According to the Association of Corporate Counsel, “employee error” is the most common cause of data security breaches for employers.
Other common causes of security breaches included insiders stealing company data and phishing attacks.
The survey of 1,000 in-house lawyers for organizations in 30 countries found that most respondents anticipate that their role in cybersecurity, which was traditionally the domain of IT departments, will increase in the coming year.
However, only 10 percent of lawyers surveyed said they have a budget for addressing cybersecurity. Although half of respondents said their organizations carry cybersecurity insurance, only 19 percent of those who experienced a breach said their insurance policy fully covered their losses.
According to the report, health care is the industry most at risk for a cyber attack, followed by insurance and manufacturing/retail. Nicole Hong “Employee Error Leading Cause of Data Breaches, New Survey Says,” blogs.wsj.com (Dec. 9, 2015).
Attorneys are becoming more involved in data security, as this survey shows, because cybersecurity is a legal and liability issue as much as an IT issue.
When personal information is compromised as a result of poor cybersecurity, customers, employees, or other victims can file a class action lawsuit against the organization for jeopardizing their confidential information. As more class actions occur, so will legal involvement.
Data breach lawsuits can be extremely costly. One of the most notable recent cybersecurity failures was the 2013 Target breach of up to 110 million customers’ credit and debit card information. In 2015 Target settled a resulting class action lawsuit for $10 million. In addition, Target agreed to reimburse thousands of financial institutions as much as $67 million for costs incurred from the breach.
In 2013, health insurance company, AvMed Inc., agreed to pay $3 million to settle a class action lawsuit for maintaining inadequate data security because of the 2009 theft of laptop computers containing the personal information of 1.2 million customers.
Although attacks by international hackers garner more attention, this report shows that employee negligence actually poses the greatest risk to an organization’s cybersecurity.
In order to protect data security, employees should receive training in the following:
1. Mobile device security, including never leaving mobile devices unattended in public and physically locking them in the office when not in use;
2. Malware prevention, including regularly scanning computers for malware;
3. Identity theft, including not sharing personal information on email or insecure websites;
4. Phishing, including never clicking on links in an email;
5. Passwords, including how to create strong passwords by using pass phrases; and
6. Wi-Fi security, including never using an insecure public network to send confidential information.
A human resource consulting firm recently released the results of its annual survey on employer-sponsored health care plans. One piece of good news from the survey is that average health care costs per employee experienced a smaller increase this year (3.8 percent) as compared to the increase in 2014. This is the third year in a row in which increases have been below four percent.
Unfortunately, small employers, those with 10 to 499 employees, experienced higher average cost increases at 5.9 percent. Large employers with 500 or more employees fared better with an average increase of 2.9 percent.
However, 23 percent of large employers face paying the “Cadillac” tax in 2018 if the coverage they offer is considered high-cost insurance. The number of affected employers is expected to increase to 45 percent by the year 2022.
Employers are looking at a variety of ways they can reduce health care costs. Offering health plans that are consumer directed with a high deductible is their primary strategy. The survey found that 25 percent of covered employees use this type of plan along with an employee savings or reimbursement account.
Even with cost-saving measures, the employers surveyed expect their per-employee health benefit expenses to rise by 4.3 percent in 2016. “Survey: One in four large employers at risk for ‘Cadillac’ tax,” www.businessrecord.com (Nov. 20, 2015).
The Family and Medical Leave Act (FMLA) and workers’ compensation serve different purposes, but the job leave provided by the two may overlap in some cases, affecting employment decisions on issues such as light duty.
FMLA provides employees with unpaid, job-protected leave for certain qualifying reasons, such as a serious health condition that makes the employee unable to perform the functions of his or her job. FMLA generally applies to employees of businesses with at least 50 employees, and, under FMLA, employees are entitled to 12 weeks of job-protected leave for qualifying circumstances.
Workers’ compensation offers medical coverage and income replacement following a work-related injury. Workers’ comp laws often vary from state to state. If an injury that qualifies for workers’ compensation also fall under FMLA-protected health conditions, leave for the two can overlap.
If an employer is covered by FMLA, it should take the time to determine if workers’ compensation leave would also qualify under FMLA as leave for a serious health condition. If it does, the employer should begin the FMLA process immediately and run the FMLA and workers’ comp leave concurrently.
