Print Page   |   Contact Us   |   Sign In   |   Register
Community Search
Sign In
Sign In securely
Calendar

9/21/2017
Leadership Council Meeting - Managing Transitions & Change

10/11/2017
October 2017 Luncheon - Creating an Energized, Powerful and Competitive Culture

10/19/2017
October 2017 Leadership Council - What Your Managers Don't Know!

11/8/2017
November Luncheon 2017 - Year-End Legal Update

Legal Update
Share |

NCHR-SD Employment Law Update

March 2017

 

By Chris Olmsted, Legislative Chair

  

California Legislature Pursues Progressive Labor Agenda

 

In 2017, the California legislature is off to a quick start, already proposing a large number of labor and employment laws. Currently 71 bills propose to amend the Labor Code, and several additional bills seek to modify anti-discrimination laws. Democrats not only control both the Senate and Assembly, but gained in the last election a supermajority with the power to override a gubernatorial veto. Party leaders have pledged to fight and counteract any changes in policy on the federal level. It seems that the time is ripe for a progressive labor agenda.

Below is a summary of significant pending bills. None of these bills have been passed by the legislature or signed by the governor, and the text of these proposed laws could change significantly as they wind through the Senate and Assembly.

Restrictions on Hiring New Employees.  A.B. 5 proposes to require employers to offer additional hours of work to an existing nonexempt employee before hiring an additional employee, temporary employee or subcontractor. Work must be offered to an existing employee who, “in the employer’s reasonable judgment, has the skills and experience to perform the work.” The offer would not be required if it would cause the employee to work overtime hours. The employer would be required to maintain records demonstrating that the hours were offered to existing employees. The law would apply to employers with 10 or more employees.

The bill resembles a city ordinance in San Francisco applicable to certain large retailers and the City of San Jose's Measure E—the "Opportunity To Work" ordinance. If enacted, the bill would impose a substantial administrative burden and recordkeeping obligation on most California employers.

Ban The Box. A.B. 1008 proposes to ban questions about criminal histories. Job applicants could not be asked criminal records, and such questions on job applications would also be prohibited. Only after a conditional job offer has been made could an employer consider such information. Background checks would be limited to 3 years of misdemeanor histories and 7 years of felony histories. In the event that an employer declines to hire an applicant with a criminal history, the employer would be required to disclose basis for the decision and to follow a ten day procedure allowing the applicant to respond and rebut the information.

The bill is part of a larger national trend. In California, the City of Los Angeles and San Francisco have passed Ban the Box Ordinances. A dozen other cities, and two dozen states have adopted some variation of Ban The Box laws.

Prohibition on Salary History Inquiries. A.B. 168 proposes to prohibit an employer from asking for salary history information about an applicant for employment. The bill would also require an employer, upon reasonable request, to provide “pay scale” for a position to an applicant for employment.

This bill is not specifically tied to the California Fair Pay Act, but it is ideologically related. It follows on the heels of AB 1676, passed in 2016, which amends the California Fair Pay Act to provide that prior salary cannot, by itself, be a “bona fide factor other than sex” justifying a pay disparity between employees of opposite genders. It also follows a trend established by other jurisdictions, including Massachusetts, which have also banned salary history inquiries.

 Expansion of Family Leave. S.B. 62 proposes to allow an employee to take leave to care for additional categories of family members under the California Family Rights Act. The term "child" would be expended to include adult children, as well as a domestic partner's children. The bill would also allow employees to take leave to care for a grandparent, grandchild, sibling or domestic partner with a serious health condition. The definition of "parent" would be expanded to include a parent-in-law.

If enacted, this bill will create new categories of leave time not recognized by the federal FMLA. As a result it could double the amount of leave time available to eligible employees, from 12 to 24 weeks. 

Small Business Parental Leave. S.B. 63 proposes to small employers to grant parental leave. Employers with 20-49 employees in a 75-mile radius would be required to allow employees to take up to 12 weeks of parental leave to bond with a new child within one year of the child’s birth, adoption, or foster care placement.

If enacted, this bill will impose a new leave law on small employers, who are presently exempt from the California Family Rights Act (CFRA). That law presently applies to businesses with 50 or more workers.

>>Stay tuned for developments. We will monitor the progress of these bills and report back to you periodically

 ___________________________________

 

Employer Faces Liability For Including Extraneous Content in

Background Check Disclosure Forms

 

Authors: Gustavo A. Suarez (Greenville),

Jennifer P. Woodruff (Greenville),

James R. Silvers (Greenville)

 

Employers who conduct background checks on job applicants are facing expensive background check class actions. The lawsuits often target extraneous content and language in an employer’s background check disclosure forms and online screens that violate the federal Fair Credit Reporting Act (FCRA). In Syed v. M-I, LLC, the Ninth Circuit held that  inclusion of a liability release in an employment background check disclosure is a willful violation of the FCRA, subjecting an employer to expensive statutory and punitive damages.

