has worked extensively with health plans, health care providers, health care clearinghouses, their business associates, employer and other sponsors, banks and other financial institutions, and others on risk management and compliance with HIPAA and other information privacy and data security rules, investigating and responding to known or suspected breaches, defending investigations or other actions by plaintiffs, OCR and other federal or state agencies, reporting known or suspected violations, business associate and other contracting, commenting or obtaining other clarification of guidance, training and enforcement, and a host of other related concerns. Her clients include public and private health plans, health insurers, health care providers, banking, technology and other vendors, and others. Beyond advising these and other clients on privacy and data security compliance, risk management, investigations and data breach response and remediation, Ms. Stamer also advises and represents clients on OCR and other HHS, Department of Labor, IRS, FTC, DOD and other health care industry investigation, enforcement and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns. She also is the author of numerous highly acclaimed publications, workshops and tools for HIPAA or other compliance including training programs on Privacy & The Pandemic for the Association of State & Territorial Health Plans, as well as HIPAA, FACTA, PCI, medical confidentiality, insurance confidentiality and other privacy and data security compliance and risk management for Los Angeles County Health Department, ISSA, HIMMS, the ABA, SHRM, schools, medical societies, government and private health care and health plan organizations, their business associates, trade associations and others.

    Ms. Stamer also is deeply involved in helping to influence the health care, workforce, insurance and financial services, employee benefit, privacy and data security and other federal, state and local laws, regulations and enforcement actions. She both helps her clients respond to and resolve emerging regulations and laws, government investigations and enforcement actions and helps them shape the rules through dealings with Congress and other legislatures, regulators and government officials domestically and internationally. A former lead consultant to the Government of Bolivia on its Social Security reform law and most recognized for her leadership on U.S. health and pension, wage and hour, tax, education and immigration policy reform, Ms. Stamer works with U.S. and foreign businesses, governments, trade associations, and others on workforce, social security and severance, health care, immigration, privacy and data security, tax, ethics and other laws and regulations. Founder and Executive Director of the Coalition for Responsible Healthcare Policy and its PROJECT COPE: the Coalition on Patient Empowerment and a Fellow in the American Bar Foundation and State Bar of Texas. She also works as a policy advisor and advocate to health, insurance and financial services, employee benefits and other business, professional and civic organizations.

    Author of the thousands of publications and workshops these and other employment, employee benefits, health care, insurance, workforce and other management matters, Ms. Stamer also is a highly sought out speaker and industry thought leader known for empowering audiences and readers. Ms. Stamer’s insights on employee benefits, insurance, health care and workforce matters in Atlantic Information Services, The Bureau of National Affairs (BNA), InsuranceThoughtLeaders.com, Benefits Magazine, Employee Benefit News, Texas CEO Magazine, HealthLeaders, Modern Healthcare, Business Insurance, Employee Benefits News, World At Work, Benefits Magazine, the Wall Street Journal, the Dallas Morning News, the Dallas Business Journal, the Houston Business Journal, and many other publications. She also has served as an Editorial Advisory Board Member for human resources, employee benefit and other management focused publications of BNA, HR.com, Employee Benefit News, InsuranceThoughtLeadership.com and many other prominent publications. Ms. Stamer also regularly serves on the faculty and planning committees for symposia of LexisNexis, the American Bar Association, ALIABA, the Society of Employee Benefits Administrators, the American Law Institute, ISSA, HIMMs, and many other prominent educational and training organizations and conducts training and speaks on these and other management, compliance and public policy concerns.

    Ms. Stamer also has a lifelong history of involvement with and service with a diverse range of professional, community and charitable organizations and causes including as founder and Executive Director of the Coalition for Responsible Health Care Policy and its PROJECT COPE: Coalition for Patient Empowerment; technical advisor to the National Physicians’ Council for Health Care Policy; a founding Board Member and President of the Alliance for Healthcare Excellence and its Patient Empowerment and Health Care Heroes Projects; a Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; the Board President of the early childhood development intervention agency, The Richardson Development Center for Children; a member of the Dallas United Way Long Range Planning Committee; as well as leadership involvement in the ABA Joint Committee on Employee Benefits Council, the North Texas Healthcare Compliance Professionals Association; the ABA RPTE Employee Benefits & Other Compensation Committee, the ABA Health Law Section, the ABA International Section Life Sciences Committee, and the ABA TIPS Employee Benefit Committee; TEGE Coordinator of the Gulf Coast TEGE Council TE Division; Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee; a member of the Board of Directors of the Southwest Benefits Association; Dallas, Regional and State BACPAC Chair of the Texas Association of Business; SHRM Regional Chair and National Advisory Board Chair; WEB Network of Benefits Professionals National and Dallas Boards; as a contributing author and the Advisory Board member of the BNA EBCD CD, InsuranceThoughtLeadership.com, HR.com, Employee Benefit News, and many other publications and as chair or planning faculty of a multitude of symposia.. For additional information about Ms. Stamer, see www.cynthiastamer.com, or contact Ms. Stamer via email here or via telephone to (214) 452.8297.

