Tell Congress Pass AHCA Today

May 4, 2017

The US House of Representatives is scheduled to vote again tonight on the revised Majority-leadership lead first step healthcare reform legislation seeking to provide Americans and American business with some initial relief from the soaring premium and health care costs, care access barriers and regulatory and other burdens that have resulted under the ObamaCare law and regulations. Every American should call, e-mail or fax the leaders and their Congressperson as soon as possible today and tell them to pass this legislation and get busy passing the next set of reforms with no further delay, the get and stay II formed and involved until it gets it done starting with the House hearing and vote slated tonight starting at 8:30 Eastern. Get details here.

Health care and its reform is a complex challenge. Americans and American businesses, health payers, and States and their healthcare needs are highly diverse. The ambitious but far from successful Obamacare law shows the dangers of well-meaning but unrealistic To try to fix these challenges with a sweeping, one shot fix.  

While passage of this legislative package won’t magically fix these challenges, it will provide quick relief for some of the ObamaCare expense and restrictions and expand the choices that Americans, American business, payers, providers and States while Congress works with American to identify and pursue legislative, regulatory, marketplace and other improvements. 

Let’s get things going in the right direction!


When Trust Matters, Preparations Critical

March 5, 2017

Actual or perceived disloyalty or other reaches of Trece is one of the quickest ways to destroy a working relationship between an a business and its management or other employees or other service providers.

Heading off problems begins with both the management of a business and those providing services to it understanding the  call mama and other conflict of interest, loyalty and other responsibilities of the service provider to the businesses

Historically, the common law has recognized that common law management and other employees – but not necessarily independent contractors or other non common law employee service providers – owe a duty of loyalty to their employer that among other things.  Inventions, knowledge and other value created by an employee and value derived from the employee generally are presumed the property of the employee under the doctrine of “works for hire.”  An employee’s common law duty of loyalty generally also prihibits the employee  from engaging in competition with the employer,  self dealing, or conflicts of interest unless the the employee proves the  employee consented after full disclosure of relevant facts by the employee.

In the age of federal sentencing guidelines and other federal and state internal controls mandates, carefully crafted loyalty, conflict of interest, confidentiality and trade secret, nonsolicitation, noncompete and other provisions in employee contracts, handbooks and policies can promote important regulatory risk management  and compliance goals as well as deter employee breaches of loyalty  by educating the employee of their duty, limit or overrun statutorial restrictions on some of these common law duties, and otherwise strengthen the ability of an employer to enforce these duties in the event of a violation.

As the common law does not necessarily apply these same duties of loyalty automatically businesses of contractor and other no traditional worker or other service provider relationships, however,  ensuring that independent contractors and other nontraditional service providers are engaged pursuant to written agreements that include carefully crafted provisions that clearly reserve the business’ exclusive or other ownership of created products, internal controls mandates,  and loyalty, conflict of interest, confidentiality and trade secret, nonsolicitation, noncompete and other safeguards can be critical to protect the interests of the business.

Whether dealing with employees or other service providers, today’s privacy and other limits on business investigatory powers also create a strong demand for businesses to back up their ability to investigate and redress these and other breaches by adopting and requiring all service providers to consent or otherwise be subject to appropriate disclaimers of privacy, computer and other use and monitoring, pre, concurrent and post terminationinvestigation, disclosure, cooperation, and other policies.


Employers, Benefit Plans & Exempt Org: Prepare For Shortened Deadlines & Other Changes To IRS Employee Plan & Exempt Organization Exam Documentation Request Procedures

March 1, 2017

Heads up tax-exempt and governmental entities, employer and other qualified employee benefit plan sponsor, fiduciaries, administrators, and recordkeepers and their management, accountants, attorneys, and other service providers and advisors.  Changes to the procedures that Internal Revenue Service (IRS) Tax Exempt and Government Entities TE/GE examiners use to make and enforce Information Document Request (IDR) in connection with an audit or other examination make it more important than ever that taxpayers use special care to collect, organize and maintain all of the data and documentation that examiners are likely to request in IDR and take other steps to prepare in advance to respond to an IDR.

New procedures announced in the February 27, 2017 Memorandum For All TE/GE Examiners On New Process For All Information Document Requests and scheduled to take effect April 1 seek to expedite the examination process and reduce backlogs.  To accomplish this, the new procedures impose specific, tightened timelines for responding to IDRs and IRS follow and enforcement of data and document productions demanded by an IDR.  As part of these changes, the new procedures shorten the time that the examiners will issue early subpoena warnings and subpoenas to compel taxpayers to produce requested data.

Taxpayers unable to respond in a timely fashion risk of both triggering these perilous enforcement procedures and an enhanced risk that IRS examiners will view the delay as an indication that the taxpayer may not be using the internal controls and processes expected by the IRS rules.  Accordingly, taxpayers should seek advise from experienced legal counsel about the policies, practices, data and information they might be expected to need to respond to a IDR or other government investigation, recommendations for conducting their operations to promote their ability to efficiently assemble and produce the necessary data, records and other information to respond to a IDR or other investigation, audit or enforcement action, and other appropriate steps to position their organizations timely to recognize and produce the often substantial data generally demanded by an IRD and minimize risks of liability likely to arise from an IRS examination or other governmental or private investigation or action.

About The Author

Recognized by LexisNexis® Martindale-Hubbell® as a “AV-Preeminent” (Top 1%/ the highest) and “Top Rated Lawyer,” with special recognition as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: Erisa & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, the author of this update is widely known for her 28 plus years’ of work in health care, health benefit, health policy and regulatory affairs and other health industry concerns as a practicing attorney and management consultant, thought leader, author, public policy advocate and lecturer.

Throughout her adult life and nearly 30-year legal career, Ms. Stamer’s legal, management and governmental affairs work has focused on helping health industry, health benefit and other employee benefit, insurance, technology and other highly regulated organizations and their management use the law, performance and risk management tools and process to manage people, performance, quality, compliance, operations and risk. Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer helps these and other organizations and their leaders manage their employees, vendors and suppliers, and other workforce members, customers and other’ performance, compliance, compensation and benefits, operations, risks and liabilities, as well as to prevent, stabilize and cleanup legal and operational crises large and small that arise in the course of operations.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, current American Bar Association (ABA) International Section Life Sciences Committee Vice Chair, Scribe for the ABA Joint Committee on Employee Benefits (JCEB) Annual OCR Agency Meeting, former Vice President of the North Texas Health Care Compliance Professionals Association, past Chair of the ABA Health Law Section Managed Care & Insurance Section, past ABA JCEB Council Representative, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Compliance Chair of the National Kidney Foundation of North Texas, and Board Certified in Labor & Employment Law by the Texas Board of Legal Specialization, Ms. Stamer’s includes nearly 30 years’ of work with a diverse range of health industry clients on an extensive range of matters.

Ms. Stamer has worked closely with health industry, managed care and insurance, employee benefit, financial services, technology, restructuring, retail, hospitality, manufacturing, consulting, sales, energy, import-export, staffing and other businesses and their management, employee benefit plans, governments and other organizations deal with all aspects of staffing, human resources and workforce performance management, internal controls and regulatory compliance, change management and other performance and operations management and compliance. She supports her clients both on a real-time, “on demand” basis and with longer term basis to deal with daily performance management and operations, emerging crises, strategic planning, process improvement and change management, investigations, defending litigation, audits, investigations or other enforcement challenges, government affairs and public policy.

As a core component of her work, Ms. Stamer has worked extensively throughout her career with health care providers, health plans and insurers, managed care organizations, health care clearinghouses, their business associates, employers, banks and other financial institutions, management services organizations, professional associations, medical staffs, accreditation agencies, auditors, technology and other vendors and service providers, and others on legal and operational compliance, risk management and compliance, public policies and regulatory affairs, contracting, payer-provider, provider-provider, vendor, patient, governmental and community relations and matters including extensive involvement advising, representing and defending public and private hospitals and health care systems; physicians, physician organizations and medical staffs; specialty clinics and pharmacies; skilled nursing, home health, rehabilitation and other health care providers and facilities; medical staff, accreditation, peer review and quality committees and organizations; billing and management services organizations; consultants; investors; technology, billing and reimbursement and other services and product vendors; products and solutions consultants and developers; investors; managed care organizations, insurers, self-insured health plans and other payers; and other health industry clients to establish and administer compliance and risk management policies; comply with requirements, investigate and respond to Board of Medicine, Health, Nursing, Pharmacy, Chiropractic, and other licensing agencies, Department of Aging & Disability, FDA, Drug Enforcement Agency, OCR Privacy and Civil Rights, Department of Labor, IRS, HHS, DOD, FTC, SEC, CDC and other public health, Department of Justice and state attorneys’ general and other federal and state agencies; JCHO and other accreditation and quality organizations; private litigation and other federal and state health care industry investigation, enforcement including insurance or other liability management and allocation; process and product development, contracting, deployment and defense; evaluation, commenting or seeking modification of regulatory guidance, and other regulatory and public policy advocacy; training and discipline; enforcement, and a host of other related concerns for public and private health care providers, health insurers, health plans, technology and other vendors, employers, and others, and other compliance, public policy, regulatory, staffing, and other operations and risk management concerns.

Best known for her thoughleadership and experience on health benefit and other health and insurance industy matters, Ms. Stamer has worked throughout her career health care, health benefit and insurance and health information technology, data and related process and systems development, policy and operations design, management, product development, innovation, administration, public policy, regulatory compliance, enforcement, contracting, privacy and data security and related matter.  Ms. Stamer continuously advises health and insurance industry clients about licensing, regulatory compliance and internal controls, workforce, agent and broker and medical staff performance, claims and reimbursement, quality, governance, reimbursement, privacy and data security, and other risk management and operational matters. Scribe for ABA JCEB annual agency meeting with OCR for many years, Ms. Stamer also is widely recognized for her extensive work and leadership on HIPAA, FACTA, PCI, IRC and other tax, Social Security, GLB, rade secret, physician and other medical confidentiality and privacy, federal and state data security and data breach and other information privacy and data security rules and concerns including policy design, drafting, administration and training; business associate and other contracting; risk assessments, audits and other risk prevention and mitigation; investigation, reporting, mitigation and resolution of known or suspected breaches, violations or other incidents; and defending investigations or other actions by plaintiffs, OCR, FTC, state attorneys’ general and other federal or state agencies, other business partners, patients and others. Ms. Stamer has worked extensively with health care providers, health plans, health care clearinghouses, their business associates, employers and other plan sponsors, banks, insurers and other financial institutions, and others on trade secret confidentiality, privacy, data security and other risk management and compliance including the design, establishment, documentation, implementation, audit and enforcement of policies, procedures, systems and safeguards, investigating and responding to known or suspected breaches, defending investigations or other actions by plaintiffs, OCR, FTC and other federal or state agencies, reporting known or suspected violations, business associate and other contracting, commenting or obtaining other clarification of guidance, training and enforcement, and a host of other related concerns.