Although the extraneous language in Syed was a liability release (Syed waived his right to bring an FCRA claim against his prospective employer), this new Ninth Circuit case suggests a hard-line approach: that the inclusion of any extraneous language in a background check disclosure could be a willful violation of the FCRA. This may be further clarified by the Ninth Circuit when it is presented with other types of extraneous language (beyond liability releases). Employers would be wise to ensure that their current disclosure and authorization forms, as well as their online screens, are legally compliant and do not contain any extraneous information.

A Simple Form, A Big Lawsuit 

Sarmad Syed applied to work for M-I, LLC in 2011. At the time, M-I gave Syed a background check disclosure form that seemingly was provided to M-I by its background check provider, a consumer reporting agency (CRA) under the FCRA. The form notified Syed that M-I would be obtaining a background check and that his credit history and other background information would be used by M-I for employment purposes. The form also indicated that, by signing the form, Syed released M-I from any liability associated with the use of the form.

Syed brought a class action lawsuit against M-I alleging that the disclosure form violated the FCRA. Syed argued that the inclusion of the liability release violated the FCRA’s requirement that the background check disclosure consist solely of the federally mandated disclosure. He also argued that the violation had been willful, leading to both statutory and punitive damages.

The California federal district court twice dismissed Syed’s claims on the ground that M-I’s actions were not willful, particularly since there was very little legal guidance on this issue at the time of M-I’s alleged violation. Thus, the federal district court opined, M-I’s legal position in using the disclosure with the liability release was not objectively unreasonable. The case was appealed to the Ninth Circuit.

Addition of Liability Release Violates FCRA

The Ninth Circuit held that (1) inclusion of the liability release in the same document as the disclosure violates the FCRA, and (2) this violation was willful. In reaching these conclusions, the court emphasized that:

  • the FCRA unambiguously requires that the disclosure “consist solely” of the federally mandated disclosure language;
  • the FCRA does not explicitly or implicitly allow a liability release in the disclosure; and

M-I’s interpretation of the FCRA (which allowed the inclusion of the liability release) was not objectively reasonable given the FCRA’s statutory language.

Key Takeaways

1.      Check Forms. Reexamine your background check forms and online screens and processes. Given the approach taken by the Ninth Circuit and several district courts, many employers have begun to reexamine the legal validity of their own background check disclosure and authorization forms and screens. (While Syed focused on paper/hard-copy forms, at least one district court case has developed similar requirements for background check disclosures provided via online, electronic screens.

Stephen Woods, the head of Ogletree Deakins’ Background Checks Team, reports that a significant number of employers are surprised to find that their background check forms are noncompliant. “Our background check lawyers review and analyze a few dozen disclosure and authorization forms and online screens every month, and they rarely are compliant with the hard-line approach suggested in Syed,” Woods stated. A majority of these problems stem from the “consist solely” requirement addressed in Syed. According to Woods, “Many of the forms and online screens we review include liability releases, state law disclosures, or other nondisclosure language in or alongside the federal disclosures.”

2.      Don’t Trust Vendor Forms. Don’t rely on forms or screens from your CRA or background check provider. Woods explained, “CRA-provided forms and screens, like the one in Syed, can be problematic, leading to possible legal liability. Employers should be proactive to make sure that their forms and online screens are and stay legally compliant.” Despite the fact that most CRAs provide background check forms and screens to employers, the federal FCRA puts the legal responsibility—and the accompanying legal risks and damages—on employers that use those forms or screens. Likewise, most CRAs further limit their liability for an employer’s use of CRA-provided forms and screens in the contract between the CRA and the employer, including express non-indemnification provisions related to CRA-provided forms/screens.

 ________________________________________

 

It’s Time Again to Post the OSHA 300A Annual Summary of Illnesses and Injuries

 

Authors: John C. Artz (Pittsburgh), John F. Martin (Washington DC)

 

Covered employers must post the Occupational Safety and Health Administration’s (OSHA) Form 300A between February 1 and April 30, 2017.

Form 300A is a summary of the total number of job-related injuries and illnesses that occurred during a single year at each workplace. The notice should be posted in a conspicuous location where notices to employees are usually posted. Employers will want to make sure that the posting is not changed, vandalized, or covered by other material.

The second page of OSHA’s Form 300A is a summary where employers must fill in the total number of job-related injuries and illnesses that occurred in 2016 and were logged on the OSHA Form 300 Log of Work-Related Injuries and Illnesses. It also requires information regarding the annual average number of employees and total hours worked during the calendar year. Employers may enter “zero” on the total line if there were no recordable injuries or illnesses during the relevant year.