    About Solutions Law Press, Inc.™

    Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also may be interested reviewing other Solutions Law Press, Inc.™ resources at www.solutionslawpress.com such as:

    If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating or updating your profile here.

    ©2018 Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions Law Press, Inc.  All other rights reserved.

     

     

     


    Free Poster for Upcoming October National Disability Employment Awareness Month 2018 Available

    August 10, 2018

    The official poster for the upcoming National Disability Employment Awareness Month 2018 in October is now available in both English and Spanish. You can download the free poster from the Office of Disability Employment (ODEP) website here or order it in hard copy here.

    Observed each October, NDEAM celebrates the contributions of workers with disabilities and educates about the value of a workforce inclusive of their skills and talents.

    The 2018 National Disability Employment Awareness Month (NDEAM) theme is “America’s Workforce: Empowering All.”

    In keeping with this theme, the 2018 poster features an office scene of coworkers with and without disabilities, and highlights the theme of “America’s Workforce: Empowering All.”


    July 5, 2018

    Construction industry and other employers of employees working in summer heat impacted environments need to take appropriate steps to prevent heat related injuries and illnesses

    Every year, dozensof workers die and thousands more become ill while working in extreme heat or humid conditions. More than 40 percent of heat-related worker deaths occur in the construction industry, but workers in every field are susceptible.

    Working in extreme heat without appropriate precautions creates heightened risk of a range of heat illnesses. These risks can affect anyone, regardless of age or physical condition.

    Employer Responsibility to Protect Workers

    Protecting workers from extreme heat generally is part of the responsibility of an employer to provide a safe workplace under the Occupational Health & Safety Act (OSHA) and state occupational health and safety statutes.

    Aside from the worker’s compensation, medical and disability costs and workplace disruptions that heat related illness can create, heat related injuries or illnesses to workers also create risks of civil penalties and other liabilities under OSHA.

    To minimize risks of heat related OSHA violations and other exposures, an employer of workers exposed to high temperatures should establish and document their training and administration of a complete heat illness prevention program that meets or exceeds applicable OSHA standards.

    Resources

    OSHA’s Occupational Exposure to Heat page explains what employers can do to keep workers safe and what workers need to know – including factors for heat illness, adapting to working in indoor and outdoor heat, protecting workers, recognizing symptoms, and first aid training. The page also includes resources for specific industries and OSHA workplace standards.

    Employers can help promote compliance and reduce heat related injury risks by training and requiring workers and their management to use three common sense elements for preventing heat related injuries and deaths to workers – Water. Rest. Shade.

    OSHA guidance urges employers to prevent heat-related injuries by taking the following steps:

    • Provide workers with water, rest and shade.
    • Allow new or returning workers to gradually increase workloads and take more frequent breaks as they acclimatize, or build a tolerance for working in the heat.
    • Plan for emergencies and train workers on prevention.
    • Monitor workers for signs of illness.
    • Take prompt action to provide appropriate intervention and medical care in response to signs of potential heat related health issues.

    To ensure that they can prove these expectations are met, Most employers will want to adopt specific policies require in well-documented compliance with these requirements.

    About The Author

    If you need more information about or help with these or other workplace concerns, the author of this article may be able to help.

    Board Certified in Labor and Employment Law, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation; Former Chair of the RPTE Employee Benefits and Compensation Committee, a current Co-Chair of the Committee, and the former Chair of its Welfare Benefit and its Defined Compensation Plan Committees and former RPTE Joint Committee on Employee Benefits Council (JCEB) Representative, Cynthia Marcotte Stamer is a Martindale-Hubble “AV-Preeminent” practicing management attorney, consultant, coach, author, public policy advocate, author and lecturer repeatedly recognized for her 30 plus years’ of work and pragmatic thought leadership, publications and training on labor and employment, compensation, health, pension and other employee benefit, insurance, and health care  fiduciary responsibility, payment, investment, contracting  and other design, administration and compliance concerns as among the “Top Rated Labor & Employment Lawyers in Texas,” a “Legal Leader,” a “Top Woman Lawyer” and with other awards by LexisNexis® Martindale-Hubbell®; as among the “Best Lawyers In Dallas” for her work in the field of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, in International Who’s Who of Professionals and with numerous other awards and distinctions.

