Page 1 of 1
The Department of Labor (DOL) has launched a new concentrated outreach initiative. For business owners, that means the DOL has promised to actively reach out via radio announcements, social media platforms and neighborhood posters informing employees of their rights under the Fair Labor Standards Act (FLSA).
You may now be thinking “What does that have to do with me? I pay my employees to work”. While this may be mostly true, often we (or our managers) inadvertently allow or encourage our employees to work off the clock. Before your internal defenses kick into high gear, let me provide a few examples of how this could occur:
Over the past year, business owners and managers have dedicated their time, energy and focus to keeping the essential business doors open or attempting to reopen and get employees back in the office. To allow employees to safely return to work, you have had to operate/reopen your business within CDC guidelines, transition your business to accommodate a remote workforce, follow OSHA’s recommendations, keep up with Federal Equal Employment Opportunity Laws related to the COVID-19 pandemic, as well as the interaction between the Americans with Disability Act (ADA), Title VII of the Civil Rights Act of 1964, and the Genetic Information Nondiscrimination Act (GINA). It is no wonder some of our focus on day-to-day compliance may have slipped.
My company’s mission is to be The Employer Advocate. Under the new administration, changes are happening at lightning speed and, as your advocate, we are here to help you navigate through changes as they occur. Administrators Advisory Group (AAG) is a benefits brokerage that works with small to mid-size businesses, specializing in human resources compliance. We work alongside your human resource team to keep you up to date with the latest workplace rules and regulations.
The Department of Labor (DOL) campaign is the first in our four-part series designed to let you know what changes have taken place that may affect your business. In the following weeks, we will cover changes regarding the Family First Coronavirus Response Act (FFCRA) as amended under the CARES Act, changes occurring within OSHA, and a new federal taskforce created whose goal is to unionize your employees.
While Wage & Hour rules have not changed, the informational outreach by the DOL has just begun. The biggest change comes in the form of visibility and accessibility of the information, beginning with the revamp of their website. The DOL has promised to proactively reach out to employees using radio public service announcements, national webinars, social media messages, and posters.
Reminding employers and employees alike that employees must be paid for ALL hours worked is the center of this outreach! Even if you don’t ask an employee to work overtime, even if it’s done remotely, and even if you aren’t aware (but should have been), the employee is entitled to be paid.
Wage & Hour rules can be one of the many landmines that employers have to navigate on a daily basis. With AAG on your side, we will help you ensure you are prepared in case the DOL shows up on your doorstep. Let us know if you have questions or would like to review some of your existing practices or policies.
The EEOC kicked off the unofficial start of summer with a bang by clearing the way for employers to offer their employees incentives to get the COVID-19 vaccine in new guidance released on the eve of the Memorial Day weekend. The May 28 updates to the agency’s COVID-19 Technical Assistance guidance now provides employers with two clear options, drawing a key distinction based on who administers the shot:
Regardless of which path you travel, there are still hoops to jump through if you want to provide vaccine incentives – providing accommodations, ensuring confidentiality, etc. – but you now have a clear direction to take to encourage your workers towards vaccination. What do you need to know about this critical update?
Why Was This Guidance Necessary?
Before we take a deeper dive into discussing the options and other considerations, some employers may be wondering why this guidance was even necessary. Couldn’t you just offer some cash or PTO or some other reward to induce employee behavior without concern about the legal ramifications?
The main sticking point troubling employers for months concerned wellness program rules. Historically, the EEOC has indicated it didn’t want employers to force employees to make medical-related decisions through the use of incentives. Until this latest guidance, the EEOC believed that too significant of an incentive could coerce employees to participate, thus leading to legal violations if employees are “forced” to disclose protected medical information to gain the incentive. Through rules, guidance, and federal litigation, the EEOC has taken steps to ensure that any employment decisions in this regard were genuinely voluntary.
Earlier this year, the EEOC issued a proposed rule expressly permitting only de minimis incentives as passing muster under participatory wellness programs. The proposed rule contained language referring to a permissible incentive as a “water bottle” or something of equivalent value. However, the Biden administration withdrew the proposed rule under a regulatory freeze typically seen when new leadership takes charge at the White House. The proposed rule is still pending review and it is unclear when or what form it may re-emerge. Against the backdrop of this uncertainty, employers have been attempting to navigate the thorny path of vaccine incentives, concerned that offering robust incentives could bring about a higher legal risk. At the urging of business groups seeking clarity on the matter, the EEOC finally heeded the call and provided the certainty that employers have been craving.
