Hospitality |

Biden-Harris To Require many Employers To Mandate Employee Vaccinations

September 9, 2021

The Biden- Harris Administration today announced it will require a multitude of US employees to adopt and enforce workplace COVID-19 vaccination mandates for their workers.

The mandate requirement generally will apply to all federal workers, government contractors and subcontractors, health care workers of facilities participating in Medicare or Medicaid And any employer with more than 100 employees.All Medicare and Medicaid certified health care facilities, and a broad range of other employers must prepare to meet impending new federal COVID-19 vaccine mandates announced by the Biden-Harris Administration today.

According to today’s announcements all healthcare facilities participating in Medicare or Medicaid, Federal government employees, federal government contractors or subcontractors and any business employing 100 or more employees will be required to ensure all staff are vaccinated against COVID-19.

The Biden-Harris Administration says the new health industry COVID-19 vaccine will be implemented through emergency regulations to be issued in October.

According to today’s announcement, the Centers for Medicare & Medicaid Service (“CMS”) in collaboration with the Centers for Disease Control (“CDC”) will issue an Interim Final Rule with Comment Period for health care providers in October that will apply vaccine mandates hospitals, dialysis facilities, ambulatory surgical settings, nursing homes and home health agencies, among others, as a condition for participating in the Medicare and Medicaid programs. This announcement expends the healthcare industry mandate beyond it’s originally planned applicability to nursing homes when announced last month.

In addition to the health industry mandate, the Biden-Harris Administration also announcementI it would impose new vaccine mandates for all federal government workers, government contractors and subcontractors, and all employers employing more than 100 employees.

In it’s announcement of the impending vaccination requirements, CDC urged health care facilities to prepare now to meet the new mandate in October. CMS expects certified Medicare and Medicaid facilities to act in the best interest of patients and staff by complying with new COVID-19 vaccination requirements.

The Administration is urging covered workers not currently vaccinated to begin the vaccination process immediately and facilities and employers to use all available resources to support employee vaccinations, including employee education and clinics, as they work to meet new federal requirements.

Beyond potential federal program participation losses, the new vaccine mandates likely adds vaccination to the list of safety safeguards that employers can expect to be required to enforce as part of the occupational safety rules of the Occupational Safety and Health Administration (“OSHA”).

While legal challenges to the mandate requirements are likely, most business andw that have not already adopted vaccine mandates are expected to adopt these mandates rather than face business losses and other sanctions.

Businesses that were supportive of mandates but fearful of the burdens of administering required accommodations under the Americans with Disabilities Act (”ADA”) or other civil rights laws are likely to welcome the Administration‘s new position. Unlike voluntary mandates, the ADA accommodation requirements do not apply to vaccination requirements required by law.

The new mandates also mean that businesses generally need to be concerned about potential OSHA exposure for failing to implement or enforce the mandates. OSHA already is sanctioning employers for violating COVID-19 related OSHA requirements. For instance, OSHA nailed Lakewood Resource and Referral Center Inc., dba Center for Education Medicine and Dentistry (CHEMED) with heavy fines for allegedly violating applicable COVID-19 safety guidelines in January, 2021.

In a July 23, 2021 citation letter, OSH proposes to fine CHEMED $273,064.00 for willfully violating OSHA by not providing a medical evaluation to determine each employee’s ability to use a N95 respirator, before the employee was fit tested or required to use the respirator in the workplace to protect against SARS-CoV-2 virus while testing suspected COVID-19 individuals.

In addition to the proposed fine, the citation also orders CHEMED to take a series of corrective actions and to post notices in the workplace informing workers of the violation.

Along with the CHEMED citation, OSH also cited a staffing agency contracted to provide nursing staffing to CHEMED, Homecare Therapies for also failing to conduct medical evaluations and fit tests. It received two violations and a proposed fine of $13,653.

In the face of these potential consequences, most covered health care facilities and other employers impacted by the mandate are likely to implement mandates unless and until these requirements are struct down by the courts or withdrawn.

Assuming the Administration follows appropriate procedures to adopt the rules, most legal commentators do not expect the legal challenges opposing the mandate orders to be successful in the courts particularly after the Supreme Court refused to overturn or hear arguments for overturning a unanimous decision of a three-judge panel of the United States Court of Appeals for the Seventh Circuit in Klassen v. Trustees of Indiana University that refused to enjoin a vaccine mandate imposed by Indiana University as a condition of student or staff in person participation in classes or other activities.

While most healthcare and other covered businesses are not expected to challenge the rules, compliance us likely to trigger backlash from some unvaccinated workers strongly opposed to becoming vaccinated. Employers may find that some employees will resign their employment or take other tactics to avoid becoming vaccinated. Even those who elect to become vaccinated to retain their employment are likely to express opposition and dissatisfaction that could create liability exposures for the employers if it becomes a basis for retaliation claim.

Employers in Texas and certain other states that have adopted rules restricting or prohibiting vaccine, mask or other mandates also may face challenges based on the state rules.

In light of these and other uncertainties and challenges, Healthcare and Other or Employers generally should seek legal advice and assistance from legal counsel experienced with the relevant health care, labor and employment, privacy and other concerns.

More Information

This article is republished by permission of the author, Cynthia Marcotte Stamer. To review the original work, see here.

Solutions Law Press, Inc. invites you to receive future updates by registering here and participating and contributing to the discussions in our Solutions Law Press, Inc. LinkedIn SLP Health Care Risk Management & Operations Group, HR & Benefits Update Compliance Group, and/or Coalition for Responsible Health Care Policy. If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here. For specific information about the these or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.

About the Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years working as an on demand, special project, consulting, general counsel or other basis with domestic and international business, charitable, community and government organizations of all types, sizes and industries and their leaders on labor and employment and other workforce compliance, performance management, internal controls and governance, compensation and benefits, regulatory compliance, investigations and audits, change management and restructuring, disaster preparedness and response and other operational, risk management and tactical concerns.

Most widely recognized for her work with health care, life sciences, insurance and data and technology organizations, she also has worked extensively with health plan and insurance, employee benefits, financial, transportation, manufacturing, energy, real estate, accounting and other services, public and private academic and other education, hospitality, charitable, civic and other business, government and community organizations. and their leaders.

Ms. Stamer has extensive experience advising, representing, defending, and training domestic and international public and private business, charitable, community and governmental organizations and their leaders, employers, employee benefit plans, their fiduciaries and service providers, insurers, and others has published and spoken extensively on these concerns. As part of these involvements, she has worked, published and spoken extensively on these and other human resources, employee benefits, compensation, worker classification and other workforce and other services; insurance; health care; workers’ compensation and occupational disease; business reengineering, disaster and distress; and many other performance, risk management, compliance, public policy and regulatory affairs, and other operational concerns.

A former lead advisor to the Government of Bolivia on its pension project, Ms. Stamer also has worked internationally and domestically as an advisor to business, community and government leaders on these and other legislative, regulatory and other legislative and regulatory design, drafting, interpretation and enforcement, as well as regularly advises and represents organizations on the design, administration and defense of workforce, employee benefit and compensation, safety, discipline, reengineering, regulatory and operational compliance and other management practices and actions.

Ms. Stamer also serves in leadership of a broad range of professional and civic organizations and provides insights and thought leadership through her extensive publications, public speaking and volunteer service with a diverse range of organizations including as Chair of the American Bar Association (“ABA”) Intellectual Property Section Law Practice Management Committee, Vice Chair of the International Section Life Sciences and Health Committee, Past ABA RPTE Employee Benefits & Other Compensation Group Chair and Council Representative and current Welfare Benefit Committee Co-Chair, Past Chair of the ABA Managed Care & Insurance Interest Group, past Region IV Chair and national Society of Human Resources Management Consultant Forum Board Member, past Texas Association of Business BACPAC Chair, Regional Chair and Dallas Chapter Chair, former Vice President and Executive Director of the North Texas Health Care Compliance Professionals Association, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation and many others.

For more information about these concerns or Ms. Stamer’s work, experience, involvements, other publications, or programs, see www.cynthiastamer.com, on Facebook, on LinkedIn or Twitter or e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns.

Comments Off on Biden-Harris To Require many Employers To Mandate Employee Vaccinations | Accommodation, ADA, board of directors, Civil Rights, Construction, Corporate Compliance, corporate governance, COVID, COVID-19, EEOC, employee, Employee Handbook, Employer, Employers, Employment, health Care, Hiring, Hospitality, HR, Human Resources, Internal Controls, Internal Investigations, Joint Employer, Management, OFCCP, Pandemic, Privacy, vaccination mandate, Worker, Workforce | Tagged: COVID, Employer, vaccine mandate | Permalink
Posted by Cynthia Marcotte Stamer

Businesses Face Increased Wage Costs & Risks From American Rescue Plan Act Of 2021 FLSA Minimum Wage Changes

March 2, 2021

U.S businesses will face sharply increased wage costs if Senate Democrats succeed in their plan to pass as soon as this week the American Rescue Plan Act of 2021 (the “Act”) passed by the House of Representatives on Friday, February 24, 2021.

One of many provisions impacting employers and their employee benefit plans in the Act that Congressional Democrats are pushing through as a COVID-19 relief package, Section 2101 of the Act amends the Fair Labor Standards Act of 1938 (“FLSA”) to increase immediately upon enactment the federal minimum wage employers covered by the FLSA must pay to most non-exempt employees (“regular rate”) by $2.25 per hour from the current rate of $7.25 to $9.50 per hour, then provides for additional annual increases the gradual increase of the federal minimum wage that will raise the regular rate to $15.00 per hour over the next four years. Beginning in 2026, the Act also provides for annual increases in the regular rate based on the median hourly wage of all employees as determined by the Bureau of Labor Statistics rounded up to the nearest multiple of $0.05. This means the regular minimum wage employers must pay most hourly employees would more than double by 2025 and continue to increase thereafter.

In addition, the Act also phases out current rules allowing employers to pay tipped employees, new employees under age 20 and handicapped employees less than the regular minimum wage over the next five years and raises the minimum wage the FLSA allows employers to pay those employees gradually over the intervening period, with the initial increases slated to take effect upon enactment.

As Senate Majority Leader Chuck Schumer has announced plans to bring the Act before the Senate for a vote as early as this week and President Biden committed to promptly sign the Act that is the centerpiece of the Democrats latest COVID-19 relief package, businesses are likely to feel the impact of the increased minimum wage and other mandates within days if not by month’s end.

