October 2023 – Transportation Hiring Alert – Always Check New Drivers’ Clearinghouse Record


FLEET OPERATORS face an increased risk of potential liability if they are not diligent about checking their drivers’ moving violation records with the state Department of Motor Vehicles, in addition to the Federal Motor Carrier Safety Administration’s Drug and Alcohol Clearinghouse.

As of 2020, it became mandatory that all motor carriers sign up their drivers in the Clearinghouse and run their driver rosters through the system to clear them for duty. But many companies are skipping this step and only checking their drivers’ records with the DMV, which may not reflect any suspensions issued by the Clearinghouse.

Clearinghouse rules require that drivers be tested for drugs prior to being hired and randomly throughout the year. This helps employers weed out drivers who may be at higher risk of both moving violations and accidents.

The Clearinghouse

The Clearinghouse was created to keep commercial drivers who have violated federal drug and alcohol rules from lying about those results and getting a job with another motor carrier.
This electronic database tracks commercial drivers’ license holders who have tested positive for prohibited drug or alcohol use, as well as refusals to take required drug tests, and other drug and alcohol violations.

The Clearinghouse tracks a driver’s drug and alcohol tests and bars them from operating commercial vehicles after they fail a test. If they want to return to driving, they must successfully pass a return-to-duty process that includes substance abuse treatment and a test to evaluate their readiness.

The restriction can be lifted if the driver signs up for a Clearinghouse program that will test them 14 times in two years, with the first 12 tests having to occur in the first year.
This cost all comes out of the driver’s pocket.
This system is an important check on drivers and helps employers reduce their exposure.
The Department of Motor Vehicles is required to check the Clearinghouse before issuing a new or renewing a commercial driver’s license.

The takeaway

While it is the law that employers follow Clearinghouse procedures, because it’s a new system, many companies are failing to follow the rules.
If you are relying only on pulling a driver’s moving violation record and not the Clearinghouse, you are in breach of regulations and could leave your firm exposed.
If you employ a driver who is under suspension from driving by the Clearinghouse and they are involved in an accident, the victims could build a case that your organization was negligent in letting the individual drive and not checking the Clearinghouse first.
If they can prove negligence on a fleet operator’s part, the business could be in for a hefty court judgment.


July 2023 – EEOC Guidance – New Rules for Using AI in Employment Decisions


The Equal Employment Opportunity Commission has issued new guidance on how employers can properly use software, algorithms and artificial intelligence-driven decision-making tools when screening job applicants and selecting candidates.
The EEOC has grown concerned about possible adverse impacts of these technologies that can help employers with a wide range of employment matters, like hiring decisions, recruitment, retention, monitoring performance, and determining pay, promotions, demotions, dismissals and referrals.
The guidance follows the EEOC’s recent announcement that it would pursue enforcement of violations of Title VII of the Civil Rights Act of 1964 and other statutes under its jurisdiction arising from use of AI in employment decisions.

The new guidance includes a series of questions and answers to help employers prevent the use of AI and other technologies from leading to discrimination on the basis of on race, color, religion, sex or national origin, in violation of Title VII.

Main points of the guidance:

Responsibility: Employers are ultimately responsible for discriminatory decisions rendered by algorithmic decisionmaking tools, even if they are administered by another entity,
such as a software vendor.
Assessment: Employers should assess whether their use of technology has an adverse impact on a particular protected group by checking whether use of the procedure causes a selection rate for individuals in the group that is “substantially” less than the selection rate for individuals in another group.

The selection rate for a group of applicants or candidates is calculated by dividing the number of persons hired, promoted or otherwise selected from the group by the total number of candidates in that group.
If an employer is in the process of implementing a selection tool and discovers that using it would have an adverse impact on individuals of a protected class, it can take steps to reduce
the impact or select a different tool, per the guidance.
If an employer fails to adopt a less discriminatory algorithm than that which was considered during the implementation process, it could result in liability, according to the EEOC.

The takeaway

Employers using algorithmic decision-making tools for employment decisions need to take the same care as they do when making employment moves without assistance from technology.
Firms should not implement these technologies without considering possible adverse decision-making that could lead to violations of the law and prompt litigation and regulatory
action by the EEOC.
Experts advise that you move forward carefully and work with the vendor to ensure the technology doesn’t get your organization in trouble.


