The Justice Department Criminal Division recently released guidance on what it considers when deciding how a corporation’s compliance program factors into its investigation and the ultimate decision as to whether to bring charges, negotiate pleas or enter into other agreements with corporations under investigation. The Evaluation of Corporate Compliance Programs, released on April 30, 2019, is an expansion of the 2017 guidance document issued by the Criminal Division Fraud Section.

Prosecutors Must Ask Three Fundamental Questions

Prosecutors will ask three fundamental questions to determine if a corporation’s compliance program was effective at the time of the offense and at the time of charging:

1. Is the compliance program well-designed?
2. Is the compliance program being implemented effectively?
3. Does the compliance program work in practice?

Is Your Compliance Program Well-Designed?

An Effective Compliance Program Identifies Specific Risks

An effective compliance program will be tailored to the specific risks affecting the company under investigation. Prosecutors will ask if the company identified its own “high-risk” areas, as well as the degree to which the program dedicates resources to monitor these areas. Even a well designed program might not catch every event. Therefore, another important factor is when an event is uncovered, are the lessons learned incorporated into the compliance program going forward?

Train Your Employees

Prosecutors will analyze how thoroughly and effectively a company has trained its employees on its compliance program. Companies should use real-life experiential training scenarios and case studies during employee training. Employees must know when, where and how to report suspected misconduct. Then, once an incident is reported, how does the company identify which complaints merit further investigation? What access is given to the individual investigating the complaint? Is this an employee or an independent outside agency? A well-designed compliance program will also make it clear that no employee retaliation will be tolerated.

Third-Party Risk

Just as you should be monitoring your employees, it is just as (if not more) important to take your third-party vendors into consideration when assessing high-level risks. Your company should be mitigating these risks by using appropriate contracts and agreements for outside work, and doing regular due diligence and compliance training for third-party vendors.

Is Your Compliance Program Being Implemented Effectively?

Prosecutors will analyse if your compliance program is being implemented effectively. A company can spend countless hours developing a compliance program that looks and sounds great, but if, after the initial introduction to employees, it gets forgotten or completely ignored, then prosecutors will not look favorably on your company’s efforts. A successful compliance program must be woven into the fabric of the day-to-day culture from the top down.

Does Your Compliance Program Work in Practice?

The final question prosecutors will ask is whether the compliance program actually works in practice. Prosecutors will look into : (1) Was investigation into the misconduct conducted in a timely manner? (2) Has the company completed a root cause analysis? (3) Can the program be tested in order to improve? Again, evolution is key here. Does your program have to be perfect? No, no risk will ever be 100% mitigated. However, a program that works in practice needs to have the ability to be updated built into its core.

Take Away

As you can see, the DOJ has shared valuable insight into what prosecutors look for when evaluating compliance programs. This is extremely valuable and companies should take advantage of this intel and honestly self-assess whether its program measures up. Companies that have well-thought-out and designed plans that are capable of evolving will fare better before the Criminal Division than those who do not. If you have any questions regarding your program or compliance in general, or any other aspect of your business, please feel free to contact us at Danziger Shapiro, P.C.
This entry is presented for informational purposes only and is not intended to constitute legal advice.

Voice recordings violate the General Data Protection Regulation (GDPR) when companies fail to provide callers the ability to opt out according to a ruling earlier this month by the Denmark Data Protection Authority. Under the GDPR, voice recordings are considered personal data. Therefore, companies that communicate with EU residents need to understand what the GDPR requires from a compliance perspective to avoid unwanted violations.

This Call May Be Monitored …. Requires Affirmative Consent

We have all heard some form of the following phrase right before a live person answers the phone, “This call may be monitored for training purposes…” Well, in this instance the caller asked the Company NOT to monitor the call for training purposes. The Company representative replied there was no way to turn the recording off. Based upon these facts, the agency in Denmark held the inability to turn the recording off when requested violated the GDPR. The Company argued unsuccessfully that by continuing on the call, the customer consented to having the conversation recorded. The agency disagreed and stated consent needs to be more than just tacit approval but rather a clear, affirmative and unambiguous choice to have your personal data recorded. Affirmative consent was not available in the foregoing example.

Take Away

The take away here is that affirmative consent requires the ability to opt out. If there is no way to opt out, were you given a meaningful choice? Is tacit compliance enough? In Denmark, the answer was clearly no. Going forward, US companies that are subject to the GDPR should take notice of this ruling and pay careful attention to internal telephone practices. Click here for more information generally on the GDPR. If you have any questions regarding this or any other aspect of your business, please feel free to contact us at Danziger Shapiro, P.C.

This entry is presented for informational purposes only and is not intended to constitute legal advice.

The State Office for Data Protection Supervision (BayLDA) in Bavaria recently conducted an audit on 40 websites and concluded all 40 websites were in violation of the GDPR. The audit revealed, as discussed below, that all websites failed to provide its users with clear and concise information regarding the use of cookies in direct violation of the GDPR. Interestingly, none of the 40 companies were technology based companies. This should serve as a stark warning to all companies that compliance with the GDPR is not something only technology companies must comply with but applies across all sectors.

Cookie Banners

By now it is commonplace to see at the top of a website a banner that states something along the lines of “This site uses cookies to provide you with a better user experience. By using this website you consent to and accept the use of cookies….” In reviewing the 40 websites BayLDA found that the cookie banners used were ineffective at disclosing useful information to end users to protect them from unknown tracking. Specifically, the banner MUST disclose the specific type of cookie being used. Broad generic descriptions such as performance or analytic cookies do not suffice.