These amendments will directly and immediately increase labor costs for non-exempt workers as well as employee benefit and fringe benefit costs and obligations tied to compensation or based on FLSA classifications. Other Biden-Harris Administration policies expanding the scope of the FLSA and other federal laws through revisions and enforcement of rules for characterizing workers as employees rather than independent contractors and enforcing expansive joint employer liability rules as well as other announced or expected Biden-Harris Administration proworker regulatory and enforcement changes almost certainly will expand the reach and implications of these changes. The Biden-Harris Administration’s January 20, 2021 Memorandum on Regulatory Freeze Pending Review suspended the implementation of the Trump Administration led Labor Department’s Final Rule: Independent Contractor Status under the Fair Labor Standards Act slated to take effect on March 8, 2021, which sought to restore and clarify historical more employer friendly policies for distinguishing employee versus independent contractor relationships for purposes of the FLSA, the WHD’s withdrawal of previously issued Trump Administration era opinions that applied that Administration’s more expansive view of independent contractor status, and WHD’s issuance of new opinions articulating and apply applying significantly narrower definitions of independent contractor and broader definitions of employees.

Based on the agenda announced by the Biden-Harris Administration, businesses also should expect the Biden-Harris Administration and private plaintiffs to use these more employee friendly interpretation and enforcement policies to attack employer characterizations of workers as contractors to justify nonpayment of minimum wage and overtime to those workers. Along with being forced to pay unpaid wages and overtime with interest, businesses unsuccessful in defending their worker classification characterizations can expect to face liquidated damage awards to private litigants equal to two times the amount of the back pay liability or in the case of WHD enforcement for repeated or willful violations, civil monetary penalties.

In assessing and managing these risks, businesses should evaluate their potential joint employer exposure to liability for unpaid minimum wage and overtime violations by other businesses providing labor or other services as the Biden-Harris Administration also is expected to seek to apply the much more expansive interpretation of joint employment applied during the Obama Administration abandoned during the Trump Administration.

These misclassification mistakes can be particularly costly. FLSA liabilities arising from misclassification of workers as independent contractors carry significant risk both because businesses often fail to pay required minimum wages or overtime as well as don’t keep required time records. The Biden-Harris Administration has made clear that it plans to move quickly to reimplement the regulatory and enforcement practices used during the Obama Administration to aggressively challenge employers’ characterization of workers as exempt from the FLSA’s minimum wage and overtime rules as independent contractors.

Considering these developments, all U.S. businesses and business leaders are well-advised both to begin preparing to comply with anticipated increases in federal minimum wage rates, as well as well as assess and take appropriate steps to mitigate their exposure to anticipated aggressive efforts to reclassify service providers considered to perform work as independent contractors, as contractors or employees of subcontractors or other businesses or both.

More Information

The FLSA reforms are only one of a number of provisions of the Act impacting employers and their employee benefit plans. For more a more comprehensive discussion of the FLSA amendments included in the Act, see here.

Solutions Law Press, Inc. also invites you receive future updates by registering here and participating and contributing to the discussions in our Solutions Law Press, Inc. LinkedIn SLP Health Care Risk Management & Operations Group, HR & Benefits Update Compliance Group, and/or Coalition for Responsible Health Care Policy. If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here. For specific information about the these or other legal, management or public policy developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.

About the Author

Most widely recognized for her work with workforce, health care, life sciences, insurance and data and technology organizations, she also has worked extensively with health plan and insurance, employee benefits, financial, transportation, manufacturing, energy, real estate, accounting and other services, public and private academic and other education, hospitality, charitable, civic and other business, government and community organizations. and their leaders.

Ms. Stamer has extensive experience advising, representing, defending and training domestic and international public and private business, charitable, community and governmental organizations and their leaders, employee benefit plans, their fiduciaries and service providers, insurers, and others has published and spoken extensively on these concerns. As part of these involvements, she has worked, published and spoken extensively on these and other federal and state wage and hour and other compensation, discrimination, performance management, and other related human resources, employee benefits and other workforce and services; insurance; workers’ compensation and occupational disease; business reengineering, disaster and distress; and many other risk management, compliance, public policy and performance concerns.

For more information about these concerns or Ms. Stamer’s work, experience, involvements, other publications, or programs, see www.cynthiastamer.com or contact Ms. Stamer via e-mail here.

About Solutions Law Press, Inc.™

Comments Off on Businesses Face Increased Wage Costs & Risks From American Rescue Plan Act Of 2021 FLSA Minimum Wage Changes | board of directors, Brokers, Civil Monetary Penalties, compensation, compliance, Construction, Corporate Compliance, corporate governance, COVID-19, directors, Economy, employee, Employee Benefits, Employees Under Age 20, Employer, Employers, Employment, Employment Policies, Fair Labor Standards Act, Fringe Benefit, Fringe Benefits, Government Contractors, government employer, Handicapped Employee, health benefit, Health Benefits, Health Plans, Hiring, Hospitality, HR, Human Resources, insurers, Joint Employer, Labor Management Relations, Labor Management Relations, Leadership, Management, Overtime, tipped employee, Tipped Employee | Tagged: American Resue Plan Act of 2021, Compensation, COVID-19 Relief, Employer, Fair Labor Standards Act, FLSA, Minimum Wage, wage and hour | Permalink
Posted by Cynthia Marcotte Stamer

Don’t Get Stuck Paying Another Employer’s Overtime Or Other Backpay

January 13, 2020

No business wants to get hit with a bill or judgement for unpaid overtime or other wages and penalties under the Fair Labor Standards Act (“FLSA”). It’s even worse when the order to pay is for back pay another business owed but didn’t pay. New FLSA joint employer regulations released today update the rules about when your business could get stuck paying another business’ backpay. That’s why all U.S. employers should re-evaluate their potential minimum wage, overtime, recordkeeping and other Fair Labor Standards Acts (“FLSA”) liability exposure from work performed by workers employed by subcontractors or contractors, staffing, leasing, manpower and workforce and other separate business entities in light of the new Final Rule: Joint Employer Status under the Fair Labor Standards Act (“Final Rule”) on determining joint employer status under the FLSA released by the Department of Labor Wage and Hour Division (“Labor Department”). The Labor Department released a copy of the Final Rule to the public today today (January 13, 2020) in anticipation of its scheduled official publication in the Federal Register on January 16, 2019.

Joint Employer Liability Long Standing FLSA Risk

Many businesses and their management are unaware that if their business meets the definition of a “joint employer” for purposes of the FLSA, their businesses could be required to pay unpaid wages and penalties another business owes for failing to pay minimum wage or overtime or other FLSA violations. even though their business never directly employed those workers. This is because the FLSA also makes business that are “joint employers” as defined for purposes of the FLSA jointly and severally liable with the direct employer for proper payment of wages and other compliance with the FLSA. The FLSA requires covered employers to pay their employees at least the federal minimum wage for every hour worked and overtime for every hour worked over 40 in a workweek. To be liable for paying minimum wage or overtime, an individual or entity must be an “employer,” which the FLSA defines in Section 3(d) to include “any person acting directly or indirectly in the interest of an employer in relation to an employee[.]” Under the FLSA, an employee may have—in addition to his or her employer—one or more joint employers. A joint employer is any additional “person” (i.e., an individual or entity) who is jointly and severally liable with the employer for the employee’s wages under the applicable Labor Department regulations.

While both the Labor Department and private litigants have used the joint employer rules and precedent to nail businesses for other employer’s wage and hour liability frequently for the past sixty plus years, Obama Administration changes in the Labor Department’s interpretation and enforcement of the joint employer rule have significantly broadened the scope of relationships found to constitute joint employment to include a broad range of subcontractor and other business relationships not historically recognized as triggering joint employer liability. Historically, joint employer determinations were reached by applying highly subjective, fact specific analysis heavily reliant upon decades of court decisions which required some evidence that the alleged joint employer possessed or exercised some control over the employees to support the finding of joint employment. Under these historical tests, mere benefit from work performed by individuals employed by another employer did not establish a presumption, much less proof of joint employment.

During the Obama Administration, however, the Department of Labor both stepped up its efforts to identify and enforce these joint employer provisions and concurrently without formally issuing new regulations adopted interpretive and enforcement guidelines for finding joint employer status that that significantly broadened the employment relationships that the Labor Department treated as joint employers in a manner that presumed the existence of a joint employment relationship whenever the alleged joint employer benefitted from the performance of work even when the facts showed little or any evidence that the alleged joint employer possessed or exercised any control over the employee or the details of his work. As a consequences, construction and other businesses uses contractors, health care organizations, and a host of other entities were surprised to be nailed with wage and hour liabilities arising from work performed by subcontractors, contractors, and other businesses including overtime liability attributable to work performed for the benefit of other customers of the employer.

Final Joint Employer Rule Changes Rules Effective March 16, 2020

Prompted by the Trump Administration’s broader effort to roll back these and other Obama Era pro-labor rulemaking and enforcement, the new Final Rule seeks to restore and reaffirm the requirement of evidence of the possession of authority or exercise of some traditional employer control by the alleged joint employer. Scheduled to take effect on March 16, 2020, the new Final Rule will continue to recognize two potential scenarios where an employee may have one or more joint employers based on a highly subjective analysis of the factual realities of an alleged joint employer with another business or businesses under two scenarios:

The employee has an employer who suffers, permits, or otherwise employs the employee to work, but another individual or entity simultaneously benefits from that work (“Scenario One”); versus
One employer employs an employee for one set of hours in a workweek, and another employer employs the same employee for a separate set of hours in the same workweek (“Scenario Two”).

The Final Rule modifies and clarifies the Labor Department’s historical joint employer rule as it relates to the determination of joint employment status in Scenario One situations but leaves substantially unchanged its existing rules on joint employer determinations in Scenario Two situations.

Finally, the Final Rule provides several examples of how the Department’s joint employer guidance should be applied in various factual circumstances

Final Rule Modifications To Existing Rules On Joint Employment in Scenario One Situations

Under the Final Rule in a Scenario One situation under which an employee performs work for the employer that simultaneously benefits another individual or entity, the Final Rule adopts a four-factor balancing test to determine whether the potential joint employer is directly or indirectly controlling the employee, assessing whether the potential joint employer:

hires or fires the employee;
supervises and controls the employee’s work schedule or conditions of employment to a substantial degree;
determines the employee’s rate and method of payment; and
maintains the employee’s employment records.

Businesses should keep in mind that proof of the exercise of exercise direct control over these details of employment of an employee is not required for a finding of joint employment. Indirect exercise of control is sufficient. Examples of indirect exercise of control recognized in the Final Regulations as supporting joint employer liability include control over an employee through mandatory directions to another employer that directly control the employee. However, indirect control does not include the direct employer’s voluntary decision to accommodate the potential joint employer’s request, recommendation, or suggestion. Similarly, acts that incidentally impact the employee do not indicate joint employer status. For example, a restaurant could request lower fees from its cleaning contractor, which, if agreed to, could impact the wages of the cleaning contractor’s employees. However, this request would not constitute an exercise of indirect control over the employee’s rate of payment.

