robertsWith the new year upon us, cyberthieves are once again attempting to prey on unwitting HR professionals, as my colleague William Roberts explained in an article last week for SHRM on phishing.

The scam goes like this. As an HR professional, you get an e-mail from your boss (or your boss’s boss) that seems legitimate…and urgent. Something like this:

I’m in the middle of a negotiation so won’t be available by cell or e-mail but I need you to send W-2s for the management team to our new accountants. You can e-mail them to [____________]. Needs to be done today. Sorry for the rush on this and please take this as an exception to normal protocol. Thanks. – Alan

It’s happened before.  Indeed, as Bill explained in the article:

“Alan was the chief financial officer,” said William J. Roberts, a Hartford, Conn.-based data privacy attorney with the law firm Shipman & Goodwin LLP. But in this case, it wasn’t Alan who was sending the e-mail. Despite the company’s policy prohibiting employees from sending sensitive documents through e-mail, a newly hired junior HR professional fell for the phishing scam and sent the W-2s to the cyberthief’s e-mail address.

That’s more than just an “Oops” moment.

Although the IRS is taking steps to help reduce this, the best defense is for HR professionals to be aware of this scam.  I previously discussed this back in March 2016 with a quick post but it’s worth looking at some of the tips presented in the SHRM article including:

  • Train employees on cybersecurity awareness. Many companies do not.
  • Use common sense and avoid making electronic requests for sensitive data. It’s not just an e-mail threat; phishing by text is also on the rise….
  • If you receive an e-mail from upper management, verify the request….

presentsIf you like to open your presents on Christmas Eve, the U.S. Department of Labor is for you. Last night, the DOL posted the final revised rule on overtime on its website ahead of its planned announcement this afternoon.

What a gift for employment lawyers!  Needless to say, I was up late unwrapping all my “gifts.”

Remember: These changes apply only to the so-called white-collar exemptions: Executive, Administrative and Professional.  So, if the employee falls within a different exemption, this rule does not apply.

And, as I’ll explain below, for Connecticut employers, the challenges are just beginning.  The rule applies to all employers covered by the FLSA (FLSA covers employers engaged in interstate commerce and gross volume of $500,000.00 in sales) but Connecticut employers will also have to worry about state law as well.

Here are the highlights (the DOL has released a chart comparing all the changes as well):

  • As expected, the new rule changes the salary basis to $47,476 annually ($913/week) — slightly less than the proposed rule last year. In plain English, anyone who makes less than this amount must be paid overtime for any hours over 40 in a work week — regardless of his or her duties.
  • This threshold will change every three years, and will be tied to the salary level at the 40th percentile of earnings of full-time salaried workers in the lowest-wage Census Region, currently the South.
  • The new rule makes no changes to the duties test.   If an employee had duties that fell within the executive exemption, for example, they will still be exempt — that is, if their minimum salary now meets the threshold of $47,476.
  • The rule increases the “highly compensated employee” exception to the exemption to $134,004 – and that too will change every three years. (But note that Connecticut law does not have such an exception.)
  • The rule becomes effective December 1, 2016. Note that December 1 is a Thursday, so employers will have to make sure that the entire pay period is compliant with the new rule.
  • The new rule will now permits employers to use non-discretionary bonuses and incentive payments (including commissions) to satisfy up to 10 percent of the new standard salary level.  This is a brand new element and should help employers meet that threshold (a bit).

The USDOL also released guidance for non-profits and higher education to address concerns in those areas.  Those employers should review that guidance specifically.

For Connecticut employers, though, take a deep breath before jumping in.  Connecticut has its own state law and regulations that are now in conflict with this federal rule. And as the CTDOL notes in its guide to wage & workplace laws: “The laws that provide the higher or stricter standard shall apply.”

What does that mean here? We’ll have to wait and see if the Connecticut Department of Labor updates its guidance for starters.  It is challenging for Connecticut to update its regulations so, for now, we can only hope that the CTDOL might at least shed some light on how it might enforce the state rules. (There is a helpful chart that it has used in the past, for example, that could be updated.)

But here, on first glance, are three other items of concern I have for now:

  1. The salary test in Connecticut does not contain an allowance to consider nondiscretionary bonuses.  Will that change (at least as a matter of enforcement) now that the federal regulations allow employers to consider that? And how should the deduction rule be applied in such an instance? Would Connecticut recognize an increased salary basis but without such bonuses as the more “protective” of the law?
  2. The CTDOL has previously recognized a “no man’s land” (its words) where the interaction of the rules is confusing; how will it deal with a similar (and much larger) no man’s land where the salary is higher, but the duties test has been met?
  3. Connecticut does not have an exemption for highly compensated employees. The new federal rule does not change state law and thus the HCE exemption will still not apply here.  Will the CTDOL reconsider that in light of the increased threshold at a federal level?

What’s the Takeaway for Employers in Connecticut?

For employers in Connecticut, do not just blindly adopt the new federal rule into your workplace.