April 2023 – Law Barring Mandatory Agreements Shot Down


A U.S. COURT of Appeals has struck down a landmark California law that prohibits employers from requiring their workers to sign agreements to arbitrate any disputes arising from their employment.
The ruling clears the way for employers to continue using arbitration agreements without risking criminal liability that the law – AB 51 – calls for. The law took effect Jan. 1, 2020, but after a coalition of employers led by the California Chamber of Commerce sued to block the measure’s implementation, a lower-court judge issued a temporary restraining order, halting enforcement until the matter could be resolved by the courts.
Arbitration agreements usually require both the employer and employee to submit any employment-related disputes to arbitration, rather than to the traditional court process. They are designed to reduce tension and save both parties money and time.
The Chamber said the Feb. 15, 2023 ruling by the Ninth U.S. Circuit Court of Appeals invalidating the law was a win for the state’s employers. The business advocacy group had asserted that the law contradicted federal legislation and would result in increased litigation and higher costs for employers and workers alike.
The ruling by the Ninth Circuit upheld a lower court’s preliminary injunction order and holding that AB 51 is preempted by the Federal Arbitration Act (FAA).

What did AB 51 require?

The law made it a criminal misdemeanor for an employer to require an existing employee or a job applicant to sign an arbitration agreement as a condition of employment.
However, due to a quirk in the law, even though an employer could be subject to criminal prosecution if it required employees to sign arbitration agreements, the contracts, if signed, would still be enforceable.
The law was written in this way to avoid conflicting with the FAA. But in the end, the court opined that AB 51 was preempted by the federal law after all.

The takeaway

The ruling paves the way for employers to continue using arbitration agreements with employees in the Golden State. That said, if you are using such agreements or plan to, you should consult with your legal counsel to ensure your agreement is up to date.
If the case is not appealed, the court’s opinion will likely lead to the law being nullified.
But an appeal would be an uphill battle, legal observers say. “SCOTUS (the U.S. Supreme Court) has clearly said that state rules burdening the formation of arbitration agreements are at odds with the FAA,” the law firm of Fisher Phillips wrote in a blog about the ruling.
One important note: The Ninth Circuit’s decision does not affect the federal Forced Arbitration of Sexual Assault and Sexual Harassment Act of 2021, which gives employees the right to opt for arbitration agreements and class- or collective-action waivers if they are making sexual assault or sexual harassment claims.


January 2023 – Ransomware Fallout – Firms That Pay Ransom Often Hit Again


A new report found that one-third of companies who are hit with ransomware and pay the hackers to unlock their systems, are often likely to be targeted a second time.

And after they pay, they are often faced with significant consequences, including system rebuilding costs, their data still being leaked and financial consequences, according to the “2022 Cyber Readiness Report” by Hiscox. The eye-opening results of the study come as the number of businesses hit by cyber attacks continues growing.

Considering the potential damage to your organization if your systems are compromised in the aftermath of a ransomware attack, even if you have cyber insurance to pay recovery costs, it’s best to take steps to thwart attacks in the first place.

More than ransom

It’s clear that paying a ransom often doesn’t mean the recovery for an affected business will be smooth, according to the report, which covers the poll results of 5,000 organizations.

The risk

Nearly half (47%) of firms reported that they had been hit by a cyber attack during the past 12 months, up from 40% in 2021. Of those who were attacked, 17% were ransomware victims.
The median cost of an attack has risen 29% to just under $17,000.
Small firms can no longer expect to fly under the radar as the criminals increasingly have them in their sights.

 

What you can do

Some firms have little exposure to a cyber attack, particularly if they don’t handle customer data or are not techdriven operations. Each firm has a different exposure level.
For companies that have cyber exposure, protecting their organization requires a multi-pronged approach that includes cyber insurance and strong data security protocols.
Cyber insurance may cover the cost of a paid ransom as well as recovery and rebuilding costs. If your organization has exposure, please give us a call to review your risk and see if cyber insurance is right for your business.

Besides that, Hiscox recommends taking a number of steps to protect against an attack and be able to recover from one faster:

  1. Keep all of your software up to date to include the installation of all the latest security patches.
  2. Frequently back up your data on a server that is not hooked up to the cloud.
  3. Train workers on how to recognize and avoid common social engineering attacks that criminals use to trick them into revealing sensitive information about themselves or their company.
  4. Teach your staff how to detect potentially dangerous e-mails that try to get them to click on a malicious link that can unleash ransomware or other malware.