Like under the prior rules and standards, whether a person is a joint employer under the new standards established in the Final Rule will continue to depend upon all the facts in a particular case, and the appropriate weight to give each factor will vary depending on the circumstances. Moreover, all of these factors need not be present for joint employment to exist. However, the Final Rule states the potential joint employer’s maintenance of the employee’s employment records alone will not lead to a finding of joint employer status. For purposes of its provisions, the Final Rule defines the “employment records” referred to in the fourth factor to mean only those records, such as payroll records, that reflect, relate to, or otherwise record information pertaining to the hiring or firing, supervision and control of the work schedules or conditions of employment, or determining the rate and method of payment of the employee.

Additionally, the Final Rule also notes that additional factors may also be relevant in determining whether another person is a joint employer in this situation, but only when they show whether the potential joint employer is exercising significant control over the terms and conditions of the employee’s work.

The Final Rule also identifies factors that are not relevant to the determination of FLSA joint employer status. For example, the Final Rule specifies that whether the employee is economically dependent on the potential joint employer, including factors traditionally used to establish whether a particular worker is a bona fide independent contractor (e.g., the worker’s opportunity for profit or loss, their investment in equipment and materials, etc.), are not relevant to determine joint employer liability. Economic dependence was an evidentiary factor promoted as evidence of joint employment in several Obama Administration era enforcement actions.

The Final Rule also identifies certain other factors that do not make joint employer status more or less likely under the Act which had been relied upon by the Labor Department under the Obama Administration era interpretation of the FLSA, including:

operating as a franchisor or entering into a brand and supply agreement, or using a similar business model;
the potential joint employer’s contractual agreements with the employer requiring the employer to comply with its legal obligations or to meet certain standards to protect the health or safety of its employees or the public;
the potential joint employer’s contractual agreements with the employer requiring quality control standards to ensure the consistent quality of the work product, brand, or business reputation; and
the potential joint employer’s practice of providing the employer with a sample employee handbook, or other forms, allowing the employer to operate a business on its premises (including “store within a store” arrangements), offering an association health plan or association retirement plan to the employer or participating in such a plan with the employer, jointly participating in an apprenticeship program with the employer, or any other similar business practice.

Additionally, the Final Rule makes clear that a finding of joint employer status in Scenario One situations must be based on an actual exercise of control by the alleged joint employer. In this respect, the Final Rule provides that although an individual or entity’s power, ability, or reserved contractual right to exercise control relating to one or more of the factors may be relevant in determining whether they are an FLSA joint employer, such power, ability, or reserved contractual rights are not in themselves sufficient to establish FLSA joint employer status without some actual exercise of control.

Final Rule Retains Existing Rules On Joint Employment In Scenario Two Situations

The Final Rule did not make any substantive changes to the standard for determining joint employer liability in Scenario Two situations. If the employers are acting independently of each other and are disassociated with respect to the employment of the employee, the Final Rule continues to provide that each employer may disregard all work performed by the employee for the other employer in determining its liability under the FLSA. However, if the factual realities show that the employers are sufficiently associated with respect to the employment of the employee, the Final Rule continues to state that the two businesses are joint employers and must aggregate the hours worked for each for purposes of determining if they are in compliance.

For purposes of the Scenario Two analysis, the Final Rule provides that employers generally will be sufficiently associated if there is an arrangement between them to share the employee’s services, the employer is acting directly or indirectly in the interest of the other employer in relation to the employee, or they share control of the employee, directly or indirectly, by reason of the fact that one employer controls, is controlled by, or is under common control with the other employer. Employers using manpower, staffing, employee leasing or other shared or part time workforces should keep in mind that a finding that their business is a joint employer with the supplier of the workers can result in liability for their business associated both for hours of work performed for the benefit of their business as well as any work the employee worked for another client of the supplier business. As these shared workforces often perform work for several competitors, ironically this often means that a joint employer often ends up payment overtime liability attributable to unpaid overtime or other wages performed for a competitor business or businesses that also are clients of the same partial workforce supplier.

Businesses Should Act To Assess & Mitigate Joint Employer & Other FLSA Liability

The Labor Departments that its adoption of the revisions to the joint employer rule made by the Final Rule will add greater certainty regarding what business practices may result in joint employer status: and promote greater uniformity among court decisions by providing a clearer interpretation of FLSA joint employer status. While the clarifications may help businesses to better predict certain relationships and arrangements that carry a higher risk of joint employer liability exposure, businesses must keep in mind that joint employer determinations under the Final Rule will continue to turn on highly subjective analysis of facts and circumstances that existing precedent suggests often finds the requisite evidence to find a joint employer relationship in many circumstances surprising to many business owners even taking into account the modifications made by the Final Rule, For this reason, virtually all businesses generally will want to critically evaluate their existing and prospective relationships for potential joint employer liability under the FLSA in light of the Final Regulations.

Businesses should look to the guidance in the new Final Rule initially to evaluate whether their existing or prospective relationships meet, or could be restructured to meet all of the requisites to avoid or reduce the risk of findings of joint employer status. When possible, businesses should seek to structure their contractual relationships and business dealings with other businesses to fit as closely as possible with those arrangements that the new Final Regulations identify as not constituting joint employer relationships in form and operation. When engaging in these efforts, businesses need to look beyond their contractual agreements to examine the factual realities of their relationships with other businesses realistically based upon a clear understanding of the historical precedent to avoid mischaracterizing their relationships and their associated risks. For added protection, businesses also should consider seeking contractual representations of compliance, coupled with requirements that other businesses whose employment practices could create joint employment risk provide records and other documentation needed to verify compliance and defend against potential joint employer liability claims.

Concurrently, businesses looking at FLSA joint employer liability risk management also should keep in mind that the new Final Rule only addresses joint employer determinations under the FLSA. This Final Rule does not address “joint employer” status or other characterizations of relationships under other federal employment laws, such as the National Labor Relations Act (NLRA), the Employee Retirement Income Security Act of 1974 (ERISA), the Migrant and Seasonal Agricultural Worker Protection Act, Title VII of the Civil Rights Act, state labor, tax, unemployment, workers’ compensation or other laws, which often apply different standards for finding joint employment or other imputed liability of businesses other than the direct or nominal employer. While different rules apply for those laws, government agencies and private litigants also increasingly successfully assert joint employer or other theories to impute liability to businesses that are not the nominal employer of workers protected by these laws. To effectively plan for a control their broader joint employer risk, most businesses benefit from looking at their exposure holistically taking into account the potential characterization and liabilities under all of these rules concurrently.

Before beginning these assessments, businesses and their leaders are encouraged to engage an attorney experienced in FLSA and other joint employer and other worker classification laws in light of the legally sensitive evidence and discussions inherently involved in this process. Conducting this analysis within the scope of attorney-client privilege helps protector limit the discoverability of sensitive discussions and work product in the event of a Labor Department investigation or litigation.

For More Information

We hope this update is helpful. For more information about this or other labor and employment developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452 -8297.

Solutions Law Press, Inc. invites you receive future updates by registering on our Solutions Law Press, Inc. Website and participating and contributing to the discussions in our Solutions Law Press, Inc. LinkedIn SLP Health Care Risk Management & Operations Group, HR & Benefits Update Compliance Group, and/or Coalition for Responsible Health Care Policy.

About the Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Law and Labor and Employment Law and Health Care; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, and a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for 30+ years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications.

Ms. Stamer’s work throughout her 30 plus year career has focused heavily on working with health care and managed care, health and other employee benefit plan, insurance and financial services, construction, manufacturing, staffing and workforce and other public and private organizations and their technology, data, and other service providers and advisors domestically and internationally with legal and operational compliance and risk management, performance and workforce management, regulatory and public policy and other legal and operational concerns. As a part of this work, she has continuously and extensively worked with domestic and international employer and other management, employee benefit and other clients to assess, manage and defend joint employer and other worker classifications and practices under the FLSA and other federal and state laws including both advising and and assisting employers to minimize joint employer and other FLSA liability and defending a multitude of employers against joint employer and other FLSA and other worker classification liability. She also has been heavily involved in advocating for the Trump Administration’s restoration of more historical principles for determining and enforcing joint employer liability over the past several years.

Author of hundreds of highly regarded books, articles and other publications, Ms. Stamer also is widely recognized for her scholarship, coaching, legislative and regulatory advocacy, leadership and mentorship on wage and hour, worker classification and a diverse range of other labor and employment, employee benefits, health and safety, education, performance management, privacy and data security, leadership and governance, and other management concerns within the American Bar Association (ABA), the International Information Security Association, the Southwest Benefits Association, and a variety of other international, national and local professional, business and civic organizations including highly regarded works on worker reclassification and joint employment liability under the FLSA and other laws published by the Bureau of National Affairs and others. Examples of these involvements include her service as the ABA Intellectual Property Law Section Law Practice Management Committee; the ABA International Section Life Sciences and Health Committee Vice Chair-Policy; a Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting and a former JCEB Council Representative and Marketing Chair; Past Chair of the ABA RPTE Employee Benefits and Other Compensation Group and Vice Chair of its Law Practice Management Committee; Past Chair of the ABA Managed Care & Insurance Interest Group; former Vice President and Executive Director of the North Texas Health Care Compliance Professionals Association, past Southwest Benefits Association Board member; past Texas Association of Business State Board Member, BACPAC Committee Meeting, Regional and Dallas Chapter Chair; past Dallas Bar Association Employee Benefits Committee Executive Committee; former SHRM Region IV Chair and National Consultants Forum Board Member; for WEB Network of Benefit Professionals National Board Member and Dallas Chapter Chair; former Dallas World Affairs Council Board Member; founding Board Member, past President and Patient Empowerment and Health Care Heroes founder for the Alliance for Health Care Excellence; former Gulf States TEGE Council Exempt Organizations Coordinator and Board member; past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, and involvement in a broad range of other professional and civic organizations. For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

NOTICE: These statements and materials are for general informational and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation in light of the specific facts and circumstances presented in their unique circumstance at any particular time. No comment or statement in this publication is to be construed as legal advice or an admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law is rapidly evolving and rapidly evolving rules makes it highly likely that subsequent developments could impact the currency and completeness of this discussion. The author and Solutions Law Press, Inc. disclaim, and have no responsibility to provide any update or otherwise notify anyone any such change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.

©2020 Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions Law Press, Inc.™ For information about republication, please contact the author directly. All other rights reserved.

Comments Off on Don’t Get Stuck Paying Another Employer’s Overtime Or Other Backpay | board of directors, Brokers, Construction, Corporate Compliance, employee, Employee Benefits, Employee Handbook, Employer, Employers, Employment, Employment Agreement, Employment Policies, enforcement, FLSA, Hiring, Hospitality, HR, Human Resources, Job, Labor Management Relations, Management, Managment, NLRA, Salaried, Union elections | Tagged: dues checkoff, Labor Law, Labor-Management, NLRA, NLRB | Permalink
Posted by Cynthia Marcotte Stamer

DOL Aggressively Targeting Restaurants For Wage & Hour & Child Labor Law Violations

November 3, 2016

Restaurant employers beware! Restaurants are the target of a highly successful, U.S. Department of Labor Wage and Hour Division (WHD) restaurant enforcement and compliance initiative that WHD already has used to nail a multitude of restaurants across the country for “widespread violations” of Fair Labor Standards Act (FLSA) minimum wage, overtime, child labor and other wage and hour laws (WH Law).