For example, increasing the base salary to avoid overtime obligations under the federal rule may not matter if the employee does not meet the duties test under Connecticut law for the same exemption.

This is one of those situations that will require a case-by-case look at specific positions and the interaction between state and federal law.  Unfortunately, you’ll probably want to consult heavily with various HR consultants or lawyers specializing in employment law.

So, as a said before, stay calm. You can do this.  You have until December.

 

The New York Times reported this morning that President Obama will ask the United States Department of Labor to revamp its regulations on the so-called “white collar” exemptions to the federal overtime laws.

Specifically, he will direct the DOL “to require overtime pay for several million additional fast-food managers, loan officers, computer technicians and others whom many businesses currently classify as ‘executive or professional’ employees.

The article also suggests that “he will try to change rules that allow employers to define which workers are exempt from receiving overtime based on the kind of work they perform. Under current rules, if an employer declares that an employee’s primary responsibility is executive, such as overseeing a cleanup crew, then that worker can be exempted from overtime.”

As of mid-morning, the order was still not available on the White House’s website but you can check here. 

However, based on the article, it seems that the executive and professional employee exemption would be most directly impacted, but it is unclear what the impact would be on the administrative exemption.

But before you start throwing out your position descriptions just yet, realize that the President’s direction is just the first step in a process, not the last.

The regulations still need to be drafted, proposed and then adopted by the United States Department of Labor. It is certainly possible that further revisions will occur during that process.  The timing of this is still unclear.

For employers in Connecticut, understand that if these new proposals do come into effect, it would provide a new “floor” for wage & hour laws in Connecticut and many employers would have to adopt them, even though Connecticut’s own rules would be different.  As I’ve noted before, when federal law provides more protection to employees than state law, federal law will control. (The vice versa also applies too.)

However, this suggests the most significant change we’ve seen in the wage and hour area in a decade and could potentially open up a new front on the wage & hour class action battles.

So stay tuned.

A reminder: Employees are entitled to overtime for work over 40 hours a week, unless an exemption applies. For so-called white collar workers, there are three main exemptions: administrative, professional and executive.  Each of these categories looks at whether the employee had certain covered “duties” (known as the “duties” test) and a minimum guaranteed weekly salary (known as the “salary” test).

Under federal law (but not state law), there is also an exemption that allows employers to not pay overtime to “highly compensated” employees over $100,000 a year.   These rules have been in place for nearly 10 years, but the regulations are far from clear.

A recent case out of the Second Circuit (Anani v. CVS) examined these exemptions and regulations. You can download the case here.

The case comes down to a fairly arcane part of the federal regulations addressing whether a “reasonable relationship” exists between the guaranteed amount an employee is supposed to receive and the amount actually earned.  The Second Circuit concludes that this section does not apply when workers make over $100,000 under the FLSA.

It’s a fairly straightforward conclusion because to apply that language to highly compensated workers would render the rest of the regulation pretty meaningless. Thus, a win for the employer.

Continue Reading Second Circuit Leaves Some FLSA Issues Up For Grabs

Heard of the popular show, "A Minute to Win It"? Well to borrow from the title, for health care professionals (doctors offices and hospitals in particular), you’re playing a much more dangerous game "a Minute to Lose It".

What is "it"? It is patient data.  And right now it continues to be at risk every day.  With a single post, valuable client data could be gone in a minute without you even knowing about it until it is too late.

Now, you might protest: We already have a HIPAA Privacy Policy. We’re fine.

That’s good. Just not good enough anymore.

Now, you might say: You’re being alarmist.

To which I say, yes. Because just like the e-mail revolution over a decade ago, we’re in the midst of another one right now and too many people are unprepared for what is unfolding in real time.  

What are some steps to take? First, the easy one: a social media policy. Like yesterday. Because while you’ve been napping, social media has taken root all over America. And health care institutions — which access sensitive personal data every day — are at risk for not taking steps to protect the data.  

Is it happening? Yes. Employees are tweeting, Facebooking and networking as this article suggests. And they’re talking about work.  

But health care professionals now need to go beyond a policy and should provide training and guidance to employees on how to use social media safely without jeopardizing patient data. And monitoring compliance is another key aspect. A program like Hearsay is one of the vendors trying to seek your  business in this area. 

This is still uncharted territory. But a lawfirm (like ours, naturally) can help provide that security (and I’d be happy to respond to inquires from companies about it).   But ignoring the problem will not make it go away — as much as some of you would like to remain ignorant about social media.  

Complicating the issue further are state and federal data privacy laws that overlap (and contrast) as well.  So, between HIPAA, data privacy rules, and other state laws, there’s a lot to keep track of.  

I’ll talk about some of these issues at a March 24 forum for public health agencies (details soon).  In the upcoming weeks, I’ll also share some additional tidbits for health care professionals to think about as well.  If there’s a particular topic you’d like to see covered in an upcoming post, feel free to let me know and we’ll see if I can get to it (within the constraints of the blog).