If the employer does not begin the FMLA leave immediately, the employee may end up entitled to more leave than he or she otherwise would have been if the two had run concurrently. In addition, if the employee is away from work for more than 12 weeks under workers’ comp, he or she no longer has job-protected leave after the 12 weeks of FMLA leave end. However, the Americans with Disabilities Act (ADA) may apply, so employers should be careful about automatic termination after 12 weeks of leave.
Another issue that is affected by FMLA and workers’ comp overlap is the possibility of the employee returning to light duty. If an employee who has both leaves running concurrently declines light duty under workers’ comp, he or she may lose those benefits, but the employee would continue to have job-protected leave under FMLA.
When an employee suffers a serious health condition that qualifies him or her for both workers’ compensation and FMLA leave, employers should make sure to consider requirements under both to avoid potential problems.
By: Jack McCalmon
One New York publication headline reads:
“Lawsuit: Four Central New York companies cheated workers out of ‘hard-earned’ pay.”
No trial, verdict or settlement yet … just a filed claim, but one that reflects the latest trend of some of the media painting employers as stealing from their employees. Rick Moriarty “Lawsuit: Four Central New York companies cheated workers out of ‘hard-earned’ pay,” www.syracuse.com (Apr. 13, 2015).
Flower Foods, Inc. faces a potential class action lawsuit by 200 workers in North Carolina, who allege Flowers Food’s has a long-standing, illegal practice of classifying distributors of its bakery items as independent contractors.
The plaintiffs’ trial attorneys argue that by misclassifying the workers, the employer avoids paying wages, including overtime, pensions, and other benefits of employment.
Flower Foods argues that the workers should be classified as independent contractors because they are engaged in other activities, like sales and promotions.
Flower Foods is just one of many, misclassifications cases the trial bar and the DOL are filing against employers in every state and against employers in all industries. The case is just one among other lawsuits against similar employers that use contractors to distribute their goods. Through litigation and regulation, the trial bar and federal and state governments are reshaping how employers classify and pay their employees and view contractors. James McCarthy “Lepage Bakeries’ parent firm faces class-action lawsuit over ‘independent contractors,'” www.mainebiz.biz (Apr. 8, 2015)
Although headlines “dumb down” and sensationalize the issue, reports often omit that many of the practices now demonized, like using independent contractors as distributors, have occurred for decades and were deemed a compliant and normal industry practice in the past.
In fact, the law that enforces these practices has been in place for over 75 years, but only in the last six years, have the government and the trial bar chosen to interpret them in the manner we see today.
Talk about moving the goal posts … But why now?
Obviously, all workers want the additional wages and benefit from the new interpretation (or recent enforcement) of the rules now allows. But, the “real money” does not go to the workers, it goes to the trial attorneys and the government.
Although workers may receive a few hundred dollars or even a thousand or more in back pay if they are successful, trial attorneys receive multi-millions in fees, literally taking half or more of the fees due to the workers. For that reason, wage and hour class actions are the fastest growing workplace-related litigation type in our courts today.
For the government, the reason is also money, but in the form of taxes. The more employee wages are paid, the more payroll taxes are collected.
Although the DOL and the trial bar argue that they are doing this for workers, in the end, it is workers and consumers who take the hit when employers raise prices to pay for the increased wages, taxes, and benefits.
Services will take a blow as well, and entire industries will go away, like the person who delivers your newspaper or delivers them to vending machines … most are independent contractors paid by the publisher to deliver the paper. Ironically, the same media, that accuses employers of stealing, is, based on the legal theory proposed under the Flowers case, doing the same missteps other employers are.
Like it or not, employers have to reevaluate how they pay and classify their employees and contractors. Eventually, all employers will be targeted. Arguing that this is how it has always been done for decades will not persuade plaintiffs or regulators today.
Employers and HR departments that take time to prepare for the summer months may be able to enjoy them a bit more. Now is a good time to start considering the employee management areas outlined below to ensure a smooth summer. Think about how each area impacts your organization and whether any action should be taken.
PTO/Vacation Requests – Do managers and supervisors know how to administer employee requests to make sure appropriate staffing levels are maintained and employees are treated fairly?
Summer Hours – Will your company begin or continue a “summer hours” policy? Will it be company-wide?
Dress Code – Does your company allow for a more relaxed dress code during the summer? How long does this last?
Staffing – Are you a seasonal employer who should start hiring for the summer? Are there layoffs to be administered prior to summer? Will you be hiring interns?
Of course, the above is not an all-inclusive list and each organization is unique. Think about what the summertime season means for your organization and get prepared.