In addition, BayLDA found it problematic that cookie tracking started, known as the “cookie drop”, on most of these websites immediately upon the site’s loading. In essence tracking started before you even had a chance to opt out! Thus even if you consented by clicking on the cookie banner, did you really given meaningful consent if the cookie dropped even before you agreed?

Take Away

While the BayLDA audit does not rise to the level of formal guidance, US companies that are subject to the GDPR should take notice and pay careful attention to their cookie banners and timing of the “cookie drop.” Click here for more information generally on the GDPR. If you have any questions regarding this or any other aspect of your business, please feel free to contact us at Danziger Shapiro, P.C.

This entry is presented for informational purposes only and is not intended to constitute legal advice.

New Jersey has a tax amnesty gift for its delinquent tax payers. In a nutshell, if by January 15, 2019, a taxpayer brings all back taxes current and pays 50% of the outstanding interest due, the NJ Department of Treasury will waive most penalties, collection costs and 1/2 of the interest that is due as of November 1, 2018. To file for tax amnesty, the taxpayer must also file all past due returns. Click here for detailed program information straight from the NJ Department of Treasury.

Filing Deadline, Eligible Periods and Forms for Amnesty Compliance

There are several deadlines NJ taxpayers must be aware of to be eligible for tax amnesty.

Amnesty Deadlines:

First, all required tax amnesty payments must be received on or before January 15, 2019. If you want to pay by check, you must mail or go in person to one of the Regional Information Centers. To pay by e-check or credit card, you must apply for a PIN and go through the NJ Amnesty Processing Center. In addition, all tax returns must be postmarked no later than January 15, 2019.

Eligible Periods and Taxes:

In order for a tax to be eligible for amnesty, it must be for a NJ state tax liability for a return that was due for the time period after February 1, 2009 through September 1, 2017. Eligible taxes include those taxes that are collected by the NJ Division of Taxation. Taxes that are collected by the NJ Department of Labor (real estate and payroll for example) are not a part of this program.

Forms:

Click here for the forms needed to apply for the amnesty program.

What should I do going forward?

Tax amnesty is an incredible opportunity for taxpayers to resolve outstanding New Jersey tax liabilities. Going forward, if a taxpayer receives an assessment in the mail for the above tax periods and they are greater than what is being offered by the program – don’t settle. Negotiate a deal that is comparable to the program. This is an excellent time for taxpayers who might have not filed all of the required returns or perhaps may have under reported income to come to the table and get rid of those skeletons in the closet.

If you have any questions regarding this program or any other issue affecting your business, please feel free to call the attorneys at Danziger Shapiro, P.C. We are available to assist you with your business needs. We look forward to hearing from you.

This entry is presented for informational purposes only and is not intended to constitute legal advice.

Last month on October 29, 2018 the New Jersey Paid Sick Leave Act became effective. In general, this new law requires that all New Jersey employers provide their employees 1 hour of sick leave for every 30 hours worked. This law applies even if you have only 1 employee. The next deadline is tomorrow, November 29,2018. By this date all employers will need to have posted the Department of Labor’s Notice of Employee Rights in a prominent location for all employees to see. Please be sure to fill in the benefit year before posting.

If you have any questions regarding the New Jersey Paid Sick Leave Law, please click on this link and you will be directed to my earlier post. Alternatively, please feel free to contact any of the other attorneys at Danziger Shapiro to discuss how this new change will affect your business or any other issue you may have that concerns you and your business.

This entry is presented for informational purposes only and does not constitute legal advice.

Starting July 1, 2018 the City of Philadelphia has a new reduced local tax structure. It impacts local businesses, employees and residents as follows:

City Wage Tax (applies to all businesses that operate within the City limits or hire Philly residents)

• 3.8809% city wage tax for Philadelphia residents
• 3.4567% for non-residents

All paychecks issued by businesses after June 30, 2018 must comply with the new withholding rates. Be sure to notify your HR department of payroll company to avoid needless headaches down the road.

Earnings Tax

• 3.8809% earnings tax for Philadelphia residents
• 3.4567% for non-residents

The earnings tax is essentially the same as the City Wage Tax. The City Wage Tax is withheld by your employer. If your employer does not withhold the City Wage Tax however, it is still the responsibility of the individual to pay this tax directly to the City – the City Earnings Tax.

Net Profits Tax and School Income Tax

• 3.8809% for Philadelphia residents
• 3.4567% for non-residents

Only residents of Philadelphia are responsible for the School Income Tax.

For more information directly from the Department of Revenue, click here.

Douglas Leavitt is an attorney with Danziger Shapiro and focuses his practice on guiding business with their daily operational needs. Please feel free to contact him or any of the other attorneys at Danziger Shapiro to discuss how this new change will affect your business or any other issue you may have that concerns you and your business.

This entry is presented for informational purposes only and does not constitute legal advice.

The General Data Protection Regulation (GDPR) was approved by EU Parliament back in May 2017. The GDPR, in a nutshell, was designed to replace an inconsistent set of data privacy laws with a comprehensive law that protected all European Union residents. Please click here for my original post on the GDPR. While the GDPR has been in effect for over a year, the law gave companies until May 25, 2018 to comply. Well, that deadline has come and gone. If you fail to comply, regulators can impose a fine of up to 4% of worldwide revenue. This is NOT a typo! 4% of worldwide revenue up to 20 million euros.

Currently, there are no grace periods if your company still has not complied with the GDPR. Additionally, as the ability to enforce compliance is less than 1 week old, there is no precedent out there that we can use as guidance. Regulators for EU member states have indicated different going forward approaches to enforcement. While one state regulator has inferred that even if full compliance has not yet been achieved, the efforts made to attain compliance will be taken into account as a mitigating factor. Alternatively, other state regulators have simply stated that if we have reason to impose a fine we will impose a fine. In this regard, the newly created European Data Protection Board was recently created.