Option 1: Unlimited Incentives
Under the first option, you are seemingly permitted to provide unlimited incentives to your workforce so long as your employees voluntarily provide you with documentation or other confirmation they received the COVID-19 vaccine, and they received the vaccination on their own from a third-party provider that is not an “agent” of your organization. The EEOC describes such third parties as pharmacies, public health departments, or other health care providers in the community.
Option 2: Restricted Incentives
On the other hand, if employees are voluntarily vaccinated by you or your “agent,” you can offer only incentives that are “not so substantial as to be coercive.” Which leads to two questions: what is an “agent,” and how substantial is “substantial”?
Definition of “Agent” and How to Avoid This Designation
Definition of “Substantial” and How to Avoid Violations
Other Considerations
Whichever path you take, there are several other considerations to keep in mind when offering vaccine incentives based on voluntary inoculations.
Accommodations
Some employees may have legitimate medical or religious reasons not to get vaccinated, and failure to provide them with the same types of incentives could lead to claims under the Americans with Disabilities Act (ADA) or Title VII. You will need to consider offering alternative means by which an employee can earn an incentive if they cannot be vaccinated due to a disability or sincerely held religious belief. Alternative ways to earn the incentive might be watching a workplace COVID-19 safety video or reviewing CDC literature on mitigating the spread of COVID-19 in the workforce.
Confidentiality
Once you gather information from employees about whether they have been vaccinated or not, you must maintain confidentiality. You should maintain the records as you would any other medical-related documentation (in a separate file, accessible to only those who need to know, etc.) and comply with all other state-specific privacy rules (such as in California).
Family Members
While you can offer an incentive to employees to provide documentation or other confirmation from a third party not acting on your behalf that their family members have been vaccinated, the EEOC confirmed that you may not offer incentives to your employees in return for their family members getting vaccinated by your organization or your agent. This would be considered a violation of the Genetic Information Nondiscrimination Act (GINA) Title II health and genetic services provision. Asking pre-screening medical questions would lead to you receiving genetic information in the form of family medical history of the employee, and GINA regulations prohibit employers from providing incentives in exchange for genetic information. However, you can still offer an employee’s family member the opportunity to be vaccinated by your organization or your agent if you take certain steps to ensure GINA compliance.
Possible Incentives to Consider
If you are now considering what kind of incentives to offer your workforce in light of this new guidance, you might find comfort knowing that employers’ two most common incentive options include cash/gifts (38%) and paid time off (30%). This is according to an FP Flash Survey conducted earlier this year, which found that more than one in five employers were providing vaccine incentives. That number is bound to rise given that close to half of all respondents (43%) said they were unsure about whether to offer some form of incentive, many commenting that the then-current legal uncertainty fueled their hesitancy.
Now that the country is on course to see all adult Americans eligible for COVID-19 vaccination in a matter of days, and an increasing number of employees are returning to the workplace, vaccination status is likely to be an increasingly common topic over the coming weeks and months. Which leads to these inevitable questions: when and how can employers ask their workers whether they’ve been vaccinated without getting into hot water? Whether it’s an innocent question asked while trying to make conversation or an inquiry posed to determine whether someone can return to normal duties, you need to understand your legal rights and obligations regarding this serious topic. Missteps can easily lead to legal complications.
A Simple Vaccine Question is Okay, But Be Wary of Going Further
The Equal Employment Opportunity Commission has indicated in recent guidance that it is generally permissible for employers to ask employees about COVID-19 vaccination status. That’s because this simple question alone is not likely to elicit information from the employee about possible medical conditions, an inquiry that otherwise would invoke federal or state disability laws.
And in many cases, the answer to that question alone may be all you really need. If you don’t really need to know anything beyond a simple “yes” or “no” to the question of whether they have been vaccinated – and in most cases, you won’t – the EEOC suggests warning employees not to provide any other medical information in response to your question to make sure you don’t inadvertently receive more information than you want.