Her clients include public and private health care providers, health insurers, health plans, employers, payroll, staffing, recruitment, insurance and financial services, technology and other vendors, and others.  In addition to representing and advising these organizations, she also has conducted training on Privacy & The Pandemic for the Association of State & Territorial Health Plans, as well as HIPAA, FACTA, PCI, medical confidentiality, insurance confidentiality and other privacy and data security compliance and risk management for Los Angeles County Health Department, ISSA, HIMMS, the ABA, SHRM, schools, medical societies, government and private health care and health plan organizations, their business associates, trade associations and others. Ms. Stamer also has authored numerous highly-regarded works and training programs on HIPAA and other data security, privacy and use published by BNA, the ABA and other premier legal industy publishers.

Ms. Stamer also has extensive experience with a diverse array of other human resources and other staffing, services, outsourcing and other workforce, qualified and nonqualified employee benefit, compensation, and related matters, their design, documentation, administration, modification, enforcement and defense and other related operational, compliance and risk management.  Her experience includes advising andassisting employer and other plan sponsors, fiduciaries, administrators, vendors and others with and program design, documentation and ongoing administration administration for compliance and defensibility under IRS and other federal and state tax, OFCCP, CAS, SCA, Davis Bacon, SEC and other corporate, ERISA and other federal and state labor and employment, SEC and other corporate, Department of Insurance and other laws and regulations; advising and assisting buyers, sellers, investors, debtors, creditors, trustees, plan fiduciaries and service providers and others in relation to business transactions, restructurings, bankruptcies and other substantial corporate and business events and transactions including significant work involving amendment, termination, windup and restructuring of employee benefit plans and workforce concerns in highly publicized fiduciary, securities or other misconduct investigation and enforcement, bankruptcy, restructuring or other distress situations.

A former lead consultant to the Government of Bolivia on its Pension Privatization Project with extensive domestic and international public policy and governmental and regulatory affairs experience, Ms. Stamer also is widely recognized for regulatory and policy work, advocacy and outreach on healthcare, education, aging, disability, savings and retirement, workforce, ethics, and other policies. Throughout her adult life and career, Ms. Stamer has provided thought leadership; policy and program design, statutory and regulatory development design and analysis; drafted legislation, proposed regulations and other guidance, position statements and briefs, comments and other critical policy documents; advised, assisted and represented health care providers, health plans and insurers, employers, professional. and trade associations, community and government leaders and others on health care, health, pension and retirement, workers’ compensation, Social Security and other benefit, insurance and financial services, tax, workforce, aging and disability, immigration, privacy and data security and a host of other international and domestic federal, state and local public policy and regulatory reforms through her involvement and participation in numerous client engagements, founder and Executive Director of the Coalition for Responsible Health Policy and its PROJECT COPE: the Coalition on Patient Empowerment, adviser to the National Physicians Congress for Healthcare Policy, leadership involvement with the US-Mexico Chamber of Commerce, the Texas Association of Business, the ABA JCEB, Health Law, RPTE, Tax, Labor, TIPS, International Life Sciences, and other Sections and Committees, SHRM Governmental Affairs Committee and a host of other involvements and activities.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also publishes and speaks extensively on health and managed care industry regulatory, staffing and human resources, compensation and benefits, technology, public policy, reimbursement and other operations and risk management concerns. Her insights on these and other related matters appear in the Health Care Compliance Association, Atlantic Information Service, Bureau of National Affairs, The Wall Street Journal, Business Insurance, the Dallas Morning News, Modern Health Care, Managed Healthcare, Health Leaders, and a many other national and local publications.  In addition to her many years of service as a scrivener for the ABA JCEB’s meeting with OCR, for instance, she also serves as Chair the Southern California ISSA Health Care Privacy & Security Summit, and an editorial advisory board member, author, program chair or steering committee member, and faculties for a multitude of other programs and publications regarding privacy, data security, technology and other compliance, risk management and operational concerns in the health care, health and other insurance, employee benefits and human resources, retail, financial services and other arenas.Ms. Stamer also shares her thought leadership, experience and advocacy on HIPAA and other concerns by her service in the leadership of a broad range of other professional and civic organization including her involvement as the Vice Chair of the North Texas Healthcare Compliance Association, Executive Director of the Coalition on Responsible Health Policy and its PROJECT COPE: Coalition on Patient Empowerment, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children; former Board Compliance Chair and Board member of the National Kidney Foundation of North Texas, current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, immediate past RPTE Representative to ABA Joint Committee on Employee Benefits Council Representative and current RPTE Representative to the ABA Health Law Coordinating Council, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, a former member of the Board of Directors of the Southwest Benefits Association and others.

Ms. Stamer also is a highly popular lecturer, symposium and chair, faculty member and author, who publishes and speaks extensively on health and managed care industry, human resources, employment and other privacy, data security and other technology, regulatory and operational risk management. Examples of her many highly regarded publications on these matters include “Protecting & Using Patient Data In Disease Management: Opportunities, Liabilities And Prescriptions,” “Privacy Invasions of Medical Care-An Emerging Perspective,” “Cybercrime and Identity Theft: Health Information Security: Beyond HIPAA,” as well as thousands of other publications, programs and workshops these and other concerns for the American Bar Association, ALI-ABA, American Health Lawyers, Society of Human Resources Professionals, the Southwest Benefits Association, the Society of Employee Benefits Administrators, the American Law Institute, Lexis-Nexis, Atlantic Information Services, The Bureau of National Affairs (BNA), InsuranceThoughtLeaders.com, Benefits Magazine, Employee Benefit News, Texas CEO Magazine, HealthLeaders, the HCCA, ISSA, HIMSS, Modern Healthcare, Managed Healthcare, Institute of Internal Auditors, Society of CPAs, Business Insurance, Employee Benefits News, World At Work, Benefits Magazine, the Wall Street Journal, the Dallas Morning News, the Dallas Business Journal, the Houston Business Journal, and many other symposia and publications. She also has served as an Editorial Advisory Board Member for human resources, employee benefit and other management focused publications of BNA, HR.com, Employee Benefit News, Insurance Thought Leadership and many other prominent publications and speaks and conducts training for a broad range of professional organizations.

For more information about Ms. Stamer or her health industry and other experience and involvements, see here or contact Ms. Stamer via telephone at (469) 767-8872 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources here such as:

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating or your profile here.

©2017 Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions Law Press, Inc.™ All other rights reserved.


DOL Appeals Preliminary Injunction Blocking White Collar Exemption Salary Threshhold Change

December 2, 2016

The US Department of Labor (DOL) is appealing the November 22 Nevada v US Department of Labor ruling preliminarily enjoining DOL from implementing or enforcing a modification to the DOL Fair Labor Standards Act (FLSA) White Collar Exemption Regulations that would have nearly doubled the minimum salary that an employer must pay an employee on a salaried basis in reliance on the White Collar Exemption.

The Department of Justice on behalf of the Department of Labor filed a notice to appeal the preliminary injunction to the U.S. Circuit Court of Appeals for the Fifth Circuit yesterday.  

The November 22 Nevada preliminary injunction order barred DOL nationwide from implementing a change to its White Collar Regulations on  December 1, 2016 that would automatically excluded any employee earning a salary of less than $913 per week ($47,476 per year) from coverage by the most commonly relied upon FLSA exemption, White Collar Exemption,  pending a future ruling on the merits lifting the injunction.  

The Obama Administration’s final rule change published in the Federal Register on May 23, 2016, increases the threshold salary for the exemption from $455 per week to $913 per week ($47,476 per year) effective December 1, 2016 and provides for automatic adjustments to this amount every three years beginning January 1, 2020

DOL’s full statement regarding the litigation is here.

The appeal likely surprises many who assumed that the impending change in Administration would put an end to the Obama Administration’s change.  It remains to be seen how quickly the Fifth Circuit will hear the appeal as well as the fate of the rule change and the litigation after President-Elect Trump takes office. Either way, however, zealous and often successful private plaintiff and DOL enforcement of other elements of the While Collar Exemption and other FLSA requirements makes it imperative that employers be prepared to produce the necessary proof to defend their payment of any worker on a salaried basis as well as.compliance with all minimum wage, overtime, record keeping and other FLSA requirements.

About The Author
Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,”“Tax: Erisa & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney and management consultant, author, public policy advocate and lecturer widely known for work, teachings and publications.

Ms. Stamer works with businesses and their management, employee benefit plans, governments and other organizations deal with all aspects of human resources and workforce, internal controls and regulatory compliance, change management and other performance and operations management and compliance. She supports her clients both on a real-time, “on demand” basis and with longer term basis to deal with daily performance management and operations, emerging crises, strategic planning, process improvement and change management, investigations, defending litigation, audits, investigations or other enforcement challenges, government affairs and public policy.
A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares shared her thought leadership, experience and advocacy on these and other concerns by her service in the leadership of a broad range of other professional and civic organization including her involvement as the Vice Chair of the North Texas Healthcare Compliance Association, Executive Director of the Coalition on Responsible Health Policy and its PROJECT COPE: Coalition on Patient Empowerment, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children; former Board Compliance Chair and Board member of the National Kidney Foundation of North Texas, current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, immediate past RPTE Representative to ABA Joint Committee on Employee Benefits Council Representative and current RPTE Representative to the ABA Health Law Coordinating Council, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, a former member of the Board of Directors of the Southwest Benefits Association and others.