Having reportedly found WH Law violations in “nearly every one” of the WH Law investigations conducted against restaurant employers during 2016 and recovered millions of dollars of back pay and penalties from restaurants caught through investigations conducted under its WHD Restaurant Enforcement Initiative, WHD Administrator Dr. David Weil recently confirmed WHD plans to expand the restaurant employers targeted for investigation and other efforts to punish and correct WH Law violations under the Restaurant Enforcement Initiative through 2017 in an October 5, 2016 WHD News Release: Significant Violations In The Austin Restaurant Industry Raise Concerns For Us Labor Department Officials (News Release).

The News Release quotes Administrator Weil as stating:

The current level of noncompliance found in these investigations is not acceptable …WHD will continue to use every tool we have available to combat this issue. This includes vigorous enforcement as well as outreach to employer associations and worker advocates to ensure that Austin restaurant workers receive a fair day’s pay for a fair day’s work.

Given the substantial back pay, interest, civil or in the case of willful violations, criminal penalties, costs of defense and prosecution and other sanctions that restaurant employers, their owners and management can face if their restaurant is caught violating FLSA or other WH Laws, restaurants and their leaders should arrange for a comprehensive review within the scope of attorney-client privilege of the adequacy and defensibility of their existing policies, practices and documentation for classifying, assigning duties, tracking regular and overtime hours, paying workers and other WH Law compliance responsibilities and opportunities to mitigate risks and liabilities from WH Law claims and investigations.

Many Restaurants Already Nailed Through Restaurant Enforcement Initiative

Even before the planned 2017 expansion of its Restaurant Enforcement Initiative, WHD’s enforcement record shows WHD’s efforts to find and punish restaurants that violate WH Laws are highly successful. Restaurant employers overwhelmingly are the employers targeted by WHD in the vast majority of the WH Law settlements and prosecutions announced in WHD News Releases published over the past two years, including aggregate back pay and penalty awards of more than $11.4 million recovered through the following 31 actions announced by WHD between January 1, 2016 and October 31, 2016:

US Labor Department Investigation Finds Thundercloud Subs Owes Nearly $128K In Back Wages, Damages To Austin Restaurant Workers (October 20, 2016);
US Labor Department Announces Hotline To Offer Updates To Capitol Hill Cafeteria Workers Owed Back Wage Payments (October 20, 2016);
US Labor Department Recovers More Than $570K In Back Wages, Damages For 55 Workers At Johnny Rockets Restaurants In Washington Metro Area (October 11, 2016);
Portland, Texas, Restaurant Settles Worker Retaliation Allegation After US Labor Department Finds Nine Employees Owed $25K In Back Wages (October 06, 2016);
Providence Restaurant, Owner To Pay $567K In Back Wages, Damages To 104 Employees Denied Minimum Wage, Overtime Pay (September 23, 2016);
US Labor Department Investigation Finds Capitol Hill Cafeteria Workers Illegally Denied More Than $1M In Wages By Federal Food Service Contractors (July 26, 2016);
El Azteca Restaurant Group To Pay $700K In Back Wages, Damages To 129 Workers At Four Wisconsin Eateries (July 26, 2016);
Historic Oklahoma City Restaurant Pays Workers $52K In Back Wages, Damages After Labor Department Investigation (June 22, 2016);
Kissimmee, Florida, Restaurant To Pay Nearly $41KIn Back Wages To 15 Employees After US Department Of Labor Investigation (June 15, 2016);
Court Orders Buffet Restaurant, Owners To Pay $128K In Back Wages, Penalties To Resolve Allegations Of Federal Minimum Wage, Overtime Violations (June 09, 2016);
Grand Rapids Restaurant, Owners Agree With Court Order To Comply With Federal Record-Keeping Rules After Department’s Wage And Hour Investigation (May 31, 2016);
Court Judgment Orders Four Phoenix-Area Federico’s Mexican Food Restaurants To Pay Workers $202KIn Overtime Back Wages, Damages (May 24, 2016);
US Labor Department Investigation Finds Child Labor, Minimum Wage And Other Violations At Street’s Seafood Restaurant (May 17, 2016);
US Labor Department Initiative Finds 14 Lawrence Restaurants Owe More Than $112K In Back Wages To 130 Workers (May 17, 2016);
US Labor Department Obtains Order To Stop Arlington Restaurant Owners From Intimidating Workers Who Cooperate With Federal Investigators (May 16, 2016);
Charleston Restaurants’ Minimum Wage, Overtime Violations Result In Nearly $217K In Back Wages For 26 Employees (May 9, 2016);
Las Investigaciones Dieron Como Resultado Casi $1.2 Millones En Salarios Retroactivos Y Daños Y Perjuicios Para Más De 100 Trabajadores En 13 Restaurantes En El Área De Charleston and Investigations Result In Nearly $1.2M In Back Wages, Damages For More Than 100 Workers At 13 Charleston Area Restaurants (April 19, 2016);
Clairmont Diner Will Pay $213K In Back Wages, Damages And Penalties After Federal Wage And Hour Investigation (March 30, 2016);
Tampico Restaurants Agree To Pay $190K In Back Wages To 67 Workers (March 26, 2016);
S. Labor Department Lawsuit Seeks Back Wages And Damages For Austintown, Ohio Restaurant Workers (March 16, 2016);
Popular Cajun Food Enterprise Will Pay More Than $138K In Back Wages, Penalties Following U.S. Labor Department Investigation (March 07, 2016);
US Labor Department Initiative Finds Ames Restaurants Owe Nearly $100K In Back Wages To More Than 150 Workers (March 02, 2016);
S. Labor Department Sues To Recover Unpaid Minimum Wage, Overtime Plus Additional Damages For Akron Restaurant Workers (February 25, 2016);
Paying To Work? Sophia’s House Of Pancakes Resolves Allegations Servers Made To Pay $2 Per Hour To Work At Restaurants (February 16, 2016)($245K);
Two Hawaii Restaurants Found In Violation Of Overtime Pay Requirements (February 10, 2016)($81,294);
Labor Department Launches West Coast Sweep To Investigate Pay Practices At Fast Food Establishments To Ensure Fairness, Compliance (February 4, 2016);
Sushi And Ramen Restaurants Pay $621K In Back Wages, Damages And Penalties After US Labor Department Investigation (January 25, 2016)
Federal Judge Overturns Jury Verdict, Orders El Tequila Restaurants And Owner Carlos Aguirre To Pay $2.1 Million In Back Wages And Damages To Workers (January 14, 2016);
Taqueria La Herradura En Pharr, Texas, Paga Más De $33 Mil En Concepto De Salarios Retroactivos Y Daños Al Personal De La Cocina Después De Una Investigación Del Departamento De Trabajo De Ee.Uu.(January 12, 2016);
Investigations At 10 North Carolina Restaurants Find More Than $510K In Back Wages Owed To 125 Workers (January 12, 2016);
Restaurant Enforcement Initiative Finds More Than $2.27M In Back Wages, Damages Owed To More Than 3,000 Georgia Workers (January 05, 2016).

Enforcement Actions Highlight Common Restaurant WH Law Compliance Concerns

Restaurant employers, like employers in most other industries, are subject to a host of minimum wage, overtime and other requirements including the FLSA requirement that covered, nonexempt employees earn at least the federal minimum wage of $7.25 per hour for all regular hours worked, plus time and one-half their regular rates, including commissions, bonuses and incentive pay, for hours worked beyond 40 per week. Employers also are required to maintain accurate time and payroll records and must comply with child labor, anti-retaliation and other WH Law requirements.

The News Release identified some of the common violations WHD uncovered in these investigations included employers:

Requiring employees to work exclusively for tips, with no regard to minimum-wage standards;
Making illegal deductions from workers’ wages for walkouts, breakages, credit card transaction fees and cash register shortages, which reduce wages below the required minimum wage;
Paying straight-time wages for overtime hours worked.
Calculating overtime incorrectly for servers based on their $2.13 per hour base rates before tips, instead of the federal minimum wage of $7.25 per hour.
Failing to pay proper overtime for salaried non-exempt cooks or other workers;
Creating illegal tip pools involving kitchen staff;
Failing to maintain accurate and thorough records of employees’ wages and work hours.
Committing significant child labor violations, such as allowing minors to operate and clean hazardous equipment, including dough mixers and meat slicers.

Use Care To Verify Tipped Employees Paid Properly

Based on the reported violations, restaurants employing tipped employees generally will want to carefully review their policies, practices and records regarding their payment of tipped employees. Among other things, these common violations reflect a widespread misunderstanding or misapplication of special rules for calculating the minimum hourly wage that a restaurant must pay an employee that qualifies as a tipped employee. While special FLSA rules for tipped employees may permit a restaurant to claim tips (not in excess of $5.12 per hour) actually received and retained by a “tipped employee,” not all workers that receive tips are necessarily covered by this special rule. For purposes of this rule, the definition of “tipped employee” only applies to an employee who customarily and regularly receives more than $30 per month in tips.

Also, contrary to popular perception, the FLSA as construed by the WHD does not set the minimum wage for tipped employees at $2.13 per hour. On the contrary, the FLSA requirement that non-exempt workers be paid at least the minimum wage of $7.25 per hour for each regular hour worked also applies to tipped employees. When applicable, the special rule for tipped employees merely only allows an employer to claim the amount of the tips that the restaurant can prove the tipped employee actually received and retained (not in excess of $5.13 per hour) as a credit against the minimum wage of $7.25 per hour the FLSA otherwise would require the employer to pay the tipped employee. Only tips actually received by the employee may be counted in determining whether the employee is a tipped employee and in applying the tip credit. If a tipped employee earns less than $5.13 per hour in tips, the restaurant must be able to demonstrate that the combined total of the tips retained by the employee and the hourly wage otherwise paid to the tipped employee by the restaurant equaled at least the minimum wage of $7.25 per hour.

Furthermore, restaurant or other employers claiming a tip credit must keep in mind that the FLSA generally provides that tips are the property of the employee. The FLSA generally prohibits an employer from using an employee’s tips for any reason other than as a credit against its minimum wage obligation to the employee (“tip credit”) or in furtherance of a valid tip pool.

Also, whether for purposes of applying the tip credit rules or other applicable requirements of the FLSA and other wage and hour laws, restaurant employers must create and retain appropriate records and other documentation regarding worker age, classification, hours worked, tips and other compensation paid and other evidence necessary to defend their actions with respect to tipped or other employees under the FLSA and other WH Law rules. Beyond accurately and reliably capturing all of the documentation required to show proper payment in accordance with the FLSA, restaurants also should use care to appropriately document leave, discipline and other related activities as necessary to show compliance with anti-retaliation, equal pay, family and medical leave, and other mandates, as applicable. Since state law also may impose additional minimum leave, break time or other requirements, restaurants also generally will want to review their policies, practices and records to verify their ability to defend their actions under those rules as well.