Going Forward – What should US Companies do?

US companies had over a year to prepare for the May 25, 2018 compliance deadline. Just burying your head in the sand is not a good strategy considering the potential fine of up to 4% of worldwide revenue. US companies need to understand if their online business presence falls under the GDPR. If you have any questions regarding this or any other aspect of your business, please feel free to contact us at Danziger Shapiro, P.C.

This entry is presented for informational purposes only and is not intended to constitute legal advice.

Earlier this month New Jersey passed a paid sick leave act (the “Act”) that goes into effect on October 29, 2018. This new law requires all New Jersey employers regardless of size to provide paid sick time off. This law preempts towns and municipalities from enacting new paid sick law ordinances and preempts ordinances that were on the books prior to the passage of this new law. For a full copy of the Act click here.

Amount of Paid Time Available

Under the new Act, employees will accrue one hour of paid sick time for every thirty hours worked. Employers are not required to permit employees to accrue or use more than 40 hours of sick time in any “benefit year”. A benefit year is defined as any 12 consecutive month period where an employee can use earned sick time. Unused time will carry over to the next benefit year unless employees accept payment on account of such benefits in accordance with the Act. Employers are also not required to allow an employee to carry over more than forty hours of paid sick time from one year to the next benefit year. Employers, in their discretion, can make all forty hours (5 days) of paid sick time available immediately at the beginning of a benefit year.

Earned Paid Time May Be Used For:

Section 3 of the Act provides that paid time may be used by an employee for the following purposes:

• the diagnosis, care, or treatment of, or recovery from, an employee’s mental or physical illness, injury or other adverse health conditions or for other employee preventative medical care;
• to aid or care for a family member of the employee during diagnosis, care, or treatment of, or recovery from a family member’s medical illness or other adverse or preventative medical care;
• an absence necessary due to circumstances resulting from the employee, or a family member of the employee, being a victim of domestic or sexual violence under certain expressed conditions;
• time where the employee is not able to work because of a closure of the employee’s workplace, or the school or place of care of a child of the employee or where a conference is required related to such child’s education

Limitation and Notice of Paid Sick Time

An employer is only required to provide an employee with paid sick time for the purposes set forth in the Act. Thus, it follows that nothing in the Act prevents an employer for disciplining an employee who takes paid sick time off for a reason not authorized by the Act. Further, employers may require when possible that employees provide at least seven days notice of his or her intent to use paid time off and the expected duration. If seven days is not possible, then the employee shall provide notice as soon as possible. If the expected absence will last three or more consecutive days, the employer may require written documentation.

Record Keeping and Anti-Retaliation

The Commissioner of the NJ Department of Labor is developing a notice that employees must post in the workplace. Once developed, a copy of the notice must be handed out to all current employees and to new hires. The notice must also be made available to an employee when requested. Not surprisingly, employers are not allowed to retaliate against an employee who takes or requests paid sick time. There also is a rebuttable presumption that retaliation has occurred if an adverse action takes place against an employee within 90 days of an employee informing the employer, other employees or the Dept. of Labor of a violation of the Act.

Take Away for Employers

Employers need to familiarize themselves with this new Act and make sure that the appropriate individuals within the organization are aware of how hours are accrued, used and carried over. Remember, this new law applies regardless of size (number of employees). Failure to comply will be expensive because it will be regarded as a violation of the NJ State Wage and Hour Law which provides for double damages and attorney fees. Please reach out to your attorneys to review your current paid sick leave program to the extent you might already have one, develop a new one if you don’t and what needs to changed in your employee handbook.

Douglas Leavitt is an attorney with Danziger Shapiro and focuses his practice on guiding business with their daily operational needs. Please feel free to contact him or any of the other attorneys at Danziger Shapiro to discuss how this new change will affect your business or any other issue you may have that concerns you and your business.

This entry is presented for informational purposes only and does not constitute legal advice.

Last month the Diane B. Allen Equal Pay Act (the “Act”) was signed into law by New Jersey Governor Phil Murphy. This marks the third time in four years that the NJ legislature has amended its Law Against Discrimination. The Act expands equal pay protections for NJ employees and increases compliance obligations on NJ employers. The Act goes into effect on July 1, 2018. In a nut shell, the Act makes it an illegal employment practice to pay an employee who is a member of a “protected class” less compensation and benefits for performing substantially similar work by employees outside of the “protected class” unless the employer can show a recognized exception. In addition, the Act imposes public reporting requirements for employers who deal with public contracts.

Substantially Similar Work and Recognized Exceptions to Equal Pay Act

The Act instructs that “substantially similar work” will “be viewed as a composite of skill, effort and responsibility” unless such similar work and corresponding pay discrepancy can be supported by recognized exceptions. Recognized exceptions to unequal pay for members of a protected class include seniority and/or merit systems and other identified factors so long as the employer can demonstrate a legitimate and causal connection to the difference in wages. Unlike other states’ equal pay acts, the NJ Act does not allow an Employer to pay different wages to protected classes based upon in state work locations. In the past, an employer might have justified pay discrepancies based upon costs of living differences per office location. This practice is now illegal.

Statute of Limitations and Damages under Equal Pay Act

The statute of limitations under the Equal Pay Act is six years and restarts with every paycheck that is of unequal pay. It is also illegal for an employer to shorten the statute of limitations under the Act or to waive any of the Act’s protections. Employers who violate the Act may be responsible for up to treble damages. Damages for violations of the Law Against Discrimination include economic, compensatory, punitive and attorneys’ fees.