Ms. Stamer also is a highly popular lecturer, symposia chair and author, who publishes and speaks extensively on health and managed care industry, human resources, employment, employee benefits, compensation, and other regulatory and operational risk management. Examples of her many highly regarded publications on these matters include the “Texas Payday Law” Chapter of Texas Employment Law, as well as thousands of other publications, programs and workshops these and other concerns for the American Bar Association, ALI-ABA, American Health Lawyers, Society of Human Resources Professionals, the Southwest Benefits Association, the Society of Employee Benefits Administrators, the American Law Institute, Lexis-Nexis, Atlantic Information Services, The Bureau of National Affairs (BNA), InsuranceThoughtLeaders.com, Benefits Magazine, Employee Benefit News, Texas CEO Magazine, HealthLeaders, the HCCA, ISSA, HIMSS, Modern Healthcare, Managed Healthcare, Institute of Internal Auditors, Society of CPAs, Business Insurance, Employee Benefits News, World At Work, Benefits Magazine, the Wall Street Journal, the Dallas Morning News, the Dallas Business Journal, the Houston Business Journal, and many other symposia and publications. She also has served as an Editorial Advisory Board Member for human resources, employee benefit and other management focused publications of BNA, HR.com, Employee Benefit News, InsuranceThoughtLeadership.com and many other prominent publications and speaks and conducts training for a broad range of professional organizations and for clients on the Advisory Boards of InsuranceThoughtLeadership.com, HR.com, Employee Benefit News, and many other publications. For additional information about Ms. Stamer, see CynthiaStamer.com or contact Ms. Stamer via email here or via telephone to (469) 767-8872.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources at SolutionsLawPress.com such as:

  • DOL Aggressively Targeting Restaurants For Wage & Hour & Child Labor Law Violations
  • Stop Bullying Month Opportunity to Strengthen Workplace Anti-Harassment Efforts
  • Health Plans, Other Covered Entities Have Continuing Duty To Reevaluate HIPAA Enterprise Risk To PHI & Address Security Risks & Other Compliance Concern On Ongoing Basis
  • New ACA Student Health Insurance Guidance Allows College Payment Of Working Students’ Student Health Insurance Premiums Post 2016
  • ERISA Violations Cost More Now
  • IRS Qualified Plan Correction Procedures Changing 1/1/17
  • DOL Invites FLSA Section 14(c) Certificateholders Test Prototype Application
  • Private Exchanges: Employer Health Program Panacea or Problem? Consider Carefully!
  • New DOL, IRS & HHS FAQ Confirms Employers Can’t Pay, Use HRAs to Reimburse Employees For Individual Policy Premiums
  • Review Health Plans With Reference-Based Reimbursement Designs Under New Agency FAQ Guidance
  • IRS Guidance Raises Concerns For Many Employers Offering “Skinny” & Other Limited Coverage Health Plans
  • Plan’s Purchase of Company Stock Triggers $6.48 Million Award Against ESOP Sponsor, Shareholder, Board Members & Trustees
  • Encourage Workers To Review Withholding As Part Of Annual Enrollment
  • Making Wellness Work On A Shoestring Budget
  • Brace For OCR HIPAA Audits
  • Check Health Plan Privacy For New Guidance Compliance
  • Health Benefit Still Top Employer Benefit Cost
  • Congress Passess Joint Resolution Overturning NLRB “Quickie Election Rule”
  • U.S. Businesses & Their Leaders Face Rising FLSA Collective Action Liability Risks
  • Improve HR Value To Company By Making HR A Performance Rather Than People Department
  • Sponsoring Employers Face Excise Taxes, Other Liabilities Unless Health Plans Comply With ACA Out-Of-Pocket & Other Federal Rules
  • Legal Review Of Health Plan Documents, Processes Needed To Mitigate Employer’s Excise Tax & Other Health Plan Risks
  • EEOC ADA Suit Against Magnolia Health Highlights US Employer’s Growing Disability Discrimination Risks
  • 10 Practical Pointers To Use Law To Better Strengthen The Legal Defensibility Of Your Business & Its Leaders
  • Health Insurer/Vendor’s Claims & Appeals Deficiencies Could Trigger Significant Employer Excise Tax Liability
  • EEOC Charges Employer Violated ADA By Terminating Employment At FMLA Leave End
  • Businesses Should Verify Proper Tracking, Withholding & Reporting On Tips & Gratuities

If you or someone else you know would like to receive future updates about developments on these and other concerns, please provide your current contact information and preferences including your preferred e-mail by creating or updating your profile here.

©2016 Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions Law Press, Inc. All other rights reserved.


Health Plans, Other Covered Entities Have Continuing Duty To Reevaluate HIPAA Enterprise Risk To PHI & Address Security Risks & Other Compliance Concern On Ongoing Basis

October 27, 2016

Compliance with the Privacy and Security Rules of the Health Insurance Portability & Accountability Act (HIPAA) is a living process that requires employer and other health plans, health insurers, health care providers and healthcare clearinghouses to recurrently reevaluate their HIPAA enterprise risk and timely act to mitigate security threats to electronic (ePHI) and other  protected health information and other HIPAA compliance concerns on an ongoing basis.  That’s the clear take away applicable to all HIPAA-Covered Entities and business associates from the St. Joseph Health Resolution Agreement and Corrective Action Plan (SJH Settlement) and the Oregon Health & Science University Resolution Agreement and Corrective Action Plan (OHSU Settlement) announced by the Department of Health & Human Services Office of Civil Rights (OCR)  in the past 30 days.  Health plans, their sponsors, fiduciaries and vendors, health care providers and health care clearinghouses should carefully heed this message and in response take documented steps to ensure

  • Their existing policies, practices and procedures properly are updated in response to changing guidance and events;
  • They in place the current, comprehensive enterprise risk assessment along with a mitigation plan documenting actions taken to address these risks;
  • Ensure that the organization has and is administering appropriate, documented processes and procedures to ensure that the organization reassesses its enterprise risk assessment and compliance on a timely basis as warranted by changes or other events that could impact ePHI, regulatory developments or other events that might impact its compliance; and
  • Have an appropriate, documented process for oversight by C-level management.

OHSU Charges & Settlement

The OHSU Settlement Agreement announced by OCR on September 23, 2016 requires OHSU to pay a $2.7 million settlement payment and adopt and implement a comprehensive three-year corrective action plan to address “widespread and diverse” HIPAA compliance problems OCR reports uncovering while investigating multiple HIPAA breach reports the large public academic health center and research university centered in Portland, Oregon.

OCR began investigating OHSU after the large public academic health center and research university centered in Portland, Oregon, submitted three HIPAA breach reports affecting thousands of individuals, including two reports involving unencrypted laptops and another large breach involving a stolen unencrypted thumb drive:

  • On March 23, 2013, HHS received notification from OHSU regarding a breach of its unsecured electronic protected health information (“ePHI”) resulting from a stolen laptop computer;
  • On July 28, 2013, HHS received notification from OHSU regarding a breach of its ePHI resulting from storing ePHI at an internet-based service provider without a business associate agreement; and.

These incidents each garnered significant local and national press coverage. OCR’s investigation uncovered evidence of widespread vulnerabilities within OHSU’s HIPAA compliance program, including the storage of the ePHI of more than 3,000 individuals on a cloud-based server without a business associate agreement.  OCR found significant risk of harm to 1,361 of these individuals due to the sensitive nature of their diagnoses.

OCR’s investigation showed the reported breaches resulted from widespread, long-term, systematic and unresolved HIPAA violations by OHSU that OCR attributed to an inadequate commitment to and oversight of HIPAA compliance by OHSU C-level management which resulted in the failure by OHSU to appropriately monitor the adequacy of its ongoing compliance and to assess and address changes in its enterprise-wide risk and compliance obligations on an ongoing basis. OHSU performed risk analyses in 2003, 2005, 2006, 2008, 2010, and 2013, but OCR’s investigation found that these analyses did not cover all ePHI in OHSU’s enterprise, as required by the Security Rule.  While the analyses identified vulnerabilities and risks to ePHI located in many areas of the organization, OHSU did not act in a timely manner to implement measures to address these documented risks and vulnerabilities to a reasonable and appropriate level. OHSU also lacked policies and procedures to prevent, detect, contain, and correct security violations and failed to implement a mechanism to encrypt and decrypt ePHI or an equivalent alternative measure for ePHI maintained on its workstations, despite having identified this lack of encryption as a risk.

OCR concluded that the reported breaches were the result of long-standing, systematic deficiences in OHSU’s  processes and procedures for HIPAA compliance, including the following:

  • While OHSU reportedly performed risk analyses in 2003, 2005, 2006, 2008, 2010, and 2013, OCR says its investigation found that these analyses did not cover all ePHI in OHSU’s enterprise, as required by the Security Rule;
  • While the analyses identified vulnerabilities and risks to ePHI located in many areas of the organization, OHSU did not act in a timely manner to implement measures to address these documented risks and vulnerabilities to a reasonable and appropriate level;
  • OHSU also lacked policies and procedures to prevent, detect, contain, and correct security violations and failed to implement a mechanism to encrypt and decrypt ePHI or an equivalent alternative measure for ePHI maintained on its workstations, despite having identified this lack of encryption as a risk;
  • OHSU failed to comply with its duty under HIPAA to enter into a business associate agreement with a vendor before allowing a vendor business associate to store ePHI; and
  • The absence of meaningful C-suite leadership oversight and commitment to HIPAA compliance.

Based on these investigations, OCR concluded that while OHSU initially adopted HIPAA Policies, the reported breaches were the result of a series of widespread and ongoing breaches of HIPAA resulted including the following:

  • From January 5, 2011, until July 3, 2013, OHSU disclosed the ePHI of 3,044 individuals in violation of Privacy Rules §§160.103 and 164.502(a) when workforce members disclosed the ePHI to a third party internet-based service provider without obtaining a business associate agreement or other satisfactory assurance that the internet-based service provider would safeguard the ePHI;
  • From January 5, 2011 until July 3, 2013 OHSU failed to obtain a business associate agreement from an internet-based service provider that was storing ePHI on its behalf as a business associate as required by 45 C.F.R. § 164.308(b);
  • From January 5, 2011 until July 3, 2013 OHSU failed to implement policies and procedures to prevent, detect, contain, and correct security violations as required under Privacy Rule § 164.308(a)(1)(i);
  • From July 12, 2010 to present, OHSU failed to implement a mechanism to encrypt and decrypt ePHI or an equivalent alternative measure for all ePHI maintained in OHSU’s enterprise as required by Privacy Rules §§ 164.312(a)(2)(iv) and 164.306(d)(3)); and
  • From May 29, 2013 until July 3, 2013, OHSU failed to implement policies and procedures to address security incidents in violation of Privacy Rule § 164.308(a)(6)(i).

According to statements made by OCR Director Jocelyn Samuels in OCR’s announcement of the OHSU Settlement, the breaches should not have happened.  “From well-publicized large scale breaches and findings in their own risk analyses, OHSU had every opportunity to address security management processes that were insufficient,” said OCR Director Jocelyn Samuels.  OCR’s announcement also signals that OCR views inadequate commitment and oversight by OHSU’s senior management to have played a key role in the creation and perpetuation of the OHSU violations.  It quotes OCR Director Jocelyn Samuels  as stating,  “This settlement underscores the importance of leadership engagement and why it is so critical for the C-suite to take HIPAA compliance seriously.”