January 2023 – Top 10 California Laws, Regs for 2023


A slew of new laws and regulations that will affect California businesses are taking effect for 2023.

Last year was a busy one, with ground-breaking new laws on employee pay disclosures, a law prohibiting discrimination against cannabis-using employees and another expanding the circumstances when employees can take leave to care for a loved one. The following are the top 10 laws and regulations that employers in the Golden State need to stay on top of.

1.  Pay disclosure

This sweeping law in part requires more disclosure of pay information by employers. Under current law, employers are required to provide the pay scale for a position upon reasonable request by a job applicant. SB 1162 goes a step further by:

  • Requiring employers, upon request by a current employee, to provide the pay scale of the position they are employed in.
  • Requiring employers with 15 or more workers to include pay scale in any job postings for open positions.
  • Requiring employers to maintain records of job titles and wage rate history for each employee while employed for the company, as well as three years after their employment ceases.

Note: The law defines “pay scale” as the salary or hourly wage range that the employer “reasonably expects” to pay for the position. Penalties range from $100 to $10,000 per violation. This law took effect Jan. 1, 2023.

 

 2.  State of emergency and staff

This new law, SB 1044, bars an employer, in the event of a state of emergency or emergency condition, from taking or threatening adverse action against workers who refuse to report to, or leave, a workplace because they feel unsafe. “Emergency condition” is defined as:

  • Conditions of disaster or extreme peril to the safety of persons or property caused by natural forces or a criminal act.
  • An order to evacuate a workplace, worksite or worker’s home, or the school of a worker’s child due to a natural disaster or a criminal act.

SB 1044 also bars employers from preventing employees from using their mobile phones to seek emergency assistance, assess the safety of the situation or communicate with another person to confirm their safety. The law, which took effect Jan. 1, 2023, does not cover first responders and health care workers.

 

3. Cannabis use and discrimination

This law bars employers from discriminating in hiring, termination or other conditions of employment based on employees using cannabis while off duty. The bill’s author says the legislation is necessary because THC (tetrahydrocannabinol), the active ingredient in marijuana, can stay in a person’s system after they are no longer impaired. As a result, drug testing may detect THC in an employee’s system even if they used it weeks earlier and it is having no effect on their job performance. AB 2188 does not require employers to permit employees to be high while working. The bill would exempt construction trade employees and would not preempt state or federal laws that require employees to submit to drug testing. This law takes effect Jan. 1, 2024.

4.  Leaves of absence

The California Family Rights Act and the state’s paid sick leave law allow employees to take leave to care for a family member, defined as a spouse, registered domestic partner, child, parent, parent-in-law, grandparent, grandchild or sibling. The definition has been expanded to include “any individual related by blood or whose association with the employee is equivalent of a family relationship.”

5.  Contractor workers’ comp

Starting July 1, the following contractors must carry workers’ compensation coverage regardless of if they have employees or not:

  • Concrete (C-8 license)
  • Heating and air conditioning (C-20)
  • Asbestos abatement (C-22), and
  • Tree service (D-49).

Starting Jan. 1, 2026, all licensed contractors must have coverage.

6.  OSHA citation postings

Under current law, employers that receive citations and orders from OSHA are required to post them in or near the place the violation occurred, in order to warn employees about a potential hazard. Starting Jan. 1, 2023, they must post the notice not only in English, but also: Spanish, Chinese (Cantonese, Mandarin), Vietnamese, Tagalog, Korean, Armenian and Punjabi.

7.  Permanent COVID standard

Cal/OSHA has a permanent COVID-19 prevention standard that will sunset in 2024. The new standard, which replaces the temporary emergency standard the agency had implemented, should provide more certainty for prevention procedures and practices. Here are the main takeaways:

  • Employers are no longer required to pay employees while they are excluded from work due to COVID-19, or to screen employees daily.
  • Employers must still notify and provide paid testing to employees who had a close contact in the workplace.
  • Employers can now incorporate written COVID-19 procedures into their Injury and Illness Prevention Programs.