    Highly valued for her ability to meld her extensive legal and industry knowledge and experience with her talents as an insightful innovator and pragmatic problem solver, Ms. Stamer advises, represents and defends employer, union, multi-employer, association and other employee benefit plan sponsors, insurers and managed care organizations, fiduciaries, plan administrators, technology and other service providers, government and community leaders and others about health and other employee benefit and insurance program and policy design and innovation, funding, documentation, administration, communication, data security and use, contracting, plan, public and regulatory reforms and enforcement, and other risk management, compliance and operations matters. Her experience encompasses leading and supporting the development and defense of innovative new policies, programs, practices and solutions; advising and representing clients on routine plan establishment, plan documentation and contract drafting and review, administration, change and other compliance and operations; crisis prevention and response, compliance and risk management audits and investigations, enforcement actions and other dealings with the US Congress, Departments of Labor, Treasury, Health & Human Services, Federal Trade Commission, Justice, Securities and Exchange Commission, Education and other federal agencies, state legislatures, attorneys general, insurance, labor, worker’s compensation, and other agencies and regulators, and various other foreign and domestic governmental bodies and agencies. She also provides strategic and other supports clients in defending litigation as lead strategy counsel, special counsel and as an expert witness. Alongside her extensive legal and operational experience, Ms. Stamer also is recognized for her work as a public and regulatory policy advocate and community leader with a gift for finding pragmatic solutions and helping to forge the common ground necessary to build consensus. Best known for her domestic public policy and community leadership on health care and insurance reform, Ms. Stamer’s lifelong public policy and community service involvement includes service as a lead consultant to the Government of Bolivia on its pension privatization project, as well as extensive legislative and regulatory reform, advocacy and input workforce, worker classification, employee benefit, public health and healthcare, social security and other disability and aging in place, education, migration reforms domestically and internationally throughout her adult life. In addition to her public and regulatory policy involvement, Ms. Stamer also contributes her service and leadership to a professional and civic organizations and efforts including her involvement as the Founder and Executive Director of the Coalition on Responsible Health Policy and its PROJECT COPE; Coalition on Patient Empowerment, a founding Board Member and past President of the Alliance for Healthcare Excellence; Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee; Vice Chair, Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group; current Fiduciary Responsibility Committee Co-Chair and Membership Committee member of the ABA RPTE Section; former RPTE Employee Benefits and Other Compensation Group Chair, former Chair and Co-Chair of its Welfare Plans Committee, and Defined Contribution Plans Committee; former RPTE Representative to ABA Joint Committee on Employee Benefits Council; former RPTE Representative to the ABA Health Law Coordinating Counsel; former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, former Board Member, Continuing Education Chair and Treasurer of the Southwest Benefits Association; Vice President of the North Texas Healthcare Compliance Professionals Association; past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children; past Dallas World Affairs Council Board Member, and in leadership of many other professional, civic and community organizations. Ms. Stamer also is a highly popular lecturer, symposia chair and author, who publishes and speaks extensively on health and managed care industry, human resources, employment and other privacy, data security and other technology, regulatory and operational risk management for the American Bar Association, ALI-ABA, American Health Lawyers, Society of Human Resources Professionals, the Southwest Benefits Association, the Society of Employee Benefits Administrators, the American Law Institute, Lexis-Nexis, Atlantic Information Services, The Bureau of National Affairs (BNA), InsuranceThoughtLeaders.com, the Society of Professional Benefits Administrators, Benefits Magazine, Employee Benefit News, Texas CEO Magazine, HealthLeaders, the HCCA, ISSA, HIMSS, Modern Healthcare, Managed Healthcare, Institute of Internal Auditors, Society of CPAs, Business Insurance, Employee Benefits News, World At Work, Benefits Magazine, the Wall Street Journal, the Dallas Morning News, the Dallas Business Journal, the Houston Business Journal, and many other symposia and publications. She also has served as an Editorial Advisory Board Member for human resources, employee benefit and other management focused publications of BNA, HR.com, Employee Benefit News, InsuranceThoughtLeadership.com and many other prominent publications and speaks and conducts training for a broad range of professional organizations and for clients, serves on the faculty and planning committee of many workshops, seminars, and symposia, and on the Advisory Boards of InsuranceThoughtLeadership.com, HR.com, Employee Benefit News, and many other publications.