If you require proof of vaccination, you should ask the employee to provide documentation from the immunization source showing the date(s) the vaccine was administered. To avoid potential legal issues related to this process, you should affirmatively inform employees that they do not need to provide any additional medical or family history information. The documentation you receive should be treated as a confidential medical record.
But issues could arise if you venture further than asking this simple question. Asking follow-up questions could trigger obligations under the Americans with Disabilities Act (ADA) and the Genetic Information Nondiscrimination Act (GINA) depending on a variety of factors, so you need to tread cautiously if you take the questions any further.
Going Further with Your Inquiries
That’s not to say you can’t or shouldn’t ask anything further than eliciting a simply yes-or-no answer. There may be circumstances where it is advisable or even necessary to ask more. In those cases, the key considerations relate to the kinds of questions posed and the kinds of responses provided. These are the situations that raise potential legal issues that will likely require you to confer with your lawyer.
Questions about why the employee isn’t vaccinated
If you need information about why the employee has not yet been vaccinated, you might end up eliciting information about the employee’s medical status. Therefore, you can only pose such questions if they are “job-related and consistent with business necessity.” As the EEOC has said, you meet this standard if you have a reasonable belief, based on objective evidence, that an employee who is not vaccinated would pose a direct threat to the health or safety of themselves or others. This can be a challenging and complicated hurdle to clear. You should coordinate with legal counsel to determine whether you can meet this standard in your situation.
If you are treating workers differently based on vaccination status – for example, not allowing them to participate in certain work activities, work in certain locations, interact with the public or other employees, etc. – and you have confirmed with counsel that you have a valid justification for doing so, you may need to ask additional questions to assist with an interactive process. It may be that you need to provide reasonable accommodations to those workers unable to be vaccinated due to underlying medical conditions or sincerely held religious justifications. Each situation will require a case-by-case, fact-specific analysis, and you should be prepared to engage in substantive interactive process discussions related to any accommodation requests.
Questions about how the vaccination process went
If your managers are asking follow-up questions to find out how the employees fared after vaccination – especially after the second dose of Moderna and Pfizer vaccines – you need to recognize that this can be a slippery slope. Such questions could reveal information related to disability status (see above) that you would otherwise not want to know about. Caution your managers to tread carefully when asking such questions, even if their intent is innocent, and train them to know what to do if they receive information that should lead to human resources involvement.
Questions to help with an employee leave program
It is always permissible for your managers to ask about the medical status of an employee in order to help administer an employee leave program that includes absences for vaccine side effects, whether due to federal or state law or due to company policy. As with any such inquiries about medical status, however, make sure your managers know that they need to keep the information confidential to protect the privacy of any medical records received, and to only ask questions that lead them to gather the type of information necessary.
What Steps Should You Take Right Now?
While the rest of us were enjoying our Memorial Day holiday, the Department of Labor was busy posting the new model FMLA notices and medical certification forms… with an expiration date of May 31, 2018!
No more month-to-month extensions or lost sleep over when the long-awaited forms would be released.
That said, it couldn’t have taken DOL a whole lot of time to draft the updated forms. After a relatively close review of the new forms, the notable change is a reference to the Genetic Information Nondiscrimination Act (GINA). In the instructions to the health care provider on the certification for an employee’s serious health condition, the DOL has added the following simple instruction:
Do not provide information about genetic tests, as defined in 29 C.F.R. § 1635.3(f), genetic services, as defined in 29 C.F.R. § 1635.3(e), or the manifestation of disease or disorder in the employee’s family members, 29 C.F.R. § 1635.3(b).
The DOL added similar language to the other medical certification forms as well. For years, employers have included GINA disclaimers in their FMLA paperwork, and those disclaimers typically have been far more robust (and reader-friendly) than the cryptic one the DOL used above.
For easy reference, here are the links to the new FMLA forms:
The forms also can be accessed from this DOL web page.
Does your company currently use forms created more than three years ago that asks for information about an applicant or an employee’s family medical history?
Do your supervisors and managers know that if they are “friended” by an employee on a social media site and they see medical information relating to the individual or the individual’s family member, they have violated a federal law and subjected the company to liability?