Child Labor Rules Require Special Care When Employing Minors

While hiring workers under the age of 18 (minors) can help a restaurant fulfill its staffing needs while providing young workers valuable first time or other work experience, restaurants that hire minors must understand and properly comply with any restrictions on the duties, work hours or other requirements for employment of the minor imposed by federal or state child labor laws.

As a starting point, the legal requirements for employing minors generally greater, not less, than those applicable to the employment of an adult in the same position. Employers employing workers who are less than 18 years of age (minors) should not assume that the employer can pay the minor less than minimum wage or skip complying with other legal requirements that normally apply to the employment of an adult in that position by employing the minor in an “internship” or other special capacity. The same federal and state minimum wage, overtime, safety and health and nondiscrimination rules that generally apply to the employment of an adult generally will apply to its employment of a worker who is a minor.

Beyond complying with the rules for employment of adults, restaurants employing minors also must ensure that they fully comply with all applicable requirements for the employment of minors imposed under the FLSA child labor rules and applicable state law enacted to ensure that when young people work, the work is safe and does not jeopardize their health, well-being or educational opportunities. Depending on the age of the minor, the FLSA or state child labor rules may necessitate that a restaurant tailor the duties and hours of work of an employee who is a minor to avoid the substantial liability that can result when an employer violates one of these child labor rules.

The FLSA child labor rules, for instance, impose various special requirements for the employment of youth 14 to 17 years old. See here. As a starting point, the FLSA child labor rules prohibit the any worker less than 18 years of age from operating or cleaning dough mixers, meat slicers or other hazardous equipment. Depending on the age of the minor worker, the FLSA child labor rules or state child labor laws also may impose other restrictions on the duties that the restaurant can assign or allow the minor to perform. Restaurants hiring any worker that is a minor must evaluate the duties identified as hazardous “occupations” that the FLSA child labor rules prohibit a minor of that age to perform here as an “occupation” and take the necessary steps to ensure the minor is not assigned and does not perform any of those prohibited activities in the course of his employment.

In addition to ensuring that minors don’t perform prohibited duties, restaurants employing minors also comply with all applicable restrictions on the hours that the minor is permitted to work based on the age of the minor worker. For instance, the FLSA and state child labor rules typically prohibit scheduling a minor less than 16 years of age to work during school hours and restrict the hours outside school hours the minor can work based on his age. Additional restrictions on the types of jobs and hours 14- and 15-year-olds may work also may apply.

Compliance with the FLSA child labor rules is critically important for any restaurant or other employer that employs a minor, particularly since the penalties for violation of these requirements were substantially increased in 2010, as Streets Seafood Restaurant learned earlier this year.

According to a WHD News Release, Street’s Seafood Restaurant paid $14,288 in minimum wage and overtime back wages and an equal amount in liquidated damages totaling $28,577 to eight employees, and also was assessed a civil money penalty of $14,125 for FLSA child labor violations committed in the course of its employment of four minors ages 15 to 17. Specifically, investigators found Street’s Seafood Restaurant:

Required minors to operate, dismantle, clean and reassemble a meat slicer and a dough mixer.
Required a 17-year-old to operate a motor vehicle to transport food to catering events.
Required a 15-year-old to work more hours than allowed by law.
Paid some workers only $6 per hour, below the required federal minimum wage of $7.25 per hour.
Paid employees straight time for overtime when they worked more than 40 hours in a week, instead of paying them time-and-one-half, as the law requires.
Failed to maintain proof of age of minors.
Failed to maintain required time and payroll records.

WHD’s announcement of the settlement resolving these child labor laws quotes Kenneth Stripling, director of the division’s Birmingham District Office as stating:

Employing young people provides valuable experience, but that experience must never come at the expense of their safety …Additionally, employers have an obligation to pay employees what they have legally earned. All workers deserve a fair day’s pay for a fair day’s work. Unfortunately, Street’s Seafood violated not only child labor laws, but has also shorted workers’ pay. The resolution of this case sends a strong message that we will not tolerate either of those behaviors.

Restaurants Must Act To Minimize Risks

Beyond WHD’s direct enforcement actions, WHD also is seeking to encourage private enforcement of WH Law violations by conducting an aggressive outreach to employees, their union and private plaintiff representatives, states and others. Successful plaintiffs in private actions typically recover actual back pay, double damage penalties plus attorneys’ fees and costs. The availability of these often lucrative private damages makes FLSA and other WH Law claims highly popular to disgruntled or terminated workers and their lawyers. When contemplating options to settle claims WH Law claims made by a worker, employers need to keep in mind that WHD takes the position that settlements with workers do not bar the WHD from taking action unless the WHD joins in the settlement and in fact, past settlements may provide evidence of knowingness or willfulness by the employer in the event of a WHD prosecution. The substantial private recoveries coupled with these and other WHD enforcement and other compliance actions mean bad news for restaurant employers that fail to manage their FLSA and other WH Law compliance. Restaurant employers should act within the scope of attorney-client privilege to review and verify their compliance and consult with legal counsel about other options to minimize their risk and streamline and strengthen their ability to respond to and defend against audits, investigations and litigation.

Beyond verifying the appropriateness of their timekeeping and compensation activities and documentation, restaurants and staffing or management organizations working with them also should use care to mitigate exposures that often arise from missteps or overly aggressive conduct by others providing or receiving management services or staffing services. All parties to these arrangements and their management should keep in mind that both parties participating in such arrangements bear significant risk if responsibilities are not properly performed. Both service and staffing providers and restaurants using their services should insist on carefully crafted commitments from the other party to properly classify, track hours, calculate and pay workers, keep records, and otherwise comply with WH Laws and other legal requirements. Parties to these arrangements both generally also will want to insist that these contractual reassurances are backed up with meaningful audit and indemnification rights and carefully monitor the actions of service providers rendering these services.

About The Author

Ms. Stamer works with businesses and their management, employee benefit plans, governments and other organizations deal with all aspects of human resources and workforce, internal controls and regulatory compliance, change management and other performance and operations management and compliance. She supports her clients both on a real-time, “on demand” basis and with longer term basis to deal with daily performance management and operations, emerging crises, strategic planning, process improvement and change management, investigations, defending litigation, audits, investigations or other enforcement challenges, government affairs and public policy.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares shared her thought leadership, experience and advocacy on these and other concerns by her service in the leadership of a broad range of other professional and civic organization including her involvement as the Vice Chair of the North Texas Healthcare Compliance Association, Executive Director of the Coalition on Responsible Health Policy and its PROJECT COPE: Coalition on Patient Empowerment, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children; former Board Compliance Chair and Board member of the National Kidney Foundation of North Texas, current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, immediate past RPTE Representative to ABA Joint Committee on Employee Benefits Council Representative and current RPTE Representative to the ABA Health Law Coordinating Council, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, a former member of the Board of Directors of the Southwest Benefits Association and others.

Ms. Stamer also is a highly popular lecturer, symposia chair and author, who publishes and speaks extensively on health and managed care industry, human resources, employment, employee benefits, compensation, and other regulatory and operational risk management. Examples of her many highly regarded publications on these matters include the “Texas Payday Law” Chapter of Texas Employment Law, as well as thousands of other publications, programs and workshops these and other concerns for the American Bar Association, ALI-ABA, American Health Lawyers, Society of Human Resources Professionals, the Southwest Benefits Association, the Society of Employee Benefits Administrators, the American Law Institute, Lexis-Nexis, Atlantic Information Services, The Bureau of National Affairs (BNA), InsuranceThoughtLeaders.com, Benefits Magazine, Employee Benefit News, Texas CEO Magazine, HealthLeaders, the HCCA, ISSA, HIMSS, Modern Healthcare, Managed Healthcare, Institute of Internal Auditors, Society of CPAs, Business Insurance, Employee Benefits News, World At Work, Benefits Magazine, the Wall Street Journal, the Dallas Morning News, the Dallas Business Journal, the Houston Business Journal, and many other symposia and publications. She also has served as an Editorial Advisory Board Member for human resources, employee benefit and other management focused publications of BNA, HR.com, Employee Benefit News, InsuranceThoughtLeadership.com and many other prominent publications and speaks and conducts training for a broad range of professional organizations and for clients on the Advisory Boards of InsuranceThoughtLeadership.com, HR.com, Employee Benefit News, and many other publications. For additional information about Ms. Stamer, see CynthiaStamer.com or contact Ms. Stamer via email here or via telephone to (469) 767-8872.

About Solutions Law Press, Inc.™

Comments Off on DOL Aggressively Targeting Restaurants For Wage & Hour & Child Labor Law Violations | Attorney-Client Privilege, board of directors, Civil Monetary Penalties, Corporate Compliance, corporate governance, employee, Employer, Employers, Employment, Employment Discrimination, Employment Tax, Fair Labor Standards Act, family leave, FLSA, Government Contractors, Hiring, Hospitality, HR, Human Resources, Internal Controls, Internal Investigations, Labor Management Relations, Leave, Management, Non-Exempt, Pay, Risk Management, Salaried, Uncategorized | Tagged: Child Labor, Employer, Exempt, FLSA, hospitality, Minimum Wage, Non-Exempt, Overtime, pay, Restaurant, wage and hour | Permalink
Posted by Cynthia Marcotte Stamer

Brace For Health Plan OCR HIPAA Audits

March 22, 2016

Employer and union sponsored health plans, their sponsors, fiduciaries, and business associates should brace for audits and enforcement of the Privacy, Security, and Breach Notification rules by the Department of Health & Human Service Office of Civil Rights (OCR) follow OCR’s 2016 audit program on the heels of its announcement last week of two large HIPAA settlements last week.

OCR confirmed today it is sending emails notifying health plans, healthcare providers, healthcare clearing houses (Covered Entities) and their business associates identified as part of the kickoff of its next phase of audits of Covered Entities. In light of the HIPAA verification rules and the notorious spread of opportunistic identity theft and other fraud by opportunistic Cybercriminals following these types of announcements, Covered Entities and business associates should carefully verify the requests validity and manage the response to avoid violating HIPAA in responding and position for defensibility against potential penalties.

Even if health plans or other Covered Entities reviewed their practices in the last 12-months, most will want to update this review in response to new OCR guidance and enforcement actions, including new guidance on obligations to provide plan members or other subjects of protected health information with access to or copies of their records and other guidance, as well as the ever-expanding list of enforcement actions by OCR.

To catch up on this latest guidance, Solutions Law Press, Inc. ™ invites you to register to participate in a special WebEx briefing on “HIPAA Update: The Latest On Security, Patient Access & Other HIPAA Developments” on Wednesday, March 30, 2016 beginning at Noon Central Time on Wednesday, March 30, 2016.