Take Away for Employers

The take away is that the employment landscape changes almost on a daily basis and this is just another reason why it makes sense to sit down with your attorney and discuss how to analyze your current pay structure. This self audit should include not only a raw number analysis but also consider the hiring, promotion and compensation process itself for inherent and subconscious biases. At the conclusion of the audit, make sure you train the appropriate individuals within your entity to make sure they are aware of the new requirements at play and update your employee handbook as well.

Douglas Leavitt is an attorney with Danziger Shapiro and focuses his practice on guiding business with their daily operational needs. Please feel free to contact him or any of the other attorneys at Danziger Shapiro to discuss how this new change will affect your business or any other issue you may have that concerns you and your business.

This entry is presented for informational purposes only and does not constitute legal advice.

Last month a federal judge sitting in the Eastern District of Pennsylvania ruled that the recently enacted prohibition against asking job applicants their wage history violated the first amendment. The Philadelphia City Council enacted the ordinance to level the playing field with respect to the wage gap between men and woman. For a discussion surrounding the history and specific components of this law, please click here for my earlier post.

Philadelphia’s Wage History Law

Philadelphia’s Wage History Law had two main components- an inquiry provision and a reliance provision. The Court held that the inquiry provision is the prong that violated the First Amendment. Specifically, the Court held that there is no legitimate reason that would prevent an employer from asking an employee what he or she earned at their previous job. For this reason, the Ordinance’s restriction on freedom of speech violated the First Amendment It is worth noting that the second prong of the Ordinance, the reliance provision did not violate the terms of the First Amendment. Specifically Judge Goldberg wrote, “I conclude that the city’s inquiry provision violates the First Amendment. Although the ordinance represents a significant positive attempt to address the wage gap, the First Amendment compels me to enjoin implementation of the inquiry provision. The reliance provision, however, does not offend the First Amendment and remains intact. I commend the city for pursuing a novel method of attempting to reduce the wage gap, but am bound by the First Amendment’s exacting requirements for speech restrictions.” To read this Opinion click here.

The take away is that the employment landscape changes almost on a daily basis and this is just another reason why it makes sense to have an attorney take a look at your employee handbook to make sure it is up to date. Douglas Leavitt is an attorney with Danziger Shapiro and focuses his practice on guiding business with their daily operational needs. Please feel free to contact him or any of the other attorneys at Danziger Shapiro to discuss how this new change will affect your business or any other issue you may have that concerns you and your business.

This entry is presented for informational purposes only and does not constitute legal advice.

Last month the Department of Labor’s Wage and Hour Division officially rejected the 6-part test it had been using to determine if an employer who had an unpaid intern was violating the Fair Labor Standards Act (FLSA). Going forward the DOL will employ a “primary beneficiary” test which is designed to focus on the specific economic realities between the employer and intern. The new test affords the DOL more flexibility in its analysis with one factor not being any more or less important than another factor.

Primary Beneficiary Test

The primary beneficiary test requires the Courts and DOL to look at the following seven factors:

• The extent to which the intern and the employer clearly understand that there is no expectation of compensation. Any promise of compensation, express or implied, suggests that the intern is an employee—and vice versa.
• The extent to which the internship provides training that would be similar to that which would be given in an educational environment, including the clinical and other hands-on training provided by educational institutions.
• The extent to which the internship is tied to the intern’s formal education program by integrated coursework or the receipt of academic credit.
• The extent to which the internship accommodates the intern’s academic commitments by corresponding to the academic calendar.
• The extent to which the internship’s duration is limited to the period in which the internship provides the intern with beneficial learning.
• The extent to which the intern’s work complements, rather than displaces, the work of paid employees while providing significant educational benefits to the intern.
• The extent to which the intern and the employer understand that the internship is conducted without entitlement to a paid job at the conclusion of the internship.

Click here for an excellent summary of the new “Primary beneficiary Test” provided by the DOL.

Improperly Classified as Unpaid Employee

If the employer improperly classifies an intern as an unpaid employee, then the employee will be entitiled to minimum wage and overtime wages to the extent applicapble under the FLSA. An employer really needs to consider who is the primary beneficiary of the relationship and whether or not it is really just trying to get free labor. Attorneys will take these cases on a contingent basis because of the fee shifting provisions under the FLSA. If you are still not concerned consider this through a broader lens. What if this ocurrs in a large corporation that for years has been using unpaid interns but had improperly classified them as interns and not employees? On a class wide basis, combined with attorneys’ fees, the stakes are much larger.

What this means for Employers

As we have said in the past, Employers should every once in a while conduct a wage and hour audit and make sure that the audit applies to its “unpaid interns” as well. This means not only should an employer review its wage and hour policies, but also understand how it works in the actual workplace.

Douglas Leavitt is an attorney with Danziger Shapiro and focuses his practice on guiding businesses with their daily operational needs. Please feel free to contact him or any of the other attorneys at Danziger Shapiro to discuss a business compliance issue or other concerns you have that affects you and your business.

This entry is presented for informational purposes only and does not constitute legal advice.

A Delaware business client recently asked me to review his commercial privacy policy to see if his website complied with current online privacy protection requirements. Not surprisingly in this fast pace and constantly changing digital landscape – the website failed because it did not clearly provide a link to its privacy policy on the home page. And this is putting aside the May 25, 2018 GDPR compliance deadline that is fast approaching and its severe financial consequences for noncompliance. The Delaware Privacy Online Act Delaware Online Privacy Protection Act has three stated goals but for purposes of this alert, I will focus on only on the commercial purpose. Operators of an internet service must conspicuously post its “privacy policy” if it collects personally identifiable information of Delaware residents. To better understand this, let’s break this down into its component parts.