OCR’s announcement of the OHSU Settlement emphasizes its determination that a lack of commitment and oversight by C-level management resulted in the failure by OHSU to periodically perform a comprehensive enterprise risk analysis and to reevaluate and update that analysis and its policies, practices, procedures and training as warranted by changing events and guidance.

To resolve the HIPAA charges, the OHSU Settlement requires OHSU to pay OCR $2,700,000 as well as take a long series of corrective actions detailed in the Corrective Action Plan incorporated into the Settlement Agreement.  The requirements of the Corrective Action Plan both seek to address the specific weaknesses that lead to the breaches of unsecured ePHI reported by OHSU in its breach notifications as well as the broader deficiencies in OHSU’s overall HIPAA compliance practice by requiring among other things that OHSU:

  • Conduct an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of ePHI at all OHSU facilities and on all systems, networks, and devices that create, receive, maintain, or transmit ePHI;.
  • Develop and present to OCR for approval a comprehensive written risk management plan that explains OHSU’s strategy for implementing security measures sufficient to reduce the risks and vulnerabilities identified in the risk analysis to a reasonable and appropriate level based on OHSU’s circumstances as well as a comprehensive, enterprise-wide plan to implement effective oversight of OHSU workforce members to ensure their adherence to HIPAA Rules and OHSU’s internal privacy and security policies and procedures with specific timelines for their expected completion and compensating controls identified in the interim to safeguard OHSU’s ePHI;
  • Implement and administer the written risk management plan and other safeguards as approved by OCR;
  • Provide updates to OCR about OHSU’s implementation of required encryption including a Mobile Device Management (MDM) solution that ensures all OHSU- owned and personally-owned mobile devices (tablets, smart phones, and other mobile devices) that access ePHI on OHSU’s secure network are encrypted other than mobile devices for which OHSU has granted exceptions based on documented evidence of the implementation of alternative reasonable compensating controls to protect the ePHI on such devices;
  • Report to OCR on OHSU’s efforts to a solution to enforce encryption of ePHI on OHSU-owned and personally- owned devices (laptops, desktops, and medical equipment) connecting to OHSU’s secure wired and wireless networks except for any devices for which OHSU has granted exceptions to the encryption requirement;
  • Report to OCR about its implementation of policies that prohibit the transfer of data containing ePHI from OHSU-owned and personally-owned devices to unencrypted removable storage devices (USB drives and portable hard drives) and implementation of a technical solution that enforces the policies prohibiting transfers of this type when attached to the OHSU secure network, except for any removable storage devices for which OHSU has granted exceptions based on documented evidence of reasonable compensating controls that have been implemented to protect the ePHI on such devices;
  • Send a communication to all members of the OHSU community describing its commitment to enterprise encryption;
  • Prepare to the satisfaction of OCR security awareness training materials needed to implement its security management processing including specific privacy and security awareness related to a) use of internet-based information storage services; b) disclosures to third party entities that require a business associate agreement or other reasonable assurance in place to ensure that the business associate will safeguard the protected health information (PHI) and/or ePHI; c) regarding managers, effective oversight of workforce members’ uses and disclosures of PHI, including ePHI, to ensure the workforce members’ compliance with the Privacy and Security Rules and OHSU’s internal policies and procedures; d) security incident reporting; and e) password management;
  • Initially train all workforce members with access to PHI and/or ePHI with 120 days of OCR’s approval of the training and thereafter ensure that new workforce members are trained with 15 days of hire and that all workforce members subsequently continue to receive training on an on-going basis;
  • Review the security awareness training materials annually, and, where appropriate, update the training to reflect changes in Federal law or HHS guidance, any issues discovered during audits or reviews, and any other relevant developments;
  • Management oversight and supervision of the implementation and administration of the corrective actions required by the Corrective Action Plan and HIPAA compliance; and
  • Management reporting to OCR on its actions and compliance with the Corrective Action Plan.

SJH Settlement

Similarly, the SJH Settlement OCR announced on October 18, 2016 with St. Joseph Health (SJH) requires SJH to pay  a $2.4 million plus settlement payment, conduct an enterprise-wide risk analysis and implement and administer a comprehensive correction plan to settle OCR charges that SJH violated HIPAA by allowing files containing ePHI of 31,800 individuals that SJH created for its participation in the Medicare meaningful use program to be publicly accessible on the internet from February 1, 2011, until February 13, 2012.

A nonprofit integrated Catholic health care delivery system sponsored by the St. Joseph Health Ministry, who through its 24,000 employees and 6,000 physicians provides a range of health care services to more than 137,000 inpatients and 3.6 million outpatients each year at SHS’ 4 acute care hospitals, home health agencies, hospice care, outpatient services, skilled nursing facilities, community clinics and physician organizations located throughout California and in parts of Texas and New Mexico.

OCR’s charges against SJH arose out of OCR’s investigation into a 2012 breach notification report SJS filed with OCR.  On February 14, 2012, SJH reported to OCR that files containing electronic protected health information (ePHI) of 31,800 individuals from five of the SJH hospitals-St. Jude Medical Center, Mission Hospital, Queen of the Valley Medical Center, Santa Rosa Memorial Hospital, and Petaluma Valley Hospital that SJH created for its participation in the meaningful use program were publicly accessible on the internet from February 1, 2011, until February 13, 2012, via Google and possibly other internet search engines.

SJH’s report to OCR indicated that this public access resulted from a configuration within its network server in which PDF files containing following patient information were uploaded: patient names; BMI; blood pressure; lab results; smoking status; diagnoses lists; medication allergies; advance directive status and demographic information (language, ethnicity, race, sex, and birth date). The server SJH purchased to store the files included a file sharing application whose default settings allowed anyone with an internet connection to access them. Upon implementation of this server and the file sharing application, SJH did not examine or modify it. As a result, the public had unrestricted access to PDF files containing the ePHI of 31,800 individuals, including patient names, health statuses, diagnoses, and demographic information  from February 14, 2012 until SJH blocked external access to the ePHI when it shut down the application February 13, 2012.

OCR’s investigation indicated the following potential violations of the HIPAA Rules:

  • From February 1, 2011 to February 13, 2012, SJH potentially disclosed the PHI of 31,800 individuals;
  • Evidence indicated that SJH failed to conduct an evaluation in response to the environmental and operational changes presented by implementation of a new server for its meaningful use project, thereby compromising the security of ePHI;
  • Although SJH hired a number of contractors to assess the risks and vulnerabilities to the confidentiality, integrity and availability of ePHI held by SJH, evidence indicated that this was conducted in a patchwork fashion and did not result in an enterprise-wide risk analysis, as required by the HIPAA Security Rule.

To resolve charges resulting from these findings, the SJH Resolution Agreement requires SJH to pay OCR a $2,140,500 settlement payment and adopt a comprehensive corrective action plan which among other things, requires SJH to conduct an enterprise-wide risk analysis, develop and implement a risk management plan, revise its policies and procedures, and train its staff on these policies and procedures.  SJH’s Chief Executive Officer, Annette M. Walker, is named in the Corrective Action Plan as the SJH authorized representative and contact person responsible for overseeing the CAP implementation.

Among other things, the Corrective Action Plan specifically requires that SJH:

  • Within 240 days, conduct an enterprise-wide analysis and provide a report to OCR which includes a complete inventory of all electronic equipment, data systems, and applications that contain or store ePHI, and prepare and deliver to OCR for review an enterprise-wide risk analysis that identifies all security risks and vulnerabilities that incorporates all electronic equipment, data systems, and applications controlled, administered, or owned by SJH, its workforce members, and affiliated staff that contains, stores, transmits, or receives electronic protected health information (ePHJ);
  • Revise this risk analysis plan as directed by OCR based on its review of the presented risk analysis;
  • Develop and implement to the satisfaction of OCR an organization-wide risk management plan to address and mitigate any security risks and vulnerabilities identified in the risk analysis;
  • Distribute the risk management plan as finally approved by OCR to to workforce members involved with implementation of the plan within 30 days of OCR approval;
  • Revise to OCR’s satisfaction, adopt and implement within 30 days of OCR’s approval compliant HIPAA policies and procedures;
  • Prepare for review of OCR training materials and once approved by OCR, provide initial training to required workforce members, and obtain certification of completion of that training from each required workforce member within 60 days of OCR’s approval of the training and thereafter at least annually as long as the Corrective Action Plan remains in force;
  • Promptly conduct a documented investigation of any information indicating a potential workforce member violation of the new HIPAA policies in the manner required by OCR and if the investigation confirms a violation (Reportable Event), notify OCR of the relevant facts, findings, corrective actions and sanctions imposed against the violating workforce member in the manner required by the Corrective Action Plan;
  • Submit annual report to OCR signed and attested to by an SJH officer, which contains the information and attestations of compliance with the requirements of the Corrective Action Plan in accordance with the Corrective Action Plan;
  • Retain for inspection and copying and provide to OCR upon request all documents and records relating to compliance with this Corrective Action Plan for six (6) years from the Effective Date of the SJH Settlement Agreement.

Take Away For Other Covered Entities & Business Associates

The OHSU and SJH Settlement Agreements send a clear message to all Covered Entities and business associates that they must be prepared to demonstrate not only that their initial adoption and implementation of required HIPAA Privacy and Security policies and safeguards, but also that their organization’s leadership needs to be prepared to demonstrate their commitment to HIPAA compliance by making adequate provision for HIPAA compliance, and appropriately monitoring developments that could impact the adequacy of their existing measures and timely update their systems and security, policies, procedures, training and other relevant safeguards.

The Settlements make clear that Covered Entities and their business associates should ensure that their organization possesses a well-documented current enterprise-wide risk assessment, as well as has in place and is administering as necessary to maintain the currency and adequacy of its risk assessment strong practices for conducting documented evaluations of their own HIPAA security, policies, practices, audits and investigations and other procedures necessary to comply with HIPAA, taking into account recent OCR guidance,  its initiation of its Phase II audit program, the insights offered by OCR’s ever growing list of enforcement actions and compliance tools, as well as changes in systems, documentation, software, equipment or other occurrences within the operations of the Covered Entity or business associate’s operations that could impact the currency and adequacy of its risk assessment or otherwise raise compliance risks.