Has your company failed to update Family Medical Leave Act (FMLA), Americans with Disabilities Act (ADA), workers’ compensation, no-harassment, and other policies and procedures to comply with the Genetic Information Nondiscrimination Act (GINA)?
If you answered yes to any of these questions, you should review the impact of GINA so your company does not become the next GINA “headline.”
What Is GINA?
The Genetic Information Nondiscrimination Act (GINA) has been an active federal law for five years now. However, many employers still know little about the law. Enacted in 2008, GINA generally prohibits employers from engaging in three types of conduct:
Most attribute GINA’s enactment and requirements as a response to a trend in which employers sought to rely on genetic information in an attempt to screen out potentially unhealthy employees to help control their surging health care costs.
Inadvertent Collection Of Genetic Information
Many employers today pay little attention to GINA on the mistaken assumption that they do not collect genetic information. But there are three very common situations in which an employer can unknowingly collect genetic information.
First, employers regularly request medical documentation to support a potentially disabled employee’s request for a reasonable accommodation.
Second, employers regularly request medical documentation to support an employee’s request for leave under FMLA.
Third, many employers require a medical examination upon hire and, as a result, receive medical information in that context.
In each of these situations, the employer might acquire genetic information (without intentionally requesting it) and would violate GINA as a result of doing so. Fortunately, GINA provides a “safe harbor” that can protect an employer in such situations.
How To Avoid Noncompliance
When an employer requests medical information, it must warn the provider not to provide genetic information. When the employer makes such a warning, the “safe harbor” provision provides that any receipt of genetic information in response to their request will be deemed unintentional and not in violation of GINA.
As a result, it is imperative that employers include this specific warning any time that they request health-related information from a health care provider or an employee.
Of course, an employer could also obtain genetic information in a less formal situation. For example, a supervisor could obtain genetic information about an employee during a casual conversation, through email, or through social media. As long as the supervisor does not ask follow-up questions and does not take any employment-related action based on the accidentally acquired info, this information would be deemed unintentional. However, the use or disclosure of the accidentally acquired information would still violate GINA.
Does Your Wellness Program Violate GINA?
The federal regulations also make clear that an employer does not violate GINA if the employer requests genetic information as part of a “voluntary wellness program.”
For such a program to be deemed voluntary, the employer must show that:
Another reason that employers may be less knowledgeable about GINA (as compared to other federal laws) is that relatively few lawsuits have be filed since the law was enacted. According to EEOC statistics, there were just 280 charges of GINA-related discrimination filed in 2012, or around 0.3% of the overall charge filings for that year. However, the number of filed, GINA-related charges has increased by nearly 40% since the first year an individual could file under the statute.
Moreover, recent activity by the EEOC suggests that it would be best if employers begin reviewing their procedures now and taking the necessary steps to ensure they are GINA compliant.
Unknowing or unintentional violations of GINA are perhaps the most worrisome type of violations since they are the most likely to occur. This is particularly true for employers that rely on dated, pre-GINA human resources documents (including employment applications) or employment policies.
Employers should update existing nondiscrimination and anti-harassment policies and handbooks so that discrimination/harassment on the basis of genetic information is clearly prohibited. Similarly, employers should also update their Family Medical Leave Act (FMLA) and Americans with Disabilities Act (ADA) forms to include the requisite “safe harbor” language that warns employees and health care providers not to provide genetic information.
Employers also should ensure that an employee’s medical information is maintained separately from the employee’s personnel file, as required by the law.
For further information on GINA and its impact on your business or for assistance on insuring your company is GINA compliant, please do not hesitate to contact our office.
Under the 2013 Health Insurance Portability and Accountability Act (HIPAA) privacy and security rules provisions, employers must update their health information disclosure policies and retrain employees to ensure compliance.
The Department of Health and Human Services (HHS) issued the new HIPAA regulations on January 25, 2013, to execute major changes that were mandated by the Health Information Technology for Economic and Clinical Health Act (HITECH) as well as the Genetic Information Nondiscrimination Act (GINA).
New Requirements for Business Associates
HIPAA regulations previously generally covered any business associate who performed or assisted in any activity involving the use or disclosure of individually identifiable health information, such as third-party administrators, pharmacy benefit managers and benefit consultants. Under the new regulations, business associate status is triggered when a vendor “creates, receives, maintains, or transmits” personal health information (PHI).