Operators of an Internet Service

The Act defines operators of an internet service in a straightforward manner. An operator is defined as a person who owns an internet website, online or cloud computing service, online application, or mobile application. (Going forward I will refer to all of these platforms as a “web site”). It does not however include a third party who manages or hosts your site. This distinction is important because it places the responsibility on the “owner” of the site and not the person or entity who is actively managing the site on a day to day basis. This means for the business owner you are responsible and it is not a defense to argue that you hired a company to manage your web site. Internet service is defined broadly to encompass everything internet related regarding communication of information by wire, radio or other methods of transmission.

Personally Identifiable Information

Personally identifiable information (“PII”) is defined as data that allows a user to contact an individual through the collected PII either online or directly. Examples of PII include, first and last name, a physical address, an e-mail address, a telephone number, a social security number, or any other identifiers that would allow direct or online contact.

The Privacy Policy Must Be Conspicuously Posted

A conspicuously posted privacy policy can be satisfied in several ways but the main two options are as follows:

• Home Page – The privacy policy is posted on the home page or the first significant page after you enter the site; or
• Hyperlink – A hyperlink on the first web page links to the actual privacy policy. The hyperlink must contain the word “Privacy” in all caps and in the same or larger font than the rest of the font on that specific page. Alternatively, the hyperlink must be displayed in such a manner that any reasonable person would notice it.

The Privacy Policy Must Include

• The categorizes of PII that are being collected and if such information is being shared
• If the operator of the website maintains a method for the user to update or review its PII, this process must be disclosed to the user
• A description of the process by which material changes to the Privacy Policy will be made available to the users of the website
• Disclose how the operator responds to web browser “do not track” signals or other mechanisms that provide users the ability to exercise choice regarding the collection of personally identifiable information
• The effective Date of the Privacy Policy

Take Away – Review Your Website

The key takeaway here is that your PRIVACY POLICY must be clearly stated on the first meaningful page of your web site. Failure to do so can result in up to a $10,000 fine imposed by the Delaware Attorney General. Remember, what is great about a web site, not being tied to a specific location like the typical brick and mortar store, can also lead to greater exposure. You need to be cognizant of privacy policies for each state and in some instances an even broader GDPR approach (please click here.) may be required. Having said this, we recognize a state by state analysis may not be practical for your situation but there certainly is an approach that can be implemented. If you have any questions regarding this or any other aspect of your business, please feel free to contact us at Danziger Shapiro, P.C.

This entry is presented for informational purposes only and is not intended to constitute legal advice.

Last week on October 13 the Third Circuit Court of Appeals held that an employer must pay a non-exempt employee for all rest breaks of 20 minutes or less. This is nothing new and has been the law of the land under the Fair Labor Standards Act (FLSA) for quite some time. The FSLA was established in 1938 and established certain minimum living standard for workers such as minimum wage, time and a half and child labor standards. What is new under this decision is that the Court decided this is a bright line test and the facts surrounding each break period need not be looked at on a case by case basis. In other words, if the employer did not pay an employee for a 20 minute employee break, the analysis is over and the employer has violated the FLSA.

Employee Breaks – FLSA as a Federal Floor and State Laws

Employers are governed by both federal (FLSA) and state employment laws. Understand that the FSLA is a minimum standard, a floor, if your will, and that if a particular state has more stringent employee protection requirements, that state’s law must be complied with as well. The Department of Labor has a list that identifies (current as of January 2017) what each state requires under their employment laws regarding paid employee breaks. Click here for that state by state list.

Interestingly Pennsylvania and New Jersey are not identified on this list. Therefore, the 20 minute rule governs. Non exempt employees must be paid for breaks that are 20 minutes or less. Both states however have different rules when employees are minors. Not surprisingly both New York and California have state laws that far exceed the FLSA floor.

Damages for Violations of the FLSA

When an employer violates the FLSA double damages are awarded. This means that the employee is entitled to not only the time he or she was not paid, but also an additional amount called “liquidated damages” in the amount of the unpaid wages. Thus, “Double Damages”. There are defenses to the award of liquidated damages but this is beyond the scope of this post.

What this means for Employers

Employers should every once in a while conduct a wage and hour audit. This means not only should an employer review its wage and hour policies, but also understand how it works in the actual workplace. Employees must be paid for all time worked. For example, are factory workers being paid for the time it takes to get dressed or shower off after shifts? While this might seem like small exposure, consider the impact if this was brought as a class action and covered all workers employed over the past several years? Also, by doing away with a cases by case analysis approach, the Third Circuit eliminated one of the best defenses available to employers, namely that a class action is not appropriate because each case needs to be examined based upon its own individual facts.

Douglas Leavitt is an attorney with Danziger Shapiro and focuses his practice on guiding businesses with their daily operational needs. Please feel free to contact him or any of the other attorneys at Danziger Shapiro to discuss a business compliance issue or other concerns you have that affects you and your business.

This entry is presented for informational purposes only and does not constitute legal advice.

The recent Equifax data breach has been called the worst personal data breach in history. Over 143 million people have been affected. Experts are saying that is it safer to assume you were affected and take preventative measures immediately.