    Beyond these involvements, Ms. Stamer also is active in the leadership of a broad range of other public policy advocacy and other professional and civic organizations and involvements. Through these and other involvements, she helps develop and build solutions, build consensus, garner funding and other resources, manage compliance and other operations, and take other actions to identify promote tangible improvements in health care and other policy and operational areas.

    Before founding her current law firm, Cynthia Marcotte Stamer, P.C., Ms. Stamer practiced law as a partner with several prominent national and international law firms for more than 10 years before founding Cynthia Marcotte Stamer, P.C. to practice her unique brand of “Solutions law™” and to devote more time to the pragmatic policy and system reform, community education and innovation, and other health system improvement efforts of her PROJECT COPE: the Coalition on Patient Empowerment initiative.

    About Solutions Law Press, Inc.™

    Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources at SolutionsLawPress.com such as the following

    DOL Spending Reports Required As Taxpayer Tool Need Improvement

    Check & Protect Health & Other Electronic Systems & Data Against New Security Threat

    April 1 New Deadline To Update Benefit Plan Disability Determination Claims & Appeals Procesures; Hear More on 1/26

    Arizona Proposal To Ban Sexual Harassment Confidentiality Agreements Sign Of Growing Employer Risks

    $23M Penalty Small Part of 21st Century’s Data Breach Fallout; Offers Data Breach Lessons For Other Businesses

    Take Care of Your Good People

    Read Tax Cuts and Jobs Act Conference Report For Tax Reform From Source

    Check How IRS 2018 Retirement & Saving Plan Limits and Amounts Cost Of Living Adjustments Impact Your HR & Retirement Plan Administration & Planning

    IRS Prepares To Nail Employers Under Obamacare Mandate While Giving Some Individual Mandate Relief

    Hiring & Retaining Workers Growing Business Challenge

    If you or someone else you know would like to receive future updates about developments on these and other concerns, please provide your current contact information and preferences including your preferred e-mail by creating or updating your profile here.

    NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The presenter and the program sponsor disclaim, and have no responsibility to provide any update or otherwise notify any participant of any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

    Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.

    ©2018 Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions  Law Press, Inc.™   For information about republication, please contact the author directly.  All other rights reserved.


    Check & Protect Health & Other Electronic Systems & Data Against New Security Threat

    January 17, 2018

    Health plans, their employer, union, insurer or other sponsors, fiduciaries, administrative or other service providers and their vendors and advisors should act immediately to investigate if any action is needed to protect electronic protected health information or other sensitive data and systems in response to the following cyber risk alert from the Department Of Health and Human Services Office of Civil Rights.

    TLP: WHITE: ASPR/CIP HPH Cyber Notice: Meltdown and Spectre Vulnerability Guidance UPDATE #1

    January 17, 2018

    DISCLAIMER: This product is provided “as is” for informational purposes only. The Department of Health and Human Services (HHS) does not provide warranties of any kind regarding any information contained within. HHS does not endorse any commercial product or service referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header.

    TLP: WHITE information may be distributed without restriction (subject to standard copyright rules).

    Healthcare and Public Health Sector partners-

    The attached report is a technical update to the previously distributed HPH Cyber Notice covering chip vulnerabilities named Meltdown and Spectre. Both Meltdown and Spectre are vulnerabilities in how computer chips handle data that have the potential to expose sensitive information, such as protected health information (PHI), being processed on the chip.  As this information is protected from disclosure under HIPAA, Healthcare and Public Health (HPH) entities should employ risk management processes to address these vulnerabilities and ensure the security of medical records and other PHI.

    Major concerns for the HPH sector include but are not limited to:

    • Challenges identifying vulnerable medical devices and accessory medical equipment and ensuring patches are validated to prevent impacts to the intended use.

    • Cloud Computing: Potential PHI or Personally Identifiable Information (PII) data leakage in shared computing environments

    • Web browsers: Possible PHI/PII data leakage

    • Patches: Potential for service degradation and/or interruption from patches

    The detailed report can be found here: Technical Report on Widespread Processor Vulnerabilities


    $23M Penalty Small Part of 21st Century’s Data Breach Fallout; Offers Data Breach Lessons For Other Businesses

    January 5, 2018

    Continuing Fallout of 2015 Data Breach Provides Many Lessons For Other Businesses & Their Health Plans

    Read the rest of this entry »