Employers may want to note that a company executive must sign and certify the Form 300A. The company executive who signs the form can be: (1) any officer of the corporation; (2) the highest-ranking company official working at the establishment; (3) the immediate supervisor of the highest-ranking company official working at the establishment; or (4) an owner of the company if the company is a sole proprietorship or partnership.

Employers with 10 or fewer employees and employers in certain low-hazard industries are partially exempt from routinely keeping federal OSHA injury and illness records, including the annual Form 300A. To determine whether your organization operates in a low-hazard industry that may be partially exempt, look at the list of exempt industries on OSHA’s website. Employers may also want to remember that the U.S. Bureau of Labor Statistics may still select exempted employers to participate in an annual statistical survey.

Futhermore, all employers covered by the OSH Act must report work-related employee fatalities to OSHA within eight hours. This deadline extends to 24 hours for work-related in-patient hospitalizations for care or treatment, amputations, or losses of an eye. If you call an OSHA area office to report such an injury and cannot speak directly to an individual working for the administration, don’t leave a voice mail message or send a fax. Instead, call OSHA’s 24-hour national hotline at (800) 321-6742. Voice mails left at this number are stored in OSHA’s records with dates. You can also make the required report by electronic submission on OSHA’s reporting page.

______________________________________

 

Train Your Team: Protect Personally Identifiable Information From

a Widespread Phishing Scam

Author: Danielle Vanderzanden (Boston)

 

Every January 31, employers scramble to meet the deadline for mailing W-2 forms to their employees. This year, a new iteration of an old W-2 phishing scam surfaced immediately thereafter. In the 2017 version, scammers posing as a company’s CEO or other high-level executive target human resources (HR) and payroll professionals with email messages requesting certain W-2s or all of a company’s W-2s. 

The email messages appear authentic and the associated email address actually looks like the email address of an executive authorized to receive such information. Hitting reply and attaching W-2s, however, sends the requested W-2s directly to the scammer, who then can use the W-2s themselves and all of the information they contain in a myriad of nefarious ways. 

This scam became so popular in 2016 that the Internal Revenue Service (IRS) alerted payroll and HR professionals to be aware of the threat. At that point, the IRS noted that, “Criminals using personal information stolen elsewhere seek to monetize data, including by filing fraudulent tax returns for refunds.”

Unfortunately, the IRS’s notice and last year’s incidents of the scam have not prevented its recurrence, and similar spoofing email messages are rampant again this tax season.

To protect your company from the liabilities associated with these scams, the business disruption caused by testing the efficacy of your data breach response plan (your company has one, right?), and the hit to employee productivity that such events cause, employers should consider promptly taking some of the following steps:

  • Share this article with all employees who have access to personally identifiable information (PII) so they know about the scam and can avoid becoming the next victim.
  • Ensure that all employees who have the ability to send PII by email refrain from replying to email messages seeking PII. Instead, require that they always draft new email messages in which they personally type the email addresses of the recipients or pull the recipients’ email addresses from their own contacts.  
  • Limit transmission of PII to encrypted email messages, and communicate the encryption code by a method other than email.
  • Require that transmission of PII occur only after two employees have evaluated the request and confirmed the request’s authenticity and appropriateness.
  • Train employees so that they are familiar with the steps they can take to determine not only the published name of the sender but also the sender’s actual email address.
  • Ensure that your company constrains authorization to access PII with effective technical, physical, and logistical barriers.
  • Be prepared to take the following steps if you encounter this scam or any data breach: Ensure that you respond as legally required within the applicable time frames. Thoroughly investigate and document the incident. Promptly remedy the circumstances that led to your breach. Implement protective, multi-disciplinary, physical, logistical, and policy/process controls to prevent further disclosures and mitigate future risk. Provide law enforcement with required notices. Provide legally required notices to any individuals whose PII was disclosed. Provide identity-theft protection to affected individuals. Respond to inquiries from law enforcement, affected individuals, and media in an appropriate manner. 

Ogletree Deakins’ Data Privacy Practice Group will continue to monitor and report on any developments regarding this new phishing scam and will update our Data Privacy blog with news and information on other data breach-related challenges.

   

Christopher W. Olmsted | Ogletree, Deakins, Nash, Smoak & Stewart, P.C.
4370 La Jolla Village Drive, Suite 990 | San Diego, CA 92122

Telephone: 858-652-3111 | christopher.olmsted@ogletreedeakins.com

 
These articles are intended as a brief overview of the law and are not intended to substitute as legal advice. Any questions or concerns regarding any statute or case law should be addressed to a licensed attorney.