Data Breach Timeline

• Mid May – July 2017: The data breach occurred mid summer 2017. Information exposed includes social security numbers, birth dates, addresses.
• July 29, 2017: Data breach is discovered by Equifax.
• August 1, 2017: Three top Equifax executives sell their stock. Equifax asserts executives were unaware of data breach.
• September 2017: Data breach announced to public. Equifax sets up website to assist affected customers.
• September 8, 2017: Class Action filed against Equifax

Security Steps to Consider: Fraud and Freeze Alerts

If you believe you may have been affected by the Equifax data breach, set up a fraud and freeze alert. This is a 90 day alert that ensures (hopefully) that anytime someone tries to use your information, the credit reporting agencies are notified. You do this by contacting one of the three main credit watchdog agencies (Transunion (800-680-7289), Experian 888-397-3742 and Equifax (888-766-008). This is a free service.

A freeze alert ensures that no new accounts are opened in your name. Once this is requested, the credit reporting agencies will send you a letter with a PIN. You will need to use the PIN when you want to open a new account. There is a small fee associated with this service.

Monitor your accounts for unusual activity. Regularly check your accounts and stay on top of things. Sometime the simplest and most common sense approach is the best.

Take Away

Unfortunately the take away here is that data breaches are now a common occurrence and we all need to be aware and take steps to reduce our exposure and response time. Consider two-step authentication for all of your accounts and never use the same password across your accounts are great starts. Douglas Leavitt is an attorney with Danziger Shapiro and focuses his practice on guiding business with their daily operational needs. Please feel free to contact him or any of the other attorneys at Danziger Shapiro to discuss how this new change will affect your business or any other issue you may have that concerns you and your business.

This entry is presented for informational purposes only and does not constitute legal advice.

The I-9 form is used by employers to verify both the identity and eligibility of individuals for employment in the United States. The new form goes into effect on September 18, 2017. You can download a copy of the new I-9 form by clicking here. From now through September 17, 2017, both the new form and the prior version are acceptable. After September 18, 2017, only the new form is acceptable.

Whats New in the I-9?

The new I-9 is virtually identical to the November 2016 version. The new form requires that it be completed on the “first day of employment.” The current form states that it must be completed by the “end of the first day of employment” While this may seem insignificant it most likely was changed in response to questions arising when an employee’s first day covers two days (night shift). With the new change, there is no longer any question on when this form must be filed. Another change was updating the form to reflect the change of the Office of Special Counsel for Immigration-Related Unfair Employment Practices to its new name: Immigrant and Employee Rights Section.

Where to File the I-9

Please remember that employers do not file the I-9. For a quick refresher on an employer’s responsibilities, sanctions for noncompliance and discrimination pitfalls, please click here for my January 2017 post.

Douglas Leavitt is an attorney with Danziger Shapiro and focuses his practice on guiding business with their daily operational needs. Please feel free to contact him or any of the other attorneys at Danziger Shapiro to discuss how this new change will affect your business or any other issue you may have that concerns you and your business.

This entry is presented for informational purposes only and does not constitute legal advice.

This week I reviewed three Non-Disclosure Agreements and was surprised when two of the NDAs were silent regarding employee solicitation. Working with clients over the years I have found that in virtually every successful company, it is almost always the employees, along with the technology, that are among the most valuable assets that need protection. Yet in the deals my clients were exploring, these valuable assets were not protected, or at least would not have been protected had my clients not shared the NDA with me before signing. First however, I want to take a step back and discuss why the NDA (also called a Confidentiality Agreement) is used, and identify common NDA scenarios.

Protect Confidential Information

There are many situations where a business will need to share confidential information with employees, another business, potential investors or consultants. Confidential information frequently includes trade secrets, formulas, data, customer pricing and the like. However, when confidential information is shared, it must be also be protected. This means that confidential information is shared in a controlled manner such that the receiving party cannot use the information to its competitive advantage without the consent of the disclosing party. For Example, if a competitor is considering whether it wants to acquire your business or make an investment and in its review of the information you provide your competitor will gain insight into how you produce similar products cheaper. Without any protections in place, what would stop your competitor from using this information for its own competitive advantage? Your sources and methods must be protected. This is accomplished through a carefully drafted Non-Disclosure Agreement.

Common Non-Disclosure Agreement Situations

A Non-Disclosure Agreement is commonly used when:

• Sharing financial information, key vendors and other information to potential equity investors or prospective buyers of your business.
• Allowing employees access to confidential and proprietary information – Click here for a recent example of where a Teva employee violated the terms of her confidentiality agreement.
• Presentations of new products to potential customers.
• Your vendors have access to your sensitive information.
• Your clients may require the other businesses you engage (your subcontractors or professionals retained by you) with be bound by NDAs similar to the one between you and your client.

Employees as a Protected Asset

Turning back to what surprised me, two of the NDAs I reviewed this week failed to treat employees as protected assets. Employees are perhaps one of, if not the, most valuable asset to any organization. “Your company is only as good as your employees”, is not an uncommon sentiment shared by many of the top organizations around the world. Why would you not protect them? How does this come into play you ask? Simply stated, the investor that is considering making a sizable investment into your tech company will want not only to review your work papers, but also discuss them with your key employees. How does this technology work? What are the hidden dangers? What are the challenges? How do you plan to overcome these challenges? What happens if the prospective investor decides that he doesn’t want to invest in your business but makes a job offer to your key employee? This can be disastrous. Thus, an NDA must protect your employees through an appropriate non-solicitation clause.

Other NDA Considerations

There are many other concepts that need to be considered before you sign an NDA as well. For example, the definition of “Confidential Information”, term limits, key contacts, prior knowledge, disclosures to authorities, injunctive relief and document destruction come to mind. These considerations are just as important as protecting your employees through non-solicitation clauses. If you have any questions regarding a NDA that has been placed before you, or want to develop an NDA for future use, or any other aspect of your business, please feel free to contact us at Danziger Shapiro, P.C.
This entry is presented for informational purposes only and is not intended to constitute legal advice.