2016 Audit Program

In its 2016 Phase 2 HIPAA Audit Program, OCR will review the policies and procedures adopted and employed by Covered Entities and their business associates to meet selected standards and implementation specifications of the Privacy, Security, and Breach Notification Rules. OCR says it will primarily conduct these audits as desk audits, although some on-site audits will be conducted.

According to today’s announcement, the 2016 audit process begins with verification of an entity’s address and contact information. OCR is sending emails to Covered Entities and business associates requesting that contact information be provided to OCR on time. OCR will then send a pre-audit questionnaire to gather data about the size, type, and operations of potential audit targets. OCR says this data will be used with other information to create potential audit subject pools. Recipients should contact qualified legal counsel immediately for advice and assistance about proper procedures to verify the email is in fact from OCR and for assistance in responding.

If an entity does not respond to OCR’s request to verify its contact information or pre-audit questionnaire, OCR will use publicly available information about the entity to create its audit subject pool. Therefore an entity that does not respond to OCR may still be selected for an audit or subject to a compliance review. Communications from OCR will be sent via email and may be incorrectly classified as spam. If your entity’s spam filtering and virus protection are automatically enabled, OCR expects entities to check their junk or spam email folder for emails from OCR.

The announcement also reflects that OCR is still developing other aspects of the audit program. OCR will post updated audit protocols on its website closer to conducting the 2016 audits. The audit protocol will be updated to reflect the HIPAA Omnibus Rulemaking and can be used as a tool by organizations to conduct their own internal self-audits as part of their HIPAA compliance activities.

OCR says its audits will enhance industry awareness of compliance obligations and enable OCR to better target technical assistance regarding problems identified through the audits. Through the information gleaned from the audits, OCR will develop tools and guidance to aid the industry in compliance self-evaluation and in preventing breaches. OCR plans to use results and procedures used in the phase 2 audits to develop its permanent HIPAA audit program.

OCR Settlements Show Enforcement Risk

The audit program announcement comes less than a week after OCR announced millions of dollars of new penalties under settlements with two Covered Entities:

A $1,555,000 settlement with North Memorial Health Care of Minnesota;
A $3.9 million settlement with Feinstein Institute for Medical Research.

The two settlements drive home again the substantial liability that health care providers, health plans, health care clearinghouses and their business associates risk for violating HIPAA.

Feinstein Settlement

Feinstein is a biomedical research institute organized as a New York not-for-profit corporation sponsored by Northwell Health, Inc., formerly known as North Shore Long Island Jewish Health System, a large health system headquartered in Manhasset, New York comprised of 21 hospitals and over 450 patient facilities and physician practices.

OCR’s investigation began after Feinstein filed a breach report indicating that on September 2, 2012, a laptop computer containing the electronic protected health information (ePHI) of approximately 13,000 patients and research participants was stolen from an employee’s car. The ePHI stored in the laptop included the names of research participants, dates of birth, addresses, social security numbers, diagnoses, laboratory results, medications, and medical information about potential participation in a research study.

OCR’s investigation discovered that Feinstein’s security management process was limited in scope, incomplete, and insufficient to address potential risks and vulnerabilities to the confidentiality, integrity, and availability of ePHI held by the entity. Further, Feinstein lacked policies and procedures for authorizing access to ePHI by its workforce members, failed to implement safeguards to restrict access to unauthorized users, and lacked policies and procedures to govern the receipt and removal of laptops that contained ePHI into and out of its facilities. For electronic equipment procured outside of Feinstein’s standard acquisition process, Feinstein failed to implement proper mechanisms for safeguarding ePHI as required by the Security Rule.

“Research institutions subject to HIPAA must be held to the same compliance standards as all other HIPAA-covered entities,” said OCR Director Jocelyn Samuels. “For individuals to trust in the research process and for patients to trust in those institutions, they must have some assurance that their information is kept private and secure.”

The resolution agreement and corrective action plan may be found on the OCR website at http://www.hhs.gov/hipaa/for-professionals/compliance-enforcement/agreements/Feinstein/index.html.

North Memorial

The Feinstein settlement announcement follows yesterday’s announcement of a $1.5 million plus settlement with North Memorial to resolve HIPAA charges that it failed to implement a business associate agreement with a major contractor and failed to institute an organization-wide risk analysis to address the risks and vulnerabilities to its patient information. North Memorial is a comprehensive, not-for-profit health care system in Minnesota that serves the Twin Cities and surrounding communities.

The settlement highlights the importance for healthcare providers, health plans, healthcare clearinghouses and their business associates to comply with HIPAA’s business associate agreement and other HIPAA organizational, risk assessment, privacy and security, and other requirements.

OCR’s announcement emphasizes the importance of meeting these requirements. “Two major cornerstones of the HIPAA Rules were overlooked by this entity,” said Director Samuels. “Organizations must have in place compliant business associate agreements as well as an accurate and thorough risk analysis that addresses their enterprise-wide IT infrastructure.”

The settlement comes from charges filed after OCR initiated its investigation of North Memorial following receipt of a breach report on September 27, 2011, which indicated that an unencrypted, password-protected laptop was stolen from a business associate’s workforce member’s locked vehicle, impacting the ePHI of 9,497 individuals.

OCR’s investigation indicated that North Memorial failed to have in place a business associate agreement, as required under the HIPAA Privacy and Security Rules, so that its business associate could perform certain payment and health care operations activities on its behalf. North Memorial gave its business associate, Accretive, access to North Memorial’s hospital database, which stored the ePHI of 289,904 patients. Accretive also received access to non-electronic protected health information as it performed services on-site at North Memorial.

The investigation further determined that North Memorial failed to complete a risk analysis to address all of the potential risks and vulnerabilities to the ePHI that it maintained, accessed, or transmitted across its entire IT infrastructure — including but not limited to all applications, software, databases, servers, workstations, mobile devices and electronic media, network administration and security devices, and associated business processes.

In addition to the $1,550,000 payment, North Memorial is required to develop an organization-wide risk analysis and risk management plan, as required under the Security Rule. North Memorial will also train appropriate workforce members on all policies and procedures newly developed or revised pursuant to this corrective action plan.

The Resolution Agreement and Corrective Action Plan can be found on the HHS website at: http://www.hhs.gov/hipaa/for-professionals/compliance-enforcement/agreements/north-memorial-health-care/index.html.
Settlement Latest Reminder To Manage HIPAA Risks.

Following up on OCR’s imposition of its second-ever HIPAA Civil Monetary Penalty (CMP) and the latest in an ever-growing list of settlements by Covered Entities under HIPAA, these latest settlements illustrate the substantial liability that Covered Entities face for violating HIPAA. To avoid these liabilities, Covered Entities must constantly be diligent to comply with the latest guidance of OCR about their obligations under HIPAA.

As OCR continues to issue additional guidance as well as supplement this guidance through information shared in settlement agreements like the North Memorial settlement, even if Covered Entities reviewed their practices in the last 12-months, most will want to update this review in response to new OCR guidance and enforcement actions, including new guidance on obligations to provide plan members or other subjects of protected health information with access to or copies of their records and other guidance, as well as the ever-expanding list of enforcement actions by OCR.

Since the Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH) amended HIPAA, Covered Entities face growing responsibilities and liability for maintaining the security of ePHI.

In response to HITECH, OCR continues to use a carrot and stick approach to encouraging and enforcing compliance. As demonstrated by OCR’s imposition of the second-ever HIPAA Civil Monetary Penalty (CMP) of $239,000 against Lincare and the ever-growing list of Resolution Agreements OCR announces with other Covered Entities, OCR continues to step up enforcement against Covered Entities that breach the Privacy and Security Rules. See OCR’s 2nd-Ever HIPAA CMP Nails Lincare For $239,000.

On the other hand, OCR also continues to encourage voluntary compliance by Covered Entities by sharing guidance and tools to aid Covered Entities to understand fulfill their HIPAA responsibilities such as the HIPAA Security Rule Crosswalk to NIST Cybersecurity Framework (Crosswalk) unveiled by OCR on February 24, 2016.The crosswalk that maps the HIPAA Security Rule to the standards of the National Institute of Standards and Technology (NIST) Framework for Improving Critical Infrastructure Cybersecurity (the Cybersecurity Framework) as well as mappings to certain other commonly used security frameworks.

While stating that the HIPAA Security Rule does not require use of the NIST Cybersecurity Framework, OCR says it hopes the Crosswalk will provide “a helpful roadmap” for HIPAA Covered Entities and their business associates to understand the overlap between the NIST Cybersecurity Framework, the HIPAA Security Rule, and other security frameworks that can help Covered Entities safeguard health data in a time of increasing risks and help them to identify potential gaps in their programs.

At the same time, OCR’s announcement of its release of the Crosswalk also cautions users that “use of the Framework does not guarantee HIPAA compliance.” Rather, OCR says “the crosswalk provides an informative tool for entities to use to help them more comprehensively manage security risks in their environments.

With a USA Today report attributing more than 40 percent of data breaches to the healthcare industry over the last three years 91 percent of all health organizations having reporting breaches over the last two years, OCR has made clear that it intends to zealously investigate and enforce the Security Rules against Covered Entities that violate the Security Rules against Covered Entities that fail to take suitable steps to safeguard the security of PHI as required by the HIPAA Security Rule.

To meet these requirements, the HIPAA Security Rule requires that Covered Entities conduct and be prepared to product documentation of their audit and other efforts to comply with the Security Rule Most Covered Entities will want to consider including an assessment of the adequacy of their existing practices under the Crosswalk and other requirements disclosed by OCR in these assessments to help position the Covered Entity to defend or mitigate HIPAA CMP and other liabilities in the event of a HIPAA breech or audit.

Changing Rules Complicate Compliance

In addition to maintaining adequate security, HIPAA also requires Covered Entities to provide individuals with the right to access and receive a copy of their health information from their providers, hospitals, and health insurance plans in accordance with the HIPAA Privacy Rule. In response to recurrent difficulties experienced by individuals in exercising these rights, OCR recently published supplemental guidance to clarify and promote better understanding and compliance with these rules by Covered Entities. OCR started this process in January, 2015 by releasing a comprehensive fact sheet (Access fact sheet) and the first in a series of topical frequently asked questions (FAQs) addressing patients’ right to access their medical records, which set forth requirements providers must follow in sharing medical records with patients, including that they must do so in a timely manner and in a format that works for the patient.

Earlier this month, OCR followed up by publishing on March 1, 2016 a second set of FAQs addresses additional issues, including the fees individuals may be charged for copies of their health information and the right of individuals to have their health information sent directly to a third party if they so choose.

Covered entities and their business associates should expect OCR to ask about use of these tools in audits and investigations. Accordingly, they should move quickly to review and update their business associate agreements and other practices to comply with this new guidance as well as watch for further guidance and enforcement about these practices from OCR.