In this respect, Covered Entities and business associates are encouraged to take special note of the advisability of specifically reviewing and updating their HIPAA policies, practices, business associate agreements, training, oversight and documentation to in response to the guidance and insight that OCR provides, including:

Employer and other health plan sponsors, health plan fiduciaries and business associates, and their service providers also generally will want to consider their responsibilities to provide and enforce employer certifications, as well as the fiduciary obligations health plan fiduciaries under the fiduciary responsibility rules of the Employee Retirement Income Security Act (ERISA). Among other things, wrongful disclosure of PHI to a sponsoring employer or others could violate HIPAA or other plan terms.  Furthermore, Department of Labor officials have indicated stated that a fiduciary’s general fiduciary responsibilities can apply to the protection and administration of PHI and other health plan information as well as create a duty by a responsible fiduciary to prudently investigate and take steps to address breaches or other potential concerns that place PHI at risk.  See, HIPAA Settlement Warns Health Plans, Sponsoring Employers & Business Associates To Manage HIPAA Risks.

Furthermore, as breaches of PHI and other violations of HIPAA also frequently give rise to responsibilities or risks under a broad range of other federal and state laws medical and financial privacy and data security, Medicare and other terms of federal program participation, medical credentialing, licensure and ethics, insurance and Employee Retirement Income Security Act fiduciary responsibilities in the case of health plans, contractual,  tort and other exposures, Covered Entities and their business associates also generally are best served to take into account these other responsibilities and exposures in conjunction with the design and administration of their HIPAA compliance and risk management policies and practices.

Covered Entities and their business associates also should seek advice from legal counsel regarding the adequacy of their compliance, investigatory, training, management oversight, training, reporting, documentation, document retention and other processes and procedures that could reduce risks of HIPAA violations and position the organization to effectively and more efficiently respond to a potential breach, audit, investigation or enforcement action and mitigate the costs and potential liability exposures that increasingly attends these events.  In addition, given the typically high financial, operational and legal costs typically incurred to conduct investigations, report and redress breaches, and respond to OCR audits or investigations, much less make any payments and implement any corrective actions required to settle OCR changes, most Covered Entities and their business associations will want to consider the advisability and adequacy of insurance and other sources of funding or indemnification for the often substantial costs that often attend a HIPAA breach, audit or enforcement event. Since HIPAA violations under certain circumstances also can give rise to felony criminal liability, boards of directors and other leaders of Covered Entities and business associates also will want to ensure that their HIPAA compliance policies and practices also are incorporated and monitored by management as part of their organization’s overall Federal Sentencing Guideline Compliance programs and practices.

About The Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of  “Labor & Employment,”“Tax: Erisa & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney and management consultant, author, public policy advocate and lecturer widely known for work, teachings and publications on HIPAA and other privacy and data security concerns earned in connection with her more than 28 years’ of involvement advising and representing business and government clients domestically and internationally about workforce and human resources, employee benefits; health care; insurance and financial; privacy and data security and other performance management, regulatory, internal controls and other compliance, risk management, public policy and operational other key concerns.

Board Certified in Labor & Employment Law by the Texas Board of Legal Specialization, a Fellow in the American College of Employee Benefit Counsel, past Group Chair and current Defined Contribution Plans Committee Co-Chair, Groups and Substantive Committee and Membership Committee Members, past Welfare Plans Committee Chair and Co-Chair, and former Fiduciary Responsibility Vice Chair of the American Bar Association (ABA) RPTE Section Employee Benefits Group, Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current ABA International Section Life Sciences Committee Vice Chair, past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group, former ABA Joint Committee on Employee Benefits Council Representative and Marketing Committee Chair and a prolific author and highly popular speaker and consultant, Ms. Stamer helps management manage.

Ms. Stamer’s legal and management consulting work throughout her nearly 30-year career has focused on helping organizations and their management use the law and process to manage people, process, compliance, operations and risk. Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer helps public and private, domestic and international businesses, governments, and other organizations and their leaders manage their employees, vendors and suppliers, and other workforce members, customers and other’ performance, compliance, compensation and benefits, operations, risks and liabilities, as well as to prevent, stabilize and cleanup workforce and other legal and operational crises large and small that arise in the course of operations.

Ms. Stamer works with businesses and their management, employee benefit plans, governments and other organizations deal with all aspects of human resources and workforce, internal controls and regulatory compliance, change management and other performance and operations management and compliance. She supports her clients both on a real time, “on demand” basis and with longer term basis to deal with daily performance management and operations, emerging crises, strategic planning, process improvement and change management, investigations, defending litigation, audits, investigations or other enforcement challenges, government affairs and public policy.

As a core component of her work,  Ms. Stamer has worked extensively throughout her career with health care providers, health plans, health care clearinghouses, their business associates, employers, banks and other financial institutions, their technology and other vendors and service providers, and others on legal and operational risk management and compliance with HIPAA, FACTA, PCI, trade secret, physician and other medical confidentiality and privacy, federal and state data security and data breach and other information privacy and data security rules and concerns; prevention, investigation, response, mitigation and resolution of known or suspected data or privacy breaches or other incidents; defending investigations or other actions by plaintiffs, OCR, FTC, state attorneys’ general and other federal or state agencies; reporting and redressing known or suspected breaches or other violations; business associate and other contracting; insurance or other liability management and allocation; process and product development, contracting, deployment and defense; evaluation, commenting or seeking modification of regulatory guidance, and other regulatory and public policy advocacy; training and discipline; enforcement, and a host of other related concerns for public and private health care providers, health insurers, health plans, technology and other vendors, employers, and others.

Beyond her extensive involvement advising and representing clients on privacy and data security concerns and other health industry matters, Ms. Stamer also has served for several years as a scrivener for the ABA JCEB’s meeting with OCR, the Chair of the Southern California ISSA Health Care Privacy & Security Summit, and an editorial advisory board member, author, program chair or steering committee member, and faculties for a multitude of other programs and publications regarding privacy, data security, technology and other compliance, risk management and operational concerns in the health care, health and other insurance, employee benefits and human resources, retail, financial services and other arenas.

A Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares shared her thought leadership, experience and advocacy on HIPAA and other concerns by her service in the leadership of a broad range of other professional and civic organization including her involvement as the Vice Chair of the North Texas Healthcare Compliance Association, Executive Director of the Coalition on Responsible Health Policy and its PROJECT COPE: Coalition on Patient Empowerment, a founding Board Member and past President of the Alliance for Healthcare Excellence, past Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; former Board President of the early childhood development intervention agency, The Richardson Development Center for Children; former Board Compliance Chair and Board member of the National Kidney Foundation of North Texas, current Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, current Vice Chair of Policy for the Life Sciences Committee of the ABA International Section, Past Chair of the ABA Health Law Section Managed Care & Insurance Section, a current Defined Contribution Plan Committee Co-Chair, former Group Chair and Co-Chair of the ABA RPTE Section Employee Benefits Group, immediate past RPTE Representative to ABA Joint Committee on Employee Benefits Council Representative and current RPTE Representative to the ABA Health Law Coordinating Council, former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division, past Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee, a former member of the Board of Directors of the Southwest Benefits Association and others.

Ms. Stamer also is a highly popular lecturer, symposia chair and author, who publishes and speaks extensively on health and managed care industry, human resources, employment and other privacy, data security and other technology, regulatory and operational risk management. Examples of her many highly regarded publications on these matters include “Protecting & Using Patient Data In Disease Management: Opportunities, Liabilities And Prescriptions,” “Privacy Invasions of Medical Care-An Emerging Perspective,” “Cybercrime and Identity Theft: Health Information Security: Beyond HIPAA,” as well as thousands of other publications, programs and workshops these and other concerns for the American Bar Association, ALI-ABA, American Health Lawyers, Society of Human Resources Professionals, the Southwest Benefits Association, the Society of Employee Benefits Administrators, the American Law Institute, Lexis-Nexis, Atlantic Information Services, The Bureau of National Affairs (BNA), InsuranceThoughtLeaders.com, Benefits Magazine, Employee Benefit News, Texas CEO Magazine, HealthLeaders, the HCCA, ISSA, HIMSS, Modern Healthcare, Managed Healthcare, Institute of Internal Auditors, Society of CPAs, Business Insurance, Employee Benefits News, World At Work, Benefits Magazine, the Wall Street Journal, the Dallas Morning News, the Dallas Business Journal, the Houston Business Journal, and many other symposia and publications. She also has served as an Editorial Advisory Board Member for human resources, employee benefit and other management focused publications of BNA, HR.com, Employee Benefit News, InsuranceThoughtLeadership.com and many other prominent publications and speaks and conducts training for a broad range of professional organizations and for clientson the Advisory Boards of InsuranceThoughtLeadership.com, HR.com, Employee Benefit News, and many other publications. For additional information about Ms. Stamer, see CynthiaStamer.com  or contact Ms. Stamer via email here or via telephone to (469) 767-8872.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources at http://www.solutionslawpress.com such as:

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating or updating your profile here.

©2016 Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions Law Press, Inc.™  All other rights reserved.  


Manage Retaliation Risks In Response To Updated EEOC Enforcement Guidance, Rising Retaliation Claims

August 31, 2016

U.S. employers, employment agencies, unions, their benefit plans and fiduciaries, and their management and service providers should move quickly to review and strengthen their employment and other practices to guard against a foreseeable surge in employee retaliation claims and judgements likely to follow the August 30, 2016 issuance by the Equal Employment Opportunity Commission (EEOC) of its new final  EEOC Enforcement Guidance on Retaliation and Related Issues and concurrently published Question and Answer Guidance(Guidance).

Updating and superceding 2008 guidance previously set forth in the Retaliation Chapter of the EEOC Enforcement Manual, the Guidance details the EEOC’s current policy for investigating and enforcing the retaliation prohibitions under each of the equal employment opportunity (EEO) laws enforced by EEOC, including Title VII of the Civil Rights Act of 1964, the Age Discrimination in Employment Act (ADEA), Title V of the Americans with Disabilities Act (ADA), Section 501 of the Rehabilitation Act, the Equal Pay Act (EPA) and Title II of the Genetic Information Nondiscrimination Act (GINA) as well as the ADA’s separate “interference” prohibitions, which prohibit coercion, threats, or other acts that interfere with the exercise of ADA rights.  Among other things, the Guidance discusses :

  • What “retaliation means” and the scope of employee activity protected by the prohibitions against retaliation included in all laws enforced by the EEOC as well as the interference prohibitions of the ADA;
  • Legal analysis the EEOC will use to determine if evidence supports a claim of retaliation against an employer or other party;
  • Detailed examples of employer actions that the EEOC says may constitute prohibited retaliation; and
    Remedies available for retaliation.

Understanding and properly responding to the Guidance is critically important for employers and other subject to the EEO laws because in light of the substantial and growing liability exposures retaliation claims present and the likely that the issuance of the Guidance will further fuel these risks.