The General Data Protection Regulation, more commonly known as the GDPR, replaced an inconsistent country by country approach to how companies were required to handle the personal data of European Union (EU) residents. The EU Parliament approved the GDPR last month and all companies, including US companies, must be compliant by May 25, 2018 or face heavy fines that can be up to 20 million euros or 4% of a company’s prior year world-wide revenue, whichever is higher. This is not a typo. Now that I have your attention, let’s break the GDPR down to 2 important questions.

Does my US business offer goods or services to EU residents? If the answer is yes, you are subject to the GDPR.

First, what is a EU resident? A EU resident is any individual that resides in any of the 28 member states that form the EU. This applies to anyone who resides in the EU. Citizenship is NOT required. Second, there is no requirement that the company offering the goods or services be located in the EU. All that is required is that the individual resides in the EU. The GDPR focuses on the EU resident, known as the “data subject” and not the “data controller”. Consider the following, does your company have a website? If your website collects data from a EU resident you fall under the purview of the GDPR regardless whether you have a physical business location in the EU or any business transaction was consummated between your business and the EU resident. The mere surfing of a Pennsylvania business’s website by a EU resident makes your business subject to the GDPR.

Does my US business monitor the behavior of EU residents? If the answer is yes, you are subject to the GDPR.

Does your business engage in tracking or profiling the behavior of EU residents such that it uses such data to make business decisions or predict personal preferences of EU residents? Stated a bit clearer for the non tech savvy individual, have you ever wondered why or how ads seem to pop up that relate to items you had recently searched? This practice is covered under the GDPR.

Key Points of the GDPR

1. Consent

The GDPR requires that consent to the collection of data be given by a clear and affirmative act that is specific, informed and unambiguous. Silence or inactivity will not be considered consent. Consent can be shown by a “data user” clicking on a box that has not been prechecked that sets forth your consent in clear and unambiguous language.

2. Data Protection Officers

The GDPR requires data privacy officers be appointed at companies under certain circumstances. For example, if the company is involved in the public sector, has more than 250 employees or the company’s core business involves processing operations that require active monitoring. These data protection officers must be experts in the data protection field.

3. Data Breach Notification

As soon as your company becomes aware of a data breach, the EU supervisory authority must be notified within 72 hours of the breach. The EU resident affected by the breach must also be notified immediately if the breach involves the possibility of identity theft or fraud, physical harm, significant humiliation or damage to ones reputation.

4. Privacy Notices and Other Rights

The GDPR requires that certain disclosure are made in a privacy notice. While some disclosures such as the identity of the privacy officer, the purposes of data collection and the categories of the potential recipients of the collected data are not new, other rights are certainly new. For example, a EU resident now has the right to object, obtain the information collected about them, erasure and even correction and other rights not mentioned here.

Take Away – Compliance Deadline is Fast Approaching

The key takeaway here is that the May 25, 2018 compliance deadline is fast approaching. With unbelievably high fines available, affected EU residents are now empowered to go after US business that do not properly protect and/or collect their personal data. US companies will not be able to hide their heads in the sand merely because the affected individuals are across the pond. Meaningful enforcement penalties are available to EU residents. US companies need to take action now to understand how their business might be impacted by the GDPR and take corrective action now before GDPR compliance is required. For information in general on the GDPR click here. If you have any additional questions regarding this or any other aspect of your business, please feel free to contact us at Danziger Shapiro, P.C.

This entry is presented for informational purposes only and is not intended to constitute legal advice.

Potential clients frequently ask me why they should not buy contract forms online or from an office supply store. Why pay for an attorney when I can buy a legal form for a nominal fee? I understand the inclination to go online because its entirely at your convenience and it is undoubtedly cheaper. However, this comes at a potentially high cost. Legals forms do not always comply with all legal requirements for a given industry and location (federal, state and local). The danger you expose yourself to by avoiding working with a lawyer is the unknown. It is the risks you don’t realize you are taking that frequently come back to bite you the hardest. I am writing this blog today as a cautionary tale why such forms should be avoided because of a recent conversation I had with a potential client.

The Form Office Lease

Last week a potential client came into my office with a complaint that a former tenant had recently filed against him. The tenant claimed damages against the landlord because the lease did not comply with the Philadelphia Lead Disclosure & Certification Law. This law applies to any dust, dirt/soil, paint, and as of March 1 pipes that drinking water may pass through. If the allegations set forth in the complaint are true, the landlord will have to refund all rents received during the rental period, pay for his tenant’s attorneys’ fees and other fines up to $2,000. The landlord in this case thought he followed all of the rules. He even showed me the lead based paint disclosure form that came with his form lease. Unfortunately, Philadelphia has very specific requirements concerning lead disclosures for buildings that were built prior to 1978. Moreover, not only are there requirements for what has to be disclosed; but the manner in which disclosures must be made are also regulated by code. In fact, this is such a prevalent problem in Philadelphia because it is such and old city that it has an excellent publication on this topic. Click here for Philadelphia Landlord’s Guide to Lead Disclosure. While, the form lease that was purchased at the chain office supply store might have complied with Pennsylvania state law, it did not satisfy the Philadelphia Code and this will be an unfortunate and expensive lesson for this landlord.