Other Key HIPAA Regulatory & Enforcement Changes Raise Responsibilities & Risks

OCR’s new guidance on access to PHI follows a host of other regulatory and enforcement activities. While the particulars of each of these new actions and guidance vary, all send a very clear message: OCR expects Covered Entities and their business associates to comply with HIPAA and is offering tools and other guidance to aid them in that process. In the event of a breach or audit, Covered Entities and their business associates need to be prepared to demonstrate their efforts to comply.

Those that cannot show adequate compliance efforts should be prepared for potentially substantial CMP or Resolution Agreement payments and other sanctions.

Register For 3/30 Webex Briefing

Solutions Law Press, Inc.™ invites to catch up on the latest guidance on the Covered Entities’ responsibility under HIPAA to provide access to patients to PHI by registering here to participate in the “HIPAA Update: The Latest On Security, Patient Access & Other HIPAA Developments” Webex briefing by attorney Cynthia Marcotte Stamer that Solutions Law Press, Inc.™ will host beginning at Noon Central Time on Wednesday, March 30, 2016.

About The Author

Cynthia Marcotte Stamer is a practicing attorney and management consultant, author, public policy advocate and lecturer widely recognized for her extensive work and pragmatic thought leadership, experience, publications and training on HIPAA and other privacy, medical records and data and other health care and health plan concerns.
Recognized as “LEGAL LEADER™ Texas Top Rated Lawyer” in both Health Care Law and Labor and Employment Law, a “Texas Top Lawyer,” an “AV-Preeminent” and “Top Rated Lawyer” by Martindale-Hubble and as among the “Best Lawyers In Dallas” in employee benefits 2015 by D Magazine; Ms. Stamer has more than 28 years of extensive proven, pragmatic knowledge and experience representing and advising health industry clients and others on operational, regulatory and other compliance, risk management, product and process development, public policy and other key concerns.

As a core component of her work as the Managing Shareholder of Cynthia Marcotte Stamer, PC, the Co-Managing Member of Stamer Chadwick Soefje PLLC, Ms. Stamer has worked extensively throughout her nearly 30 year career with health care providers, health plans, health care clearinghouses, their business associates, employers, banks and other financial institutions, their technology and other vendors and service providers, and others on legal and operational risk management and compliance with HIPAA, FACTA, PCI, trade secret, physician and other medical confidentiality and privacy, federal and state data security and data breach and other information privacy and data security rules and concerns; prevention, investigation, response, mitigation and resolution of known or suspected data or privacy breaches or other incidents; defending investigations or other actions by plaintiffs, OCR, FTC, state attorneys’ general and other federal or state agencies; reporting and redressing known or suspected breaches or other violations; business associate and other contracting; insurance or other liability management and allocation; process and product development, contracting, deployment and defense; evaluation, commenting or seeking modification of regulatory guidance, and other regulatory and public policy advocacy; training and discipline; enforcement, and a host of other related concerns for public and private health care providers, health insurers, health plans, technology and other vendors, employers, and others.

Beyond her extensive involvement advising and defending clients on these matters, Ms. Stamer also has served for several years as the scrivener for the ABA JCEB’s meeting with OCR for many years. She returns as Chair of the Southern California ISSA Health Care Privacy & Security Summit for the third year in 2016, as well as speaks and serves on the steering committee of a multitude of other programs.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares shared her thought leadership, experience and advocacy on HIPAA and other concerns by her service in the leadership of a broad range of other professional and civic organization including her involvement as the Vice Chair of the North Texas Healthcare Compliance Association, Executive Director of the Coalition on Responsible Health Policy and its PROJECT COPE; Coalition on Patient Empowerment, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children; former Board Compliance Chair and Board member of the National Kidney Foundation of North Texas, current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, immediate past RPTE Representative to ABA Joint Committee on Employee Benefits Council Representative and current RPTE Representative to the ABA Health Law Coordinating Counsel, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, a former member of the Board of Directors of the Southwest Benefits Association and others.

Ms. Stamer also is a highly popular lecturer, symposia chair and author, who publishes and speaks extensively on health and managed care industry, human resources, employment and other privacy, data security and other technology, regulatory and operational risk management. Examples of her many highly regarded publications on these matters include “Protecting & Using Patient Data In Disease Management: Opportunities, Liabilities And Prescriptions,” “Privacy Invasions of Medical Care-An Emerging Perspective,” “Cybercrime and Identity Theft: Health Information Security: Beyond HIPAA,” as well as thousands of other publications, programs and workshops these and other concerns for the American Bar Association, ALI-ABA, American Health Lawyers, Society of Human Resources Professionals, the Southwest Benefits Association, the Society of Employee Benefits Administrators, the American Law Institute, Lexis-Nexis, Atlantic Information Services, The Bureau of National Affairs (BNA), InsuranceThoughtLeaders.com, Benefits Magazine, Employee Benefit News, Texas CEO Magazine, HealthLeaders, the HCCA, ISSA, HIMSS, Modern Healthcare, Managed Healthcare, Institute of Internal Auditors, Society of CPAs, Business Insurance, Employee Benefits News, World At Work, Benefits Magazine, the Wall Street Journal, the Dallas Morning News, the Dallas Business Journal, the Houston Business Journal, and many other symposia and publications. She also has served as an Editorial Advisory Board Member for human resources, employee benefit and other management focused publications of BNA, HR.com, Employee Benefit News, InsuranceThoughtLeadership.com and many other prominent publications and speaks and conducts training for a broad range of professional organizations and for clientson the Advisory Boards of InsuranceThoughtLeadership.com, HR.com, Employee Benefit News, and many other publications. For additional information about Ms. Stamer, see CynthiaStamer.com or the Stamer│Chadwick │Soefje PLLC or contact Ms. Stamer via email here or via telephone to (469) 767-8872.

About Solutions Law Press, Inc.™

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating or updating your profile here. ©2016 Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions Law Press, Inc.™ All other rights reserved.

Comments Off on Brace For Health Plan OCR HIPAA Audits | Brokers, Civil Rights, compensation, compliance, Corporate Compliance, Cybercrime, Data Breach, Data Security, employee, Employee Benefits, FACTA, fiduciary duty, Fiduciary Responsibility, Financial Security, GINA, health benefit, Health Benefits, health Care, health insurance, health insurance marketplace, health plan, Health Plans, HIPAA, HIPAA, Hospitality, HR, Human Resources, Identity Theft, Insurance, insurers, Internal Controls, Management, Medicare Part D, Mental Health, Mental Health Parity, MEWA, Obamacare, Patient Empowerment, Prescription Drugs, Privacy, Professional Liability, Risk Management, third party administrators, Uncategorized, Wellness, Wellness Programs, Workforce | Tagged: Data Breach, Data Security, Employee Benefits, ERISA, Fiduciary Liability, financial privacy, Health Insurance, Health Plan, Health Plans, HIPAA, Medical Privacy, OCR, Office of Civil Rights, Privacy | Permalink
Posted by Cynthia Marcotte Stamer

Strengthen Your Cyber Security By Sharing National Cyber Security Awareness Month Resources This Week

October 25, 2015

Halloween’s annual celebration of spooks and goblins peak is a perfect time to promote awareness and help American businesses and citizens build their skills to guard against the real and growing menace of identity thieves and other cybercriminals by getting involved with the 12^th annual National Cyber Security Awareness Month (NCSAM) in October, begin preparing to participate in the next annual “Data Privacy Day” on January 28, 2016 and joining in other activities highlighted through NCSAM and Data Privacy Day to help deter Cybercrime and identity theft threats. Even if your organization or family choose not to participate in any official or public way, checking out and using the many free resources provides an invaluable, free opportunity to raise your defenses against this rising risk.

With virtually every American business and citizen now connected to and using the Internet to conduct key personal and business transactions and the constant drive by government and business to digitize regular business transactions, no one agency, business or individual alone can truly know where and who has their sensitive data, much less reliably can defend this data against the identity and other theft and other cybercriminals lurking in the digital world’s virtual streets waiting to strike, then disappear in “Jack The Ripper” style into the darkness of the Internet. That’s why every American and American business should take time to participate and urge others to Get Involved in the 12^th Annual NCSAM activities this month and use the supportive resources offered through that involvement throughout the year.

Celebrated annually in October, NCSAM was created to provide resources to help Americans stay safer and more secure online through public-private collaboration between the U.S. Department of Homeland Security and industry led by the National Cyber Security Alliance (NCSA). NCSAM and its associated activities outreach to consumers, small and medium-sized businesses, corporations, educational institutions and young people across the nation. NCSAM 2015 particularly focuses on the consumer and his/her needs regarding cybersecurity and safety continuing the overall message of STOP. THINK. CONNECT. Campaign founded in 2010 and its capstone concepts: “Keep a Clean Machine,” “Protect Your Personal Information,” “Connect with Care,” “Be Web Wise” and “Be a Good Online Citizen.” NCSAM seeks to remind Americans to incorporate “STOP. THINK. CONNECT.” into their online routines and offers resources to help individuals understand and put these principles into practice into their online routine at the home, the office and elsewhere.

Designed to be accessible and understandable by consumers, many business and government organizations may want to support and promote their Cyber Security employee and customer training and awareness efforts by participating annually in NCSAM in October, signing up your organization to Data Privacy Day Champion and/or participating in Data Privacy Day on January 28, 2016, or otherwise using and sharing tips, tools and other resources in the Privacy Library such as:

General Privacy & Cyber Security Awareness

Be A Good Citizen On Line
Protect All Devices
Practice Good Online Safety Habits With These Tips & Advice
Spam & Phishing
Hacked Accounts
Check Your Privacy Settings
Privacy Tips for Teens – A video with STOP. THINK. CONNECT. tips to help teens be privacy-savvy and manage their online reputation.
“Perceptions of Privacy Online and in the Digitally Connected World,” a summary of the results of a 2013-2014 data privacy study conducted by the National Cyber Security Alliance’s Privacy Messaging Development Committee.
Data is Permanent Too – STOP.THINK. is this TMI? A short video created by the Intel Corporation.
Why Privacy Matters – The first in the series of explainers from Zero Knowledge Privacy Foundation.
The Fine Print of Privacy – The second in the series of explainers from Zero Knowledge Privacy Foundation.
“The Right to Fail in Citizenville,” a blog by David Hoffman, Director of Security Policy and Global Privacy Officer, Intel (March, 2013).
The Privacy Engineer’s Manifesto: Getting from Policy to Code to QA to Value, an e-book by McAfee’s Michelle Finneran Dennedy, Jonathan Fox, and Thomas R. Finneran.

Keep a Clean Machine/Cookies & Behavioral Tracking

Malware & Botnets
A video about cookies and why they matter created by the Wall Street Journal.
Information about the Network Advertising Initiative (NAI) offering opt-out of online behavior advertising and provides factual information about online behavioral advertising, privacy, cookies.

