COVID-19: FAQs on Federal Labor and Employment Laws

The recent spread of the novel coronavirus (COVID-19) in the United States has caused employers to be increasingly concerned and uncertain regarding the future of their workforces. Here are some answers to frequently asked questions (FAQs) about the latest developments on the virus and guidance from federal agencies.

U.S. and Global Employee Data Privacy FAQs

An employer’s response to COVID-19 involves numerous privacy issues. Below are some answers to frequently asked questions (FAQs) about these issues within the United States and globally, based on laws such as the Americans with Disabilities Act (ADA) (which applies in the United States) and the European Union’s General Data Protection Regulation (GDPR). While many of these principles can be applied globally, employers should always look to applicable local laws in their jurisdictions and guidance from public health authorities. Employers should also consult any applicable internal policies, data privacy notices, employee collective bargaining agreements, employment contracts, and individual employment terms.

COVID-19: FAQs on Federal Labor and Employment Laws

The recent spread of the novel coronavirus (COVID-19) in the United States has caused employers to be increasingly concerned and uncertain regarding the future of their workforces. Here are some answers to frequently asked questions (FAQs) about the latest developments on the virus and guidance from federal agencies.

A GDPR Update for Employers, Part IV: Implementing Lessons Learned From GDPR Complaints and Enforcement Actions

The European Data Protection Board (EDPB) and EU supervisory authorities have reported that they have received a large number of complaints during the first six months following the effective date of the GDPR. For example, the EDPB reported that it had received more than 42,000 complaints since May 25, 2018. The French Supervisory Authority (CNIL) reported a 20 percent increase in complaints filed during the first six months the GDPR was effective compared to the same period in 2017. Similarly, the Irish Supervisory Authority reported a 50 percent increase in data breach reports and a 65 percent increase in data protection complaints over the same period. The Irish Data Protection Commissioner also stated that several investigations of multijurisdictional complaints against large companies are being completed and that she expects major GDPR fines to be issued in 2019.

A GDPR Update for Employers, Part III: Preparing Required Data Protection Impact Assessments

Article 35 of the GDPR provides that a data protection impact assessment (DPIA) must be performed for data processing that “is likely to result in a high risk to the rights and freedoms of natural persons.” DPIAs must contain (1) a description of the processing operation along with the purpose of the processing and, where applicable, the legitimate interest for the processing; (2) an assessment of the necessity and proportionality of the processing operation in relation to the purpose; (3) an assessment of the risks to the rights and freedoms of the data subjects; and (4) the measures to be taken to mitigate the risks.

A GDPR Update for Employers, Part II: Aligning HR Practices to Comply with National Legislation Implementing the GDPR

Although the GDPR was intended to provide a uniform set of data protection requirements across the EU, the GDPR contains several provisions, known as “opening clauses,” that expressly permit individual EU countries to implement additional and/or stricter requirements for certain types of data that employers typically process.

A GDPR Update for Employers, Part I: Determining Whether Your Organization’s HR Data Processing Is Covered

Much has happened since the European Union (EU) General Data Protection Regulation (GDPR) went into effect on May 25, 2018. Many EU countries have enacted national legislation to implement and expand the requirements of the GDPR, while other developments have directly affected employers and created new obligations regarding the collection and processing of human resources (HR) data.

Working Party Confirms That Employers of All Sizes Must Maintain Article 30 Records of Processing for Human Resources Data

On April 19, 2018, the Article 29 Working Party (Working Party), which is comprised of representatives from the data protection authorities in each of the 28 European Union (EU) member states, issued a position paper stating that all employers of EU employees are required to prepare and maintain records of processing activities relating to human resources data pursuant to Article 30 of the General Data Protection Regulation (GDPR).

EU Regulator Discusses Enforcement Priorities for the GDPR

On March 27, 2018, Helen Dixon, the data protection commissioner for Ireland, outlined the enforcement priorities of the Irish data protection authority (DPA) for the General Data Protection Regulation (GDPR) during the International Association of Privacy Professionals Global Privacy Summit in Washington, D.C. The Irish DPA has been ramping up its compliance capabilities for the GDPR and will undoubtedly serve as the lead DPA for GDPR enforcement for numerous U.S. companies that are headquartered or have locations in Ireland. 

The Highest Risk Area for GDPR Compliance: Processing HR Data

With less than six months until the May 25, 2018, effective date for the European Union (EU) General Data Protection Regulation (GDPR), companies are assessing their GDPR readiness and concentrating their compliance efforts on the highest risk areas. What is the highest risk area for GDPR compliance?

Rubber, Meet Road: The Arduous Task of Translating Campaign-Talk into Action to Repeal (and Replace?) Obamacare

The creation and implementation of the Patient Protection and Affordable Care Act (ACA or Obamacare) was a long, strange trip beset throughout by policy disagreements, shifting political winds, backroom legislative dealings, unexpected costs, legal challenges, and public relations fiascos. It should then come as no surprise that the Trump administration and the new Congress have experienced a similarly bumpy ride thus far in their efforts to dismantle the ACA.

Data Security Safeguards Can Help Healthcare Employers Withstand Cyberattacks—and Government Audits

The last couple of years have brought a steady rain of bad news for the healthcare industry when it comes to data security: Insurers faced with massive data breaches affecting thousands of health plans and millions of individuals. Hospitals having to choose between paying cybercriminals or suffering critical data losses. The temptation might be to dismiss some or all of this as the reporting of isolated events, a closer look at the issues makes clear that the threats to data are real, the cyberattacks potentially devastating, and the costs involved both significant and growing.

The Same-Sex Marriage Ruling: Key Employee Benefits Take-Aways

The recognition of same-sex marriages across the country will offer greater clarity for employers as they administer their employee benefit plans. Since the 2013 Supreme Court decision in United States v. Windsor, same-sex spouses have been recognized for federal tax purposes and in the federal government’s regulation of benefit plans, but until the Obergefell decision, state insurance departments, state taxing authorities, and state domestic relations courts were not required to recognize same-sex marriage.

Honored in the Breach: Employer Action Items for an Insurer Data Breach

This morning, Anthem Blue Cross and Blue Shield, one of the largest health insurers in the country, notified its policyholders, members, and business partners that it was recently the target of an external cyber attack that appears to have comprised the confidentiality of medical and other personal information maintained on…..

At Year End, IRS Issues Guidance On Cafeteria Plan Transitional Rules For Windsor

Finally, some guidance on mid-year cafeteria plan changes that many employers have already permitted in the wake of United States v. Windsor. On December 16, 2013, the Internal Revenue Service (IRS) released Notice 2014-1, which answers questions regarding the proper treatment of cafeteria plan elections, flexible spending account (FSA) expenses,…..