8.  CalSavers expanded

SB 1126 requires any person or entity with at least one employee to either provide them with access to a retirement program like a 401(k) plan or enroll them in the state-run CalSavers program. Prior to this new law only companies with five or more employees that do not offer a retirement plan are required to enroll their workers in CalSavers.

9.  Bereavement leave

Employers with five or more workers are required to provide up to five days of bereavement leave upon the death of a family member, under a new law starting in 2023. This leave may be unpaid, but the law allows workers to use existing paid leave available to them, such as accrued vacation days, paid time off or sick leave. Employers are authorized to require documentation to support the request for leave.

10.  PFL wage replacement

This law was passed last year but does not take effect until 2025. Existing California law allows employees to apply for Paid Family Leave and State Disability Insurance, both of which provide partial wage replacement benefits when employees take time off work for various reasons under the California Family Rights Act. Starting in 2025, low-wage earners (those who earn up to 70% of the state average quarterly wage) will be eligible for a higher percentage of their regular wages under the state’s PFL and SDI benefit programs.


October 2022 – Commercial Property Insurance – Coverage Gets Scarce in At-Risk Areas


AS WILDFIRES grow in number, intensity and scope, the cost of paying for the resulting claims is causing a property insurance crisis in some parts of the state that shows no sign of disappearing anytime soon.
Commercial property insurance rates have skyrocketed for businesses in areas exposed to wildfire risks. Many have received non-renewal notices and have had to secure coverage with the market of last resort, the California FAIR Plan. Here’s what’s going on and what your options are if your commercial property policy is non-renewed.

What insurers are doing

While rates are increasing nominally in most of California’s larger cities due to higher construction costs, it’s a different story in smaller cities and towns.
Insurers are responding. Some are pulling out of the state or ceasing to write policies in areas they deem high risk and are issuing non-renewal notices. Those that continue to write business in high-risk areas are taking steps to rein in their risk:
Increasing rates – Many carriers have more than doubled rates for at-risk properties.
Hiking deductibles – Many carriers are raising deductibles in wildfire-prone areas.
Stricter terms – Some insurers are limiting the amount they will pay out if a building is destroyed. That can sometimes be as low as 20% of the value, meaning the rest would have to be covered out of pocket by the property owner.

Protective measures insurers may require

Defensible space: Maintain a defensible space around your building, usually all the way to the property line. You can find a thorough description of how to create a defensible space here.
Non-combustible materials and other measures: Use only non-combustible building materials, such as fire-proof shingles for your roof. The insurer may require you to shore up roofs, gutters, vents and siding and ensure there are no gaps that would allow embers to penetrate.
They may require exterior wall cladding made of non-combustible siding materials.
Reliable water supply: Insurers are requiring property owners to have clear access to a reliable water supply, including proximity to public hydrants and the possible installation of private-site yard hydrants. The availability of a reliable water supply is critical and should be evaluated frequently.
You may also consider installing a back-up water supply, such as a fire pump and tank.
Routine clearing: Insurers are requiring property owners to have a routine property clearing regimen that includes regularly removing dried vegetation from the property and removing debris or other flammable materials. Debris and vegetation are the tinder for large fires.

Your options if canceled

If you’ve been cancelled by your insurer, we can mount a search for replacement coverage. If all California licensed insurers that we have access to
reject your policy, we have two choices:
The non-admitted market – These are insurers that are not licensed in the state of California, but they are viable insurance companies nonetheless. They can offer policies that may not cover everything a homeowner’s policy from an admitted insurer would have. Policies can often be customized for the insured.

California FAIR Plan – We can only go to the FAIR Plan if you’ve thoroughly exhausted the options available through the voluntary market and been denied coverage.
If only one admitted insurance company is willing to write your policy, no matter how steep the premium is, you cannot go to the FAIR Plan for coverage.
Not only are FAIR Plans more expensive, but they offer fewer coverage options and lower policy limits. That said, the limits have doubled in 2022 to $6.8 million per policy.


July 2022 – Privacy Liability – Companies Bleed Data as Workers Move It Offsite


THE MORE employees are working from home, the greater the risk that their employers’ sensitive data is also being stored on their poorly secured devices and laptops.
A new study by Symantec Corp. found many workers are sharing, moving, and exposing sensitive company data as part of carrying out the requirements of their jobs, and they may not realize they could be compromising the information or that what they are doing is wrong.
More worrisome, the study found that half of all employees surveyed who left or lost their jobs in the prior 12 months had kept confidential company data. When that happens, the departing worker, your company, and the new employer are all put at risk.