Health Privacy

What is HIPAA and Why Should You Care? A Patient’s Guide to HIPAA (Health Insurance Portability and Accountability Act)
Medical Records Privacy from Privacy Rights Clearinghouse
Understanding Health Information Privacy by the U.S. Department of Health and Human Services

Identity Theft Prevention & Clean Up

Links to resources at fraud.org about how to spot a scam, file a complaint and learn about scams.
“ID Theft & Account Fraud – Prevention & Cleanup” a helpful resource provided by Consumer Action offered in numerous languages.
Fighting Back Against Identity Theft and other information for consumers on how to deter, detect and defend against identity theft
IRS resources about how to report phishing.

Mobile App Privacy & Security

“Your Apps Are Watching You,” an investigative report from the Wall Street Journal found popular iPhone and Android apps are collecting and transmitting information without users’ awareness or consent.
Net Safety Tips On The Go app for Android phones app provides quick, practical, friendly advice one tip at a time.
Tips to help protect your privacy when using a mobile device provided by the National Cyber Security Alliance.
Microsoft’s “Location & Privacy: Where are we headed?” and “What Does Your Online Reputation Say About You?”
Protect your personal information while using public Wi-Fi with this video.
10 travel tips for protecting your privacy from PUBLIC WiFi.
Online Services – Banking, Dating & General Guidelines
Don’t Upload Financial Data to Questionable Sources video created by the Intel Corporation
The Perils and Pitfalls of Online Dating: How to Protect Yourself from the Privacy Rights Clearinghouse.
The Google Privacy Channel on YouTube offers a number of short informative videos on privacy issues including: interest-based advertising; use of privacy settings in Google Latitude; advertising privacy; and how to protect your privacy on Google Chrome.

Student & Educational Privacy & Security

I want to each online safety for Grades K-2, Grades 3-5 Middle and High School Higher Education and CSave Volunteer Lesson Plans & Materials
The Protecting Privacy in Connected Learning toolkit is an in-depth, step-by-step guide to navigating the Family Education Rights and Privacy Act (FERPA), the Children’s Online Privacy Protection Act (COPPA) and related privacy issues.
Securing Your Home Network
The Family Educational Rights and Privacy Act, or FERPA, is the main federal law that deals with education privacy, but there are a host of other laws, best practices, and guidelines that are essential to understanding education privacy. FERPA|SHERPA aims to provide service providers, parents, school officials, and policymakers with easy access to those materials to help guide responsible uses of student’s data.
General guidance for parents provided by the department of education Family Educational Rights and Privacy Act (FERPA)
Student Privacy 101: FERPA for parents and students – Ever have questions about your rights regarding education records? This short video highlights the key points of the family education rights and privacy act (FERPA).

Other Resources

About the Author

Cynthia Marcotte Stamer is a practicing attorney and Managing Shareholder of Cynthia Marcotte Stamer, P.C., a member of Stamer│Chadwick │Soefje PLLC, author, pubic speaker, management policy advocate and industry thought leader with more than years’ experience helping business and government organizations and their leaders manage. Ms. Stamer’s legal and management consulting work throughout her 28 plus year career has focused on helping organizations and their management understand and use the law and process to manage people, process, compliance, operations and risk including significant work in the prevention, investigation and remediation of data breach and other Cybercrime events.

Scribe responsible for leading the American Bar Association (ABA) Joint Committee on Employee Benefits (JCEB) annual agency meeting with the Department of Health & Human Services Office of Civil Rights,Scribe responsible for leading the American Bar Association (ABA) Joint Committee on Employee Benefits (JCEB) annual agency meeting with the Department of Health & Human Services Cynthia Marcotte Stamer’s practice has focused on advising and representing government and private technology, security, health care providers, health plans, health, schools and other educational organizations, insurance, banking and financial services, retail, employer and other organizations about privacy and data security compliance and risk management, breach and other investigations and enforcement, workforce and performance management and other risk management, compliance, public policy, regulatory, staffing, and other operations and risk management concerns.

With data and technology use, protection and management imbedded in virtually every aspect of her client’s operations, data and other confidential information and systems use, protection, breach or other abuse investigation and response, enforcement and liability mitigation and defense and other Cybercrime and Cyber Security challenges are a continuous component of Ms. Stamer’s management work. Ms. Stamer helps public and private, domestic and international businesses, governments, and other organizations and their leaders manage their employees, vendors and suppliers, and other workforce members, customers and other’ performance, compliance, compensation and benefits, operations, risks and liabilities, as well as to prevent, stabilize and cleanup workforce, data breach and Cybercrime, and other legal and operational crises large and small that arise in the course of operations. Ms. Stamer regularly helps clients design, administer and defend HIPAA, FACTA, data breach, identity theft and other risk management, compliance and other privacy, data security, confidential information and other data security, technology and management policies and practices affecting their operations. She also helps clients prevent, investigate and mitigate HIPAA, FACTA, PHI and other data breach hacking, identity theft, data breach, data loss or destruction, theft of trade secrets or other sensitive data, spoofing, industrial espionage, insider and other parties misuse of data or technology and other cybercrime and technology use concerns. Best-known for her extensive work helping health care, insurance and other highly regulated entities manage both general employment and management concerns and their highly complicated, industry specific corporate compliance, internal controls and risk management requirements, Ms. Stamer’s clients and experience also includes a broad range of other businesses. Her clients range from highly regulated entities like employers, contractors and their employee benefit plans, their sponsors, management, administrators, insurers, fiduciaries and advisors, technology and data service providers, health care, managed care and insurance, financial services, government contractors and government entities, as well as retail, manufacturing, construction, consulting and a host of other domestic and international businesses of all types and sizes. Common engagements include internal and external privacy and data security compliance, risk management, investigation and remediation, workforce hiring, management, training, performance management, compliance and administration, discipline and termination, and other aspects of workforce management including employment and outsourced services contracting and enforcement, sentencing guidelines and other compliance plan, policy and program development, administration, and defense, performance management, wage and hour and other compensation and benefits, reengineering and other change management, internal controls, compliance and risk management, communications and training, worker classification, tax and payroll, investigations, crisis preparedness and response, government relations, safety, government contracting and audits, litigation and other enforcement, and other legal and operational compliance, risk management, disaster preparedness and response, and liability defense and mitigation concerns arising out of organization’s operations.

Cindy also is widely recognized for her regulatory and public policy advocacy, publications, and public speaking on privacy and other compliance, risk management concerns. Among others, she is the author of “Privacy & Securities Standards-A Brief Nutshell,” “Privacy Invasions of Medical Care-An Emerging Perspective,” the E-Health Business and Transactional Law Chapter on Other Liability-Tort and Regulatory;” “Cybercrime and Identity Theft: Health Information Security Beyond HIPAA;” “Personal Identity Management Legal Demands and Technology Solutions;” “Tailoring A Records Management Plan And Process To Meet Your Legal And Operational Needs;” “Brokers & Insurers Identity Theft and Privacy Perils;” “HR’s Role In Personal Identity Theft & Cyber Crime Prevention;” “Protecting & Using Patient Data In Disease Management Opportunities, Liabilities And Prescriptions;” “Why Your Business Needs A Cybercrime Prevention and Compliance Program;” “Leveraging Your Enterprise Digital Identity Management Investments and Breaking though the Identity Management Buzz;” “When Your Employee’s Private Life Becomes Your Business;” and hundreds of other works. Her insights on privacy, data security, and other matters have appeared in The Wall Street Journal, Business Insurance, the Dallas Morning News, Spencer Publications, and a host of other publications. She speaks and has conducted privacy training for the Association of State & Territorial Health Plans (ASTHO), the Los Angeles Health Department, the American Bar Association, the Health Care Compliance Association, a multitude of health industry, health plan, insurance and financial services, education, employer employee benefit and other clients, trade and professional associations and others.

Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer works with businesses and government organizations and their management, employee benefit plans, schools, financial institutions, retail, hospitality, and other organizations deal with all aspects of these and other operations performance and compliance management. She supports her clients both on a real time, “on demand” basis and with longer term basis to deal with daily performance management and operations, emerging crises, strategic planning, process improvement and change management, investigations, defending litigation, audits, investigations or other enforcement challenges, government affairs and public policy.

Ms. Stamer also is active in the leadership of a broad range of other professional and civic organizations. For instance, Ms. Stamer presently serves on an American Bar Association (ABA) Joint Committee on Employee Benefits Council representative; Vice President of the North Texas Healthcare Compliance Professionals Association; Immediate Past Chair of the ABA RPTE Employee Benefits & Other Compensation Committee, its current Welfare Benefit Plans Committee Co-Chair, on its Substantive Groups & Committee and its incoming Defined Contribution Plan Committee Chair and Practice Management Vice Chair; Past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group and a current member of its Healthcare Coordinating Council; current Vice Chair of the ABA TIPS Employee Benefit Committee; the former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division; on the Advisory Boards of InsuranceThoughtLeadership.com, HR.com, Employee Benefit News, and many other publications. She also previously served as a founding Board Member and President of the Alliance for Healthcare Excellence, as a Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; the Board President of the early childhood development intervention agency, The Richardson Development Center for Children; Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee; a member of the Board of Directors of the Southwest Benefits Association. For additional information about Ms. Stamer, see here, or the Stamer Chadwick Soefje PLLC website here. To contact Ms. Stamer, e-mail her at here or telephone (469) 767-8872.

About Solutions Law Press, Inc.™

Comments Off on Strengthen Your Cyber Security By Sharing National Cyber Security Awareness Month Resources This Week | Banking, Child Safety, Cybercrime, Data Breach, Education, Educational Privacy, Employer, FACTA, Fair Credit Reporting Act, Financial Security, FINRA, Gaming, health Care, HIPAA, Hospitality, HR, Human Resources, Identity Theft, Insurance, Internet, Managment, NCSAM, Privacy, Retail, Risk Management, Safety, Schools, Security, Technology | Tagged: Cyber Security, Cybercrime, Data Breach, Data Security, FACTA, FERPA, Health Care, HIPAA, Identity Theft, Internet Security, On-line Dating Safety, On-line Security, Privacy, Schools, Security, Teen Safety, Teens | Permalink
Posted by Cynthia Marcotte Stamer

Biden-Harris To Require many Employers To Mandate Employee Vaccinations

Businesses Face Increased Wage Costs & Risks From American Rescue Plan Act Of 2021 FLSA Minimum Wage Changes

Don’t Get Stuck Paying Another Employer’s Overtime Or Other Backpay

DOL Aggressively Targeting Restaurants For Wage & Hour & Child Labor Law Violations

Brace For Health Plan OCR HIPAA Audits

Strengthen Your Cyber Security By Sharing National Cyber Security Awareness Month Resources This Week

Email Subscription

Pages

Recent Posts

Archives

Share this blog

Blogroll

Solutions Law

Solutions Law Press HR & Benefits Update