- Guard Those SSNs With Your Life!
- Zero Tolerance for “Zero Tolerance” Policies
- Six Ways to Get Yourself Sued
- Internet Applicant FAQs
- Corporate Counsel Work-Life Balance Award
- Constangy Chooses First Slate of "Diversity Scholars"
Departments:GUARD THOSE SSNs WITH YOUR LIFE!
by Kelli Pushman
Don’t play fast and loose with Social Security numbers.
One of the hottest trends in legislation right now is “privacy” and “identity theft” regulation. Federal courts now require that documents be filed with personally identifying information, such as SSNs, redacted. The federal government and a number of states have enacted statutes to force business — including but not limited to employers — to handle this type of data much more carefully than may have been done in the past.
Speaking of the past . . . a little history lesson may be in order. In 1936, during the Great Depression, the United States government began the Social Security program to provide pension and disability benefits to Americans. These things called “Social Security numbers” were necessary to identify Americans and to provide them with the benefits of the program. Because there had never been a standardized identification system before, SSNs quickly became an all-purpose means of identification, and confidentiality immediately became a concern. But President Franklin D. Roosevelt reassured the public, “Only you and the Social Security Administration will ever know your private Social Security number.”
(Sigh.) OK. No doubt, FDR meant well. As most readers know, over the years Social Security numbers were used for voter registration, driver’s licenses, college IDs, tax records, employment applications, and medical records. “Cool” people even used to have their Social Security numbers printed on their personal checks. And nobody thought a thing about it. The times, they surely have a’changed.
Even in the innocent “analog” days of gas shortages, disco, platform shoes, and paper, Congress enacted the Privacy Act of 1974, which required the federal government to take certain steps to protect the privacy of Social Security numbers. But apparently no one at that time envisioned the need for private businesses to take similar precautions.
That was then; this is now. Now we have computers and the internet. Hackers break into on-line retailers’ websites and get access to customers’ credit card and Social Security information. Identity theft — using another person’s Social Security number to obtain credit and make purchases — is one of the hottest crimes of our era. And then we have the fear (not yet realized . . . we hope, anyway) of Big Brother using our SSNs to invade our privacy. And global positioning systems in our cars, and microchips embedded in our skin, and fluoride in our water, and, and . . . !
We’ll stick with identity theft, which no one disputes is a serious problem. In 2004, the Federal Trade Commission received more than 635,000 complaints of consumer fraud and identity theft. These complaints involved losses of more than $547MM.
Also in 2004, the Supreme Court left undisturbed a finding from a lower court that the U.S. Department of Labor violated the Privacy Act of 1974 by including black-lung claimants’ SSNs on hearing notices, intake forms, and motions for summary judgment sent to the claimants, their employers, and the attorneys. (The Court did, however, find that the claimants were not entitled to monetary awards in the absence of evidence of actual damages.)
Last June, the federal FACT Act disposal rule went into effect for private entities, including employers. The rule, promulgated by the FTC, requires that individually identifiable consumer information be disposed of in a secure manner. In the case of paper documentation, this includes shredding, pulverizing, or incinerating such records. In the case of electronic documentation, this includes electronically obliterating the records from hard drives or disks. (For more information about the FACT Act disposal rule, please see Constangy’s Client Bulletin dated May 20, 2005.)
States are cracking down, too. In 2005, the states of Arizona, Arkansas, Connecticut, Illinois, Maryland, Michigan, Missouri, New Jersey, North Carolina, Oklahoma, Texas, and Virginia enacted statutes designed to protect individuals’ Social Security information. Maine and New Mexico have enacted laws that will take effect this year. Minnesota has enacted a statute that will take effect in 2007.
So, what should an employer do? It is impossible for an employer to avoid using SSNs — otherwise, the employer would be unable to withhold taxes or FICA, or pay its share of the FICA, and presumably W-2’s would get lost deep somewhere in the bowels of the Internal Revenue Service. But here are some safeguards that employers can and should take to protect employees’ Social Security information — and some of the safeguards are quaintly low-tech:
- Create original “codes” to use in lieu of SSNs for general employee identification purposes.
- In general, don’t include employees’ SSNs on documentation unless absolutely necessary.
- Keep employee files that do contain SSNs in secure, locked locations with strictly limited access. One employer had a rash of identity thefts after a human resources assistant stole SSNs the old-fashioned way — by getting them out of paper personnel files. Another employer was sued after a management employee left a stack of employee documentation in a workplace restroom.
- Related to the above point, be very careful in screening applicants for positions in Human Resources and Payroll. Criminal background and credit checks are strongly recommended, and not just for management. Clerical employees in these departments should be checked out every bit as carefully.
- If your employee is having to work on documents that contain SSNs, make sure he or she puts everything back in the secure area before going to lunch, taking a break, or going home at the end of the day. Arrange the worksite so that it is in an area of limited access. A private room with a door is ideal. If that isn’t possible, at least make sure the desk where the employee works is in as remote a location as possible. Do not let employees work on such information at home. If you have an employee giving out SSNs over the telephone (for example, when verifying Social Security numbers on new hires to ensure that they are legally authorized to work in the United States), make sure the telephone is in a private location where the employee will not be overheard.
- When e-mailing information that contains employee SSNs, encrypt or password-protect the e-mail, and send the encryption key or password in a separate e-mail.
- When disposing of paper documentation that contains SSNs, use one of the methods listed in the FACT Act disposal rule: shred, pulverize, or incinerate. If you use a contractor to destroy documents, make sure the contractor is aware of the FACT Act and in compliance.
- When disposing of old computers, be sure that any information on the hard drives has been obliterated. (NOTE—”Deleting” it does not do the trick.) Destroy old floppy disks and CDs in a secure manner. When in doubt, consult with