Even before the EEOC published the Guidance, retaliation and interference exposures were a substantial source of concern for most employers.  Employers, employment agencies and unions caught engaging in prohibited retaliation or intimidation in violation of EEO laws can incur compensatory and (except for governmental employers) punitive damage awards, back pay, front pay, reinstatement into a job or other equitable remedies, injunctive or administrative orders requiring changes in employer policies and procedures, managerial training, reporting to the EEOC and other corrective measures, as well as substantial investigation and defense costs.

These substantial liability exposures have become particularly concerning as retaliation and interference claims also have become increasingly common over the past decade. According to the EEOC, for example, EEO law retaliation charges have remained the most frequently alleged basis of charges filed with the EEOC since 2009 and in Fiscal Year 2015 accounted for 44.5 percent of all employment discrimination charges received by EEOC.
Since the EEOC’s issuance of the Retaliation Regs are likely to encourage additional retaliation or interference claims, employers, employment agencies, unions and their management, service providers and agents should quickly to evaluate the updated guidance provided in the Retaliation Reg and act to mitigate their exposure to retaliation retaliation and interference claims under these EEO laws.

Retaliation Risks Under EEO Laws

Federal EEO laws generally prohibit employers, employment agencies, or unions from punishing or taking other adverse actions against job applicants or employees for “asserting their rights” (often referred to as “protected activity”) to be free from harassment or other prohibited employment discrimination as well as certain other conduct. Such claims generally are referred to as “retaliation claims.”
Prohibited retaliation in violation of EEO laws occurs when an employer, employment agency or union takes a materially adverse action because an applicant or employee asserts rights or engages in certain other activities protected by the EEO laws.

To prevail in a retaliation claim, an applicant, employee or other individual generally must show that:

  • The individual engaged in prior protected activity;
  • The employer, employment agency or union took a materially adverse action; and
  • More likely than not, retaliation caused the adverse action by the employer, employment agency or union.

Persons Protected By EEO Retaliation Rules

EEO retaliation prohibitions protect both applicants and current and former employees (full-time, part-time, probationary, seasonal, and temporary) against retaliation under the EEO laws.  The retaliation prohibitions bar an employer from refusing to hire or otherwise taking adverse action against any current or former applicant or employee because of his EEO complaint or other protected activity under applicable EEO laws.  The EEOC interprets the retaliation rules as prohibiting an employer from giving a false negative job reference to punish a former employee for making an EEO complaint or engaging in other protected activity as well as as prohibiting an employer from refusing to hire or otherwise retaliating or discriminating against an applicant or employee based on a complaint made or other protected activity engaged against any a prior employer.  The Guidance also makes clear that the retaliation prohibitions apply regardless of an applicant or employee’s citizenship or work authorization status.

Protected Activity

“Protected activity” generally means either participating in an EEO process or reasonably opposing conduct made unlawful by an EEO law.

The prohibition against an employer retaliating against an individual for “participating” in an EEO process means that an employer cannot punish an applicant or employee for filing an EEO complaint, serving as a witness, or participating in any other way in an EEO matter, even if the underlying discrimination allegation is unsuccessful or untimely. As a part of these prohibitions, the EEOC says that an employer, employment agency or union is not allowed to do anything in response to EEO activity that would discourage someone from resisting or complaining about future discrimination. For example, depending on the facts of the particular case, it could be retaliation because of the employee’s EEO activity for an employer to:

  • Reprimand an employee or give a performance evaluation that is lower than it should be;
  • Transfer the employee to a less desirable position;
  • Engage in verbal or physical abuse;
  • Threaten to make, or actually make reports to authorities (such as reporting immigration status or contacting the police);
  • Increase scrutiny;
  • Spread false rumors, treat a family member negatively (for example, cancel a contract with the person’s spouse); or
  • Take action that makes the person’s work more difficult (for example, punishing an employee for an EEO complaint by purposefully changing his work schedule to conflict with family responsibilities).

The Guidance clearly states that the EEOC views participating in any capacity in a complaint process or other protected equal employment opportunity as protected activity which is protected from retaliation under all circumstances.  The EEOC views other acts to oppose discrimination also as protected as long as the employee was acting on a reasonable belief that something in the workplace may violate EEO laws, even if he or she did not use legal terminology to describe the issue. EEOC’s view is that protections against retaliation extend to participation in an employer’s internal EEO complaint process, even if a charge of discrimination has not yet been filed with the EEOC. The EEOC also takes the position that participation in the EEO process is protected whether or not the EEO allegation is based on a reasonable, good faith belief that a violation occurred. While an employer is free to bring these to light in the EEO matter where it may rightly affect the outcome, the Retaliation Regs state it is unlawful retaliation for an employer to take matters into its own hands and impose consequences for participating in an EEO matter.

In addition to prohibition for participation in protected activities, EEO law also prohibits retaliation against an individual for “opposing” a perceived unlawful EEO practice.  The EEOC construes prohibition against retaliation for opposition as prohibiting an employer or other covered entity from punishing an applicant or employee for communicating or taking other action in opposition of a perceived EEO violation if the individual acted reasonably and based on a reasonable good faith belief that the conduct opposed is or could become unlawful if repeated.

According to the EEOC, opposition also can be protected even if it is informal or does not include the words “harassment,” “discrimination,” or other legal terminology. A communication or act may be protected opposition as long as the circumstances show that the individual is conveying resistance to a perceived potential EEO violation such as, for example:

  • Complaining or threatening to complain about alleged discrimination against oneself or others;
  • Taking part in an internal or external investigation of employment discrimination, including harassment;
  • Filing or being a witness in a charge, complaint, or lawsuit alleging discrimination;
  • Communicating with a supervisor or manager about employment discrimination, including harassment;
  • Answering questions during an employer investigation of alleged harassment;
  • Refusing to follow orders that would result in discrimination;
  • Resisting sexual advances, or intervening to protect others;
  • Reporting an instance of harassment to a supervisor;
  • Requesting accommodation of a disability or for a religious practice;
  • Asking managers or co-workers about salary information to uncover potentially discriminatory wages;
  • Providing information in an employer’s internal investigation of an EEO matter;
  • Refusing to obey an order reasonably believed to be discriminatory;
  • Advising an employer on EEO compliance;
  • Resisting sexual advances or intervening to protect others;
  • Passive resistance (allowing others to express opposition);
  • Requesting reasonable accommodation for disability or religion;
  • Complaining to management about EEO-related compensation disparities;
  • Talking to coworkers to gather information or evidence in support of a potential EEO claim; or
  • Other acts of opposition.

In order for the protection against opposition to apply, however, the individual must act with a reasonable good faith belief that the conduct opposed is unlawful or could become unlawful if repeated.  Opposition not based on such a good faith belief is not protected. Employers should note that the EEOC takes the position that opposition by an employee could qualify as reasonable opposition protected against retaliation when an employee or applicant complains about behavior that is not yet legally harassment (i.e., even if the mistreatment has not yet become severe or pervasive) or to complain about conduct the employee believes violates the EEO laws if the EEOC has adopted that interpretation, even if some courts disagree with the EEOC on the issue.

Furthermore, an individual opposing a perceived violation of an EEO law is disqualified for protection against retaliation for his opposition unless the individual behaves in a reasonable manner when expressing his opposition. For example, threats of violence, or badgering a subordinate employee to give a witness statement, are not protected opposition.

Subject to these conditions, however, the Guidance states that retaliation for opposing perceived unlawful EEOC practices need not be applied directly to the employee to qualify for protection. If an employer, employment agency or union takes an action against someone else, such as a family member or close friend, in order to retaliate against an employee, the EEOC says both individuals would have a legal claim against the employer.

Moreover, according to the EEOC, the prohibitions against retaliation for participation and opposition apply regardless of whether the person is suffers the retaliation for acting as a witness or otherwise participating in the investigation of a prohibited practice regarding an EEO complaint brought by others, or for complaining of conduct that directly affects himself.

Materially Adverse Action

To fall within EEO law prohibitions against retaliation, the retaliatory actions must be “materially adverse,” which the Guidance defines to include any action that under the facts and circumstances might deter a reasonable person from engaging in protected activity.  This definition of “materially adverse” sweeps broadly to include more than employment actions such as denial of promotion, non-hire, denial of job benefits, demotion, suspension, discharge, or other actions that can be challenged directly as employment discrimination. It also encompasses within the scope of retaliation employer action that is work-related, as well as other actions with no tangible effect on employment, or even an action that takes place exclusively outside of work, as long as it may well dissuade a reasonable person from engaging in protected activity.

Whether an action is materially adverse depends on the facts and circumstances of the particular case. The U.S. Supreme Court has held that transferring a worker to a harder, dirtier job within the same pay grade, and suspending her without pay for more than a month (even though the pay was later reimbursed) were both “materially adverse actions” that could be challenged as retaliation. The Supreme Court has also said that actionable retaliation includes: the FBI’s refusing to investigate death threats against an agent; the filing of false criminal charges against a former employee; changing the work schedule of a parent who has caretaking responsibilities for school-age children; and excluding an employee from a weekly training lunch that contributes to professional advancement.

In contrast, a petty slight, minor annoyance, trivial punishment, or any other action that is not likely to dissuade an employee from engaging in protected activity in the circumstances is not “materially adverse.” For example, courts have concluded on the facts of given cases that temporarily transferring an employee from an office to a cubicle was not a materially adverse action and that occasional brief delays by an employer in issuing refund checks to an employee that involved small amounts of money were not materially adverse.

The facts and circumstances of each case determine whether a particular action is retaliatory in that context. For this reason, the same action may be retaliatory in one case but not in another. Depending on the facts, other examples of “materially adverse” actions may include:

  • Work-related threats, warnings, or reprimands;
  • Negative or lowered evaluations;
  • Transfers to less prestigious or desirable work or work locations;
  • Making false reports to government authorities or in the media;
  • Filing a civil action;
  • Threatening reassignment;
  • Scrutinizing work or attendance more closely than that of other employees, without justification;
  • Removing supervisory responsibilities;
  • Engaging in abusive verbal or physical behavior that is reasonably likely to deter protected activity, even if it is not yet “severe or pervasive” as required for a hostile work environment;
  • Requiring re-verification of work status, making threats of deportation, or initiating other action with immigration authorities because of protected activity;
  • Terminating a union grievance process or other action to block access to otherwise available remedial mechanisms; or
  • Taking (or threatening to take) a materially adverse action against a close family member (who would then also have a retaliation claim, even if not an employee).

ADA Interference Claims

In addition to the need to manage potential exposures for prohibited retaliation, employers, employment agencies and unions also should be careful to manage their exposure to potential liability arising from claims for wrongful interference and individual’s exercise of the disability rights or protections granted under the ADA.