 

 

 

 

Worse still, the majority of employees put these files at further risk because they don’t take steps to delete the data after transferring it. “In most cases, the employee is not a malicious insider,” writes Symantec, “but merely negligent or careless about securing IP. However, the consequences remain. The IP theft occurs when an employee takes any confidential information from a former employer.”

 

 

 

 

 

What you can do

Symantec suggests attacking the problem from multiple angles:
• Educate employees – You should take steps to ensure that IP migration and theft awareness is a regular and integral part of security-awareness training. Create and enforce policies dictating how they can and cannot use company data in the workplace and when working remotely. Help employees understand that sensitive information should remain on corporate-owned devices and databases. Also, new employees must be told that they are not to bring data from a former employer to your company.

• Enforce non-disclosure agreements – If you have not done so already, you need to craft new employment agreements to ensure they include specific language on company data.
They should include language that the employee is responsible for safeguarding sensitive and confidential information (and define what that is).
For employees that are leaving your employ, conduct focused conversations during exit interviews and make sure they review the original IP agreement.
Include and describe, in checklist form, descriptions of data that may and may not transfer with a departing employee.

• Track your data – You need to know where your data is going and how you can find out by using monitoring technology. One option is to install data-loss-prevention software that notifies managers and employees in real-time when sensitive information is inappropriately sent, copied, or otherwise improperly exposed.
Also, introduce a data protection policy that monitors inappropriate access or use of company data and notifies the employee and you of violations.
This increases security awareness and deters theft. When you know how data is leaving your company, you can then take steps to prevent it from seeping out.


April 2022 – State Law Has Employers on the Defensive


THE WAY courts have interpreted a California law – the Private Attorneys General Act (PAGA), which has been on the books for 18 years – has led to an explosion of lawsuits against employers during the last few years.

The law has generated more than 20,000 lawsuits since 2017 at an average cost of $1.1 million per case, according to one study.

PAGA permits employees to sue for civil penalties on behalf of themselves, fellow workers and the state for alleged labor code violations. If a suit is successful, the state receives 75% of the damages with the employee receiving the balance.
As a result, California employers face increasing litigation uncertainty that traditional insurance may do little to mitigate.
The employee in essence acts as the state’s watchdog; he or she need not suffer any actual harm from an alleged violation in order to file a lawsuit. One employee has the ability to file a suit alleging multiple labor code violations.
The result? An average of 15 PAGA notice letters arrive at the California Labor and Workforce Development Agency daily.

How did we get here?

The law was enacted in 2004 to improve California Labor Code enforcement by empowering employees to pursue violations when the state has insuffi cient resources to pursue them.
The growth in litigation started after a California Supreme Court decision in 2009, holding that PAGA suits did not have to meet the certification requirements that apply to class-action lawsuits.
Litigation activity jumped significantly again in 2014 after the state Supreme Court held that employees could not waive their rights to fi le PAGA claims when they reach arbitration agreements in disputes with their employers.
Three years later, the court ruled that employees were generally entitled to request and receive large amounts of information from employers early in the litigation.
The high cost of providing the information gives employers an incentive to settle claims quickly.
Finally, an appellate court ruling in 2018 gave employees the right to sue over alleged violations that do not directly affect them, so long as at least one violation does.

What’s being claimed?

 

PAGA claims can also involve allegations of discrimination, retaliation and failure to protect the health and safety of employees. There are even COVID-19-related claims. One allegation triggers multiple other ones related to the first, such as failure to pay all earned wages, failure to pay wages in a timely manner, and so on. One potential bright spot: In December 2021, the U.S. Supreme Court agreed to consider whether California employers may enter voluntary agreements with employees in which the employee agrees to pursue only their individual claim and
not bring a PAGA claim. A decision is expected this summer.

Insurance implications

One issue for employers is that employment practices liability insurance typically won’t cover wage and hour disputes or signifi cantly sublimit the amount of coverage available for defense costs only.
Also, EPLI policies usually carve out coverage for wage and hour claims under PAGA representative actions.