The key addition in this part of the regulation is found in the word ‘maintains’ because any entity that ‘maintains’ PHI on behalf of a covered entity- even if no access to that information is required or expected- will now be considered a business associate.
This change has some important consequences for group health plans that rely on cloud storage as a repository for their PHI or that outsource information-technology support and other functions and do not have business associate agreements (BAAs) with such vendors.
If you give PHI to a vendor before a BAA is in place, you will be in violation of HIPAA, and if you are a vendor, you can’t receive PHI without a compliant BAA in place. There must be a compliant BAA in place first.
Another change is that plan sponsors must enter into a sub-BAA with agents or subcontractors who are retained to help a business associate with covered functions for an employer-sponsored health plan. Plan sponsors should include BAA language that states that a business associate can’t subcontract work without prior permission, and then to monitor compliance with those agreements.
Presumption of PHI Breach Introduced
Under the previous rules, an impermissible use or disclosure of PHI- including electronic PHI- was a breach only if it posed a significant risk of harm to the individual. The HHS included in the new rules a presumption that any impermissible use or disclosure of PHI is a breach, subject to breach-notification rules.
Under the new rules, the only way now to get out of this presumption is by a demonstration that there is a low probability that the PHI was compromised.
To demonstrate low probability, the health plan or business associate must perform a risk assessment of four factors- at a minimum:
The HHS has indicated that it expects these risk assessments to be thorough and completed in good faith and to reach reasonable conclusions. If the risk assessment does not find a low probability that PHI has been compromised, then breach notification is required.
Action Advised for 2013
While the new regulations bring certainty to employer-sponsored health plans and their business associates on HIPAA compliance issues, they also emphasize the department’s intention to subject business associates and their subcontractors to heightened scrutiny.
Employers should review and revise their BAAs to ensure compliance with the security rule, paying special attention to the inclusion of subcontractors. Employers should also review and revise (or create) breach-notification procedures that detail how a risk assessment will be conducted. It is also important to train employees who have access to PHI on these updated policies and procedures.
The final regulations take effect September 23, 2013 and the HHS has provided another one-year transition period for some covered entities and their business associates that had a BAA in place on January 1, 2013. HHS also published an updated version of a template BAA, but it does not address all the unique situations that may arise between a covered entity and a business associate. Employers should ultimately ensure that their business associate agreements are appropriately tailored to their individual circumstances and business needs.
The Department of Labor’s (DOL) prior set of forms for the Family and Medical Leave Act (FMLA) expired at the end of 2011. Most employers expected that the DOL’s newer forms, which can be found here, would comply with the applicable laws. Unfortunately, the DOL’s new FMLA forms, which state that they are valid through February 28, 2015, do not comply with the Genetic Information Nondiscrimination Act (GINA).
Although GINA generally prohibits employers with 15 or more employees from requesting or requiring “genetic information” from an applicant or employee, there is a safe harbor for employers who inadvertently recieve genetic information in response to a lawful request for for medical information, such as for FMLA purposes.
Employers who lawfully request medical information from a health care provider for FMLA certification purposes should include the following recommended “safe harbor” language found in the GINA regulations when making a request:
The Genetic Information Nondiscrimination Act of 2008 (GINA) prohibits employers and other entities covered by GINA Title II from requesting or requiring genetic information of employees and their family members. In order to comply with this law, we are asking that you not provide any genetic information when responding to this request for medical information. “Genetic information” as defined by GINA , includes an individual’s family medical history, the results of an individual’s or family member’s genetic tests, the fact that an individual or an individual’s family member sought or received genetic services, and genetic information of a fetus carried by an individual or an individual’s family member or an embryo lawfully held by an individual or family member receiving assistive reproductive services.
Employers who use this language and still recieve genetic information from a health care provider will be deemed to have recieved the information inadvertently.
Employers should realize that they cannot always rely on government forms. Employers should add the GINA “safe harbor” language to any requests for medical information under the FMLA in order to avoid potential liability for GINA discrimination claims. The failure to do so leaves an employer at risk for possible discrimination under GINA, depending upon the type of information recieved in response to such a request.