The ADA generally prohibits disability discrimination, limits an employer’s ability to ask for medical information, requires confidentiality of medical information, and gives employees who have disabilities the right to reasonable accommodations at work absent undue hardship and like other EEO laws, prohibits retaliation. In addition to its prohibitions against retaliation, however, the ADA also more broadly prohibits “interference” with statutory rights under the ADA.

Interference is broader than retaliation. The ADA’s interference provision makes it unlawful to coerce, intimidate, threaten, or otherwise interfere with an individual’s exercise of ADA rights, or with an individual who is assisting another to exercise ADA rights.

In addition, the ADA also prohibits employers from interfering with ADA rights by doing anything that makes it more difficult for an applicant or employee to assert any of these rights such as using threats or other actions to discourage someone from asking for, or keeping, a reasonable accommodation; intimidating an applicant or employee into undergoing an unlawful medical examination; or pressuring an applicant or employee not to file a disability discrimination complaint.

Prohibited interference may be actionable under the ADA even if ineffective and even if the person subjected to intimidation goes on to exercise his ADA rights.

  • While acknowledging that some employer actions may be both retaliation and interference, or may overlap with unlawful denial of accommodation, the Guidance identifies the following actions as examples of interference prohibited under the ADA:
  • Coercing an individual to relinquish or forgo an accommodation to which he or she is otherwise entitled;
  • Intimidating an applicant from requesting accommodation for the application process by indicating that such a request will result in the applicant not being hired;
  • Threatening an employee with loss of employment or other adverse treatment if he does not “voluntarily” submit to a medical examination or inquiry that is otherwise prohibited under the statute;
  • Issuing a policy or requirement that purports to limit an employee’s rights to invoke ADA protections (e.g., a fixed leave policy that states “no exceptions will be made for any reason”);
  • Interfering with a former employee’s right to file an ADA lawsuit against the former employer by stating that a negative job reference will be given to prospective employers if the suit is filed; and
  • Subjecting an employee to unwarranted discipline, demotion, or other adverse treatment because he assisted a coworker in requesting reasonable accommodation.

According to the EEOC, a threat does not have to be carried out in order to violate the interference provision, and an individual does not actually have to be deterred from exercising or enjoying ADA rights in order for the interference to be actionable.

Strategies To Help Deter Or Rebut Retaliation Charges

Even though individuals claiming retaliation technically bear the burden of proving more likely than not that he suffered an adverse employment action more probably than not as a result of retaliation, an employer, employment agency or union charged with illegal retaliation frequently need to rebut or undermine a claimant’s evidence of retaliation by having and introducing admissible evidence that it a non-retaliatory reason for taking the challenged action such as evidence that:

  • The employer was not, in fact, aware of the protected activity;
  • There was a legitimate non-retaliatory motive for the challenged action, that the employer can demonstrate, such as poor performance; inadequate qualifications for position sought; qualifications, application, or interview performance inferior to the selectee; negative job references (provided they set forth legitimate reasons for not hiring or promoting an individual); misconduct (e.g., threats, insubordination, unexcused absences, employee dishonesty, abusive or threatening conduct, or theft); or reduction in force or other downsizing;
  • Similarly-situated applicants or employees who did not engage in protected activity were similarly treated;
  • Where the “but-for” causation standard applies, there is evidence that the challenged adverse action would have occurred anyway, despite the existence of a retaliatory motive; or
  • Other credible evidence showing a legitimate, non-discriminatory and non-retalitory motive behind the action.

It is important that employer other other potential defendants in retaliation actions recognize and take appropriate steps to create and retain evidence documenting these or other legitimate business reasons justifying the action prior to taking adverse action.  Many employer or other defendants charged with discrimination or retaliation discover too late that a rule of evidence commonly referred to as the “After Acquired Evidence Doctrine” often prevents an employer or other defendant from using documentation or other evidence of motive created after the adverse action occurs.  Consequently, employer and other potential targets of retaliation claims before taking the adverse action would be wise to carefully collect, document and retain the evidence and analysis showing their adverse action was taken for a legitimate, nonretalitory, nondiscriminatory reason rather than for any retaliatory purpose.

Other Defensive Actions & Strategies

Beyond taking care to document and retain evidence of its legitimate motivations for taking an adverse employment action, employers, employment agencies and unions interested in avoiding or enhancing their defenses against retaliation or interference claims also may find it helpful to:

  • Maintain a written, plain-language anti-retaliation and anti-interference policy that provides practical guidance on the employer’s expectations with user-friendly examples of what to do and not to do;
  • Send a message from top management that retaliation and interference are prohibited and will not be tolerated;
  • Ensure that top management understands and complies with policies against prohibited discrimination, retaliation and interference;
  • Consistently and fairly administer all equal employment opportunity and other policies and procedures in accordance with applicable laws in a documented, defensible manner;
  • Post and provide all required posters or other equal employment opportunity notices;
  • Timely and accurately complete and file all required EEO reports;
  • Clearly communicate orally and in writing the policy against prohibited retaliation and interference, as well as procedures for reporting, investigating and addressing concerns about potential violations of these policies in corporate policies as well as to employees complaining or participating in investigations or other protected activities;
  • Conduct documented training for all managers, supervisors and other employees and agents of the employer about policies against prohibited discrimination, retaliation, and interference including, as necessary, specific education about specific behaviors or situations that could raise retaliation or interference concerns, when and how to report or respond to such concerns and other actions to take to prevent or stop potential retaliation and interference;
  • Establish and administer clear policies and procedures for reporting and investigating claims or other indicators of potential prohibited employment discrimination, retaliation, interference including appropriate procedures for monitoring and protecting applicants and workers who have made claims of discrimination or have a record of involvement in activities that might qualify for corrective action;
  • Review performance, compensation and other criteria for potential evidence of overt or hidden bias or other evidence of potential prohibited retaliation or interference and take documented corrective action as needed to prevent improper bias from adversely corrupting decision-making process;
  • Conduct timely, well-documented investigations of all reports or other evidence of suspected discrimination, retaliation, and interference including any disciplinary, remedial or corrective action taken or foregone and the justification underlying these actions;
  • Obtain and enforce contractual reassurances from recruiting, staffing and other contractors to adhere to, and cooperate with the employer in its investigation and redress of the nondiscrimination, data collection and reporting, anti-retaliation and anti-interference requirements of equal employment opportunity and other laws;
  • Incorporate appropriate inquiries and other procedures for documented evaluating and monitoring that hiring, staffing, performance review, promotion, demotion, discipline, termination and other employment decisions and actions for evidence or other indicators of potential prohibited discrimination, retaliation, interference or other prohibited conduct and take corrective action as necessary based on the evidence developed; and
  • Designate appropriately empowered and trained members of the management of the employer to receive and investigate complaints and other potential concerns;
    Arrange for an unbiased third party review of the adverse action or the performance or other decision criteria, processes and analysis that the employer or other defendant contemplates relying on to decide and implement employment decisions for indicators of potential discriminatory, retaliatory or other illegal or undesirable biasand take corrective action as needed to address those concerns before undertaking employment actions;
  • Evaluate and allocate appropriate funds within the employer’s budget to support the employer’s compliance efforts as well as to provide for the availability of sufficient funds to investigate and defend potential charges or public or private charges of illegal discrimination, retaliation or interference through the purchase of employment practices liablity or other insurance coverages or otherwise;
  • If a manager or other party recommends an adverse action in the wake of an employee’s filing of an EEOC charge or participation in other protected activity, conducting or arranging for an another party to ndependently evaluate whether the adverse action is appropriate;
  • Proactively seek assistance from qualified legal counsel with the design and review of policies, practices and operations, investigation and analysis of internal or external complaints or other concerns about potential prohibited discrimination, retaliation or interference, review and execution of termination, discipline or other workforce events to mitigate discrimination, retaliation or interference risks as well as the defense of EEOC or private enforcement actions; and
  • Be ever diligent in your efforts to prevent, detect and redress actions or situations that could be a basis for retaliation or interference claims.

About The Author

Cynthia Marcotte Stamer is a noted Texas-based management lawyer and consultant, author, lecture and policy advocate, recognized for her nearly 30-years of cutting edge management work as among the “Top Rated Labor & Employment Lawyers in Texas” by LexisNexis® Martindale-Hubbell® and as among the “Best Lawyers In Dallas” for her work in the field of  “Labor & Employment,”“Tax: Erisa & Employee Benefits” “Health Care” and “Business and Commercial Law” by D Magazine.

Board Certified in Labor & Employment Law by the Texas Board of Legal Specialization, a Fellow in the American College of Employee Benefit Counsel, past Chair and current committee Co-Chair of the American Bar Association (ABA) RPTE Section Employee Benefits Group, Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, former Chair of the ABA Health Law Section Managed Care & Insurance Interest Group, a former ABA Joint Committee on Employee Benefits Council Representative and , Ms. Stamer helps management manage.

Ms. Stamer’s legal and management consulting work throughout her nearly 30-year career has focused on helping organizations and their management use the law and process to manage people, process, compliance, operations and risk. Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer helps public and private, domestic and international businesses, governments, and other organizations and their leaders manage their employees, vendors and suppliers, and other workforce members, customers and other’ performance, compliance, compensation and benefits, operations, risks and liabilities, as well as to prevent, stabilize and cleanup workforce and other legal and operational crises large and small that arise in the course of operations.

Ms. Stamer works with businesses and their management, employee benefit plans, governments and other organizations deal with all aspects of human resources and workforce, internal controls and regulatory compliance, change management and other performance and operations management and compliance. She supports her clients both on a real time, “on demand” basis and with longer term basis to deal with daily performance management and operations, emerging crises, strategic planning, process improvement and change management, investigations, defending litigation, audits, investigations or other enforcement challenges, government affairs and public policy.

For additional information about Ms. Stamer, see CynthiaStamer.com or contact Ms. Stamer via email here or via telephone to (469) 767-8872.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal control and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources at www.Solutionslawpress.com.

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating or updating your profile here. ©2016 Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions Law Press, Inc.™. All other rights reserved.


OSHA Raises Silica Safety Requirements

March 25, 2016

U.S. employers engaged in businesses that could expose workers to silica dust should begin preparing to comply a new final rule (Silica Rule) that requires employers to improve protections for workers exposed to respirable silica dust announced by the U.S. Department of Labor Occupational Safety and Health Administration (OSHA) that OSHA intends to curb lung cancer, silicosis, chronic obstructive pulmonary disease and kidney disease in America’s workers by limiting their exposure to respirable crystalline silica.  Employers whose workers could be exposed to silica will need to update their practices to comply with the new standards set in the Silica Rule as soon as possible and no later than the applicable compliance deadline set in the Silica Rule.