Directors and officers liability policies exclude wage and hour claims.
One option is wage and hour insurance, which most likely would provide defense and indemnity coverage for PAGA claims that allege violations of wage and hour laws and regulations.
However, these policies are expensive and usually have quite high retentions, which could price out most smaller employers.


April 2022 – Risk Management – Don’t Let a Subcontractor Derail Your Safety Efforts


ONE OF the biggest challenges construction businesses face is preventing subcontractors’ and suppliers’ poor or non-existent safety practices from denting their own safety program.
While you may consider a number of factors when vetting a new subcontractor or vendor, one area that is often overlooked is their workplace safety practices.
This mistake can cost you dearly if one of their workers causes an incident at your worksite. In addition to an injury to one of your own employees, you could get a visit from an Occupational Safety and Health Administration inspector.

The National Safety Council’s Campbell Institute recently conducted a study of organizations with excellent safety records to identify the best practices for subcontractor and vendor safety.

As part of the study it identified five steps during a contractor or vendor relationship when it’s incumbent on a hiring company to evaluate the workplace safety habits of their business partners.

Prequalification

The institute recommends looking at more than just a company’s experience modifi cation rate. It says safety-minded fi rms assess subcontractors in multiple areas, such as their total recordable incident rate, fatality rate, days away from work for injured workers, restricted or transferred rate, and other OSHA recordables for the last three years.

Many firms also ask for environmental reports, written safety programs, permits, licenses, and continuous improvement programs.

Pre-job task and risk assessment

Before a subcontractor begins work, institute members recommend having a method for evaluating the risk of the work that is to be performed. Doing this can help you understand the scope of the work and give you a chance to put into place a new written safety program if the risk is deemed high.
Most importantly, subcontractors should be required to adhere to the same safety standards as your company.

Training and orientation

You should require safety orientation and skills training for subcontractors before they step onto your jobsite. Also, if they are doing highly specifi c work, you should ensure they have any required permits or special training. Some of the jobs that fit into that category are confi ned-space entry, electrical work, hot work, energy control, forklifts, and elevated work.

Job monitoring

Many safety-minded companies monitor work with daily checklists, pre-shift tailgate or safety meetings and weekly walkthrough inspections. Some of the companies surveyed for the study also require contract employees to submit a certain amount of safety observations and utilize mobile applications to report non-compliance or unsafe conditions. Also, you need to keep up-to-date incident logs, as this is crucial to monitoring subcontractor safety during a project.

Post-job evaluation

Conduct a post-job evaluation. During this phase look at safety, customer service and the quality of the fi nished work, and use those factors in determining the subcontractor’s eligibility for future contracts.


April 2022 – Growing Threat – Funds Transfer Fraud Hits Small Firms the Hardest


WHILE RANSOMWARE is making the headlines as the major cyber threat, small and mid-sized businesses are increasingly being targeted by lower fraud that dupes them into wiring criminals funds, according to a new report.

These funds transfer fraud crimes involve hackers gaining access to a firm’s mailbox and extracting payments that go into their accounts. Companies should have in place proper systems safeguards to combat these attacks, and that includes regularly training staff on how to identify these attempts to steal funds.

How it works

Criminals will often try to penetrate your servers by sending “spearphishing” e-mails. These messages look like they’re from a trusted sender to trick victims into revealing confidential information. They may also send malicious e-mails in the hope that an employee clicks on a bogus link. The link then releases malicious software that infi ltrates company networks and gains
access to legitimate e-mail threads about billing and invoices.
Once the criminals have access to your business mailbox, they can manipulate your contacts and modify payment instructions. They may also use their access to your systems to send e-mails that appear to come from a known source making a legitimate request.

 

 

 

Insurance options

The best option for coverage is a commercial crime insurance policy. Most of these policies cover acts like:
• Employee dishonesty
• Computer and funds transfer fraud
• Forgery or alteration
• Money and securities theft
• Theft of client’s property.

Some policies may exclude funds transfer fraud, or they may have lower sublimits for such acts. In such cases you may need to get a policy extension to cover the risk. There is also cyber liability insurance, which covers direct losses resulting from cyber crime. But these policies will often exclude coverage for social engineering attacks, which are the kinds that the criminals behind funds transfer fraud use. You may be able to purchase a rider to your cyber liability policy that would cover these crimes.


Request a Wholistic Mindful Analysis

Ask us how we can help your organization