Advice From Lawyer Can Avoid Dangerous and Costly Business Practices

During the course of our meeting, I recognized this landlord had many other dangerous business practices that could have been avoided if he had simply met with a lawyer before he embarked on his career as a landlord. However, the landlord to be just did not know what he did not know. For example:

Philadelphia Facade Ordinance

• If your building is more than 6 stories tall and located in Philadelphia, your building’s facade is subject to an initial inspection and thereafter a follow up inspection every 5 years. This local ordinance applies not to facades but also to to all buildings six or more stories in height; all buildings with any appurtenance in excess of sixty feet in height; and any building, other than one or two-family dwellings, greater than two stories located in specific areas.
• This landlord’s three unit brownstone was covered by this ordinance but I could tell from our conversations that no effort to comply was made. This wasn’t because the landlord was trying to avoid his legal obligations. No, rather it was simply just not being aware of what his responsibilities under the law required. This time, it was once again a local ordinance, as opposed to a state or federal law that was being violated. There is no way any form legal agreement purchased at an office supply store or online can protect you from what you do not know because you don’t have the opportunity to ask questions to a living person and the lawyer who drafted the agreement you are purchasing is not involved in the process.

Employment Application Forms

Another form that business owners repeatedly get into trouble with is relying upon store bought employment applications. In today’s legal environment, these forms need to be updated regularly. Consider in Philadelphia alone you can no longer inquire on the application if your applicant has a criminal record (effective March 2016) or what they were being paid at their current job (will become effective April 2017) . A recent corporate client asked me to review its employment application and his store bought forms did not comply with either Philadelphia specific legal requirement. In reviewing his other store purchased form we told him the restrictive covenant in its employment agreement was also not enforceable because it was too broad and that the manner in which it was implemented with respect to current employees was also an issue that prevented enforcement.

The attorneys at Danziger Shapiro, P.C. are available to assist you in connection with preparing or reviewing your transaction documents. An ounce of prevention is a good investment to make sure the agreements you are using will actually work and accomplish what you want to achieve. Please call us for a consultation to discuss your concerns. We look forward to hearing from you.

This entry is presented for informational purposes only and is not intended to constitute legal advice.

The American Rule

In the United States, each party is responsible for its own legal fees. This is known as the “American Rule.” In other countries, the U.K. for example, the loosing party is responsible for the winner’s legal fees. This critical difference in approach to the general legal framework explains why litigation in the United States runs amuck as compared to our British counterparts. New Jersey however has an oft forgotten procedural rule that when used properly turns the “American Rule” on its head and effectively makes the losing party pay for the winner’s attorney fees if certain conditions are met.

Attorney Fees in NJ

A Typical Situation

In NJ, litigants are responsible for their own attorney fees and costs associated with their own case. Therefore, every plaintiff has presumably made an economic analysis before filing his case that the costs (legal fees, costs of litigation ) associated with bringing the lawsuit are much less than the anticipated upside of winning his case. Similarly, the defendant has also made a determination that the cost of settling the case is too high when compared to the cost of prevailing on the merits of the case. In other words, it will be cheaper in the long run to pay my attorney and successfully defend the case than to just pay the plaintiff what he or she is asking. But what if each party had to consider paying the legal fees and costs of the other?

How the Offer of Judgment changes everything

In NJ if a litigant serves an Offer of Judgment on an opposing party for a specific monetary amount and the other party refuses, the refusing party may be responsible for all of the other party’s legal fees and costs incurred after the Offer of Judgment was made. Let’s take a closer look.

• Timing and Manner of Making and Accepting Offer — Any party may serve on the other party an Offer of Judgment so long as it is served at least 20 days before the actual trial date. The offer is not valid unless it is for a specific dollar amount. In addition, the issues set forth in the case must only be monetary in nature. If this is not the case, the Offer of Judgment rule does not apply. Acceptance of an Offer is made by filing an Notice of Acceptance with the court. This must be done on or before the 10th day before the actual trial date or another Offer is made. If a party makes another Offer, the previous Offer is deemed withdrawn. The making of a counter-offer by an adverse party does not make the initial Offer deemed withdrawn.
• Consequences of Not Accepting Claimant’s Offer — If the Offer of a claimant is not accepted and the claimant obtains a monetary judgment at trial that is 120% of the Offer that was NOT accepted, then the Claimant is entitled to, in addition to the monetary award he or she won at trial: all reasonable litigation expenses incurred after the offer was made plus interest at the rate of 8% per anum and all reasonable attorney’s fees incurred in connection with collecting on the judgment.
  • Example — Claimant makes an offer of $1,000 and the offer is rejected. If the plaintiff is awarded the sum of $1,200 or greater, the defendant will be responsible for the plaintiffs attorney fees, interest and costs of collection as set forth above.
• Consequences of Not Accepting Offer Made By Party Not a Claimant — If a party who is not a claimant makes an offer (the defendant for example) that is not accepted and is deemed to be “favorable” under the Offer of Judgment rules, then the party not a claimant is entitled to all of the remedies the claimant is entitled to as set forth above. A favorable outcome is defined as an amount that is 80% of the Offer or less.
  • Example — Defendant makes an offer of $1,000 and the offer is rejected. If the plaintiff only receives an award of $800 or less, the plaintiff , even though he may have “won” the case, will still be responsible for paying the plaintiff’s legal fees.

Take Away

The take away here is that the Offer of Judgment Rule was designed to force litigants to take realistic looks at their cases and properly evaluate what they are worth. The failure to do this if an Offer is made can be disastrous when you factor in not only attorneys’ fees but the costs of experts as well. Judges have very limited, if any, discretion if this rule is invoked. If invoked, fees and costs must be awarded if made timely. The only discretion is that the attorney fees must be reasonable. Please feel free to call any of the attorneys with Danziger Shapiro, P.C. to discuss your case and other issues affecting you or your company.

This entry is presented for informational purposes only and is not intended to constitute legal advice.