The new Silica Rule is written as two standards, one for construction and one for general industry and maritime.  Among other things, it generally will require that by as early as June 23, 2017, covered employers improve worker protection against silica exposures by:

  • Reducing the permissible exposure limit for crystalline silica to 50 micrograms per cubic meter of air, averaged over an eight-hour shift.
  • Requiring employers to use engineering controls (such as water or ventilation) and work practices to limit worker exposure; provide respiratory protection when controls are not able to limit exposures to the permissible level; limit access to high exposure areas; train workers; and provide medical exams to highly exposed workers.
  • Providing greater certainty and ease of compliance to construction employers – including many small employers – by including a table of specified controls they can follow to be in compliance, without having to monitor exposures.
  • Staggering compliance dates to ensure employers have sufficient time to meet the requirements, e.g., extra time for the hydraulic fracturing (fracking) industry to install new engineering controls and for all general industry employers to offer medical surveillance to employees exposed between the PEL and 50 micrograms per cubic meter and the action level of 25 micrograms per cubic meter.

Employers covered by the construction standard have until June 23, 2017 to comply with most requirements. Employers covered by the general industry and maritime standard have until June 23, 2018 to comply with most requirements; additional time is provided to offer medical exams to some workers and for hydraulic fracturing employers to install dust controls to meet the new exposure limit.

About The Author

Recognized as a “Top” attorney in employee benefits, labor and employment and health care law extensively involved in health and other employee benefit and human resources policy and program design and administration representation and advocacy throughout her career, Cynthia Marcotte Stamer is a practicing attorney and Managing Shareholder of Cynthia Marcotte Stamer, P.C., a member of Stamer│Chadwick│Soefje PLLC, author, pubic speaker, management policy advocate and industry thought leader with more than 27 years’ experience practicing at the forefront of employee benefits and human resources law.

A Fellow in the American College of Employee Benefit Counsel, past Chair and current Welfare Benefit Committee Co-Chair of the American Bar Association (ABA) RPTE Section Employee Benefits Group, Vice Chair of the ABA Tort & Insurance Practice Section Employee Benefits Committee, former Chair of the ABA Health Law Section Managed Care & Insurance Interest Group, an ABA Joint Committee on Employee Benefits Council Representative and Board Certified in Labor & Employment Law by the Texas Board of Legal Specialization, Ms. Stamer is recognized nationally and internationally for her practical and creative insights and leadership on health and other employee benefit, human resources and insurance matters and policy.

Ms. Stamer helps management manage. Ms. Stamer’s legal and management consulting work throughout her nearly 30-year career has focused on helping organizations and their management use the law and process to manage people, process, compliance, operations and risk. Highly valued for her rare ability to find pragmatic client-centric solutions by combining her detailed legal and operational knowledge and experience with her talent for creative problem-solving, Ms. Stamer helps public and private, domestic and international businesses, governments, and other organizations and their leaders manage their employees, vendors and suppliers, and other workforce members, customers and other’ performance, compliance, compensation and benefits, operations, risks and liabilities, as well as to prevent, stabilize and cleanup workforce and other legal and operational crises large and small that arise in the course of operations.

Ms. Stamer works with businesses and their management, employee benefit plans, governments and other organizations deal with all aspects of human resources and workforce management operations and compliance. She supports her clients both on a real time, “on demand” basis and with longer term basis to deal with daily performance management and operations, emerging crises, strategic planning, process improvement and change management, investigations, defending litigation, audits, investigations or other enforcement challenges, government affairs and public policy. Well known for her extensive work with health care, insurance and other highly regulated entities on corporate compliance, internal controls and risk management, her clients range from highly regulated entities like employers, contractors and their employee benefit plans, their sponsors, management, administrators, insurers, fiduciaries and advisors, technology and data service providers, health care, managed care and insurance, financial services, government contractors and government entities, as well as retail, manufacturing, construction, consulting and a host of other domestic and international businesses of all types and sizes. Common engagements include internal and external workforce hiring, management, training, performance management, compliance and administration, discipline and termination, and other aspects of workforce management including employment and outsourced services contracting and enforcement, sentencing guidelines and other compliance plan, policy and program development, administration, and defense, performance management, wage and hour and other compensation and benefits, reengineering and other change management, internal controls, compliance and risk management, communications and training, worker classification, tax and payroll, investigations, crisis preparedness and response, government relations, safety, government contracting and audits, litigation and other enforcement, and other concerns.

Ms. Stamer uses her deep and highly specialized health, insurance, labor and employment and other knowledge and experience to help employers and other employee benefit plan sponsors; health, pension and other employee benefit plans, their fiduciaries, administrators and service providers, insurers, and others design legally compliant, effective compensation, health and other welfare benefit and insurance, severance, pension and deferred compensation, private exchanges, cafeteria plan and other employee benefit, fringe benefit, salary and hourly compensation, bonus and other incentive compensation and related programs, products and arrangements. She is particularly recognized for her leading edge work, thought leadership and knowledgeable advice and representation on the design, documentation, administration, regulation and defense of a diverse range of self-insured and insured health and welfare benefit plans including private exchange and other health benefit choices, health care reimbursement and other “defined contribution” limited benefit, 24-hour and other occupational and non-occupational injury and accident, expat and medical tourism, onsite medical, wellness and other medical plans and insurance benefit programs as well as a diverse range of other qualified and nonqualified retirement and deferred compensation, severance and other employee benefits and compensation, insurance and savings plans, programs, products, services and activities. As a key element of this work, Ms. Stamer works closely with employer and other plan sponsors, insurance and financial services companies, plan fiduciaries, administrators, and vendors and others to design, administer and defend effective legally defensible employee benefits and compensation practices, programs, products and technology. She also continuously helps employers, insurers, administrative and other service providers, their officers, directors and others to manage fiduciary and other risks of sponsorship or involvement with these and other benefit and compensation arrangements and to defend and mitigate liability and other risks from benefit and liability claims including fiduciary, benefit and other claims, audits, and litigation brought by the Labor Department, IRS, HHS, participants and beneficiaries, service providers, and others. She also assists debtors, creditors, bankruptcy trustees and others assess, manage and resolve labor and employment, employee benefits and insurance, payroll and other compensation related concerns arising from reductions in force or other terminations, mergers, acquisitions, bankruptcies and other business transactions including extensive experience with multiple, high-profile large scale bankruptcies resulting in ERISA, tax, corporate and securities and other litigation or enforcement actions.

Ms. Stamer also is deeply involved in helping to influence the Affordable Care Act and other health care, pension, social security, workforce, insurance and other policies critical to the workforce, benefits, and compensation practices and other key aspects of a broad range of businesses and their operations. She both helps her clients respond to and resolve emerging regulations and laws, government investigations and enforcement actions and helps them shape the rules through dealings with Congress and other legislatures, regulators and government officials domestically and internationally. A former lead consultant to the Government of Bolivia on its Social Security reform law and most recognized for her leadership on U.S. health and pension, wage and hour, tax, education and immigration policy reform, Ms. Stamer works with U.S. and foreign businesses, governments, trade associations, and others on workforce, social security and severance, health care, immigration, privacy and data security, tax, ethics and other laws and regulations. Founder and Executive Director of the Coalition for Responsible Healthcare Policy and its PROJECT COPE: the Coalition on Patient Empowerment and a Fellow in the American Bar Foundation and State Bar of Texas, Ms. Stamer annually leads the Joint Committee on Employee Benefits (JCEB) HHS Office of Civil Rights agency meeting and other JCEB agency meetings. She also works as a policy advisor and advocate to many business, professional and civic organizations.

Author of the thousands of publications and workshops these and other employment, employee benefits, health care, insurance, workforce and other management matters, Ms. Stamer also is a highly sought out speaker and industry thought leader known for empowering audiences and readers. Ms. Stamer’s insights on employee benefits, insurance, health care and workforce matters in Atlantic Information Services, The Bureau of National Affairs (BNA), InsuranceThoughtLeaders.com, Benefits Magazine, Employee Benefit News, Texas CEO Magazine, HealthLeaders, Modern Healthcare, Business Insurance, Employee Benefits News, World At Work, Benefits Magazine, the Wall Street Journal, the Dallas Morning News, the Dallas Business Journal, the Houston Business Journal, and many other publications. She also has served as an Editorial Advisory Board Member for human resources, employee benefit and other management focused publications of BNA, HR.com, Employee Benefit News, InsuranceThoughtLeadership.com and many other prominent publications. Ms. Stamer also regularly serves on the faculty and planning committees for symposia of LexisNexis, the American Bar Association, ALIABA, the Society of Employee Benefits Administrators, the American Law Institute, ISSA, HIMMs, and many other prominent educational and training organizations and conducts training and speaks on these and other management, compliance and public policy concerns.

Ms. Stamer also is active in the leadership of a broad range of other professional and civic organizations. For instance, Ms. Stamer presently serves on an American Bar Association (ABA) Joint Committee on Employee Benefits Council representative; Vice President of the North Texas Healthcare Compliance Professionals Association; Immediate Past Chair of the ABA RPTE Employee Benefits & Other Compensation Committee, its current Welfare Benefit Plans Committee Co-Chair, on its Substantive Groups & Committee and its incoming Defined Contribution Plan Committee Chair and Practice Management Vice Chair; Past Chair of the ABA Health Law Section Managed Care & Insurance Interest Group and a current member of its Healthcare Coordinating Council; current Vice Chair of the ABA TIPS Employee Benefit Committee; the former Coordinator and a Vice-Chair of the Gulf Coast TEGE Council TE Division; on the Advisory Boards of InsuranceThoughtLeadership.com, HR.com, Employee Benefit News, and many other publications. She also previously served as a founding Board Member and President of the Alliance for Healthcare Excellence, as a Board Member and Board Compliance Committee Chair for the National Kidney Foundation of North Texas; the Board President of the early childhood development intervention agency, The Richardson Development Center for Children; Chair of the Dallas Bar Association Employee Benefits & Executive Compensation Committee; a member of the Board of Directors of the Southwest Benefits Association. For additional information about Ms. Stamer, see CynthiaStamer.com or StamerChadwickSoefje.com or contact Ms. Stamer via email here or via telephone to (469) 767-8872.

About Solutions Law Press, Inc. ™

Solutions Law Press, Inc.™ provides human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on leadership, governance, human resources, employee benefits, data security and privacy, insurance, health care and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc. ™ resources at Solutionslawpress.com such as:

 

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating or updating your profile here©2016 Cynthia Marcotte Stamer. Non-exclusive right to republish granted to Solutions Law Press, Inc. ™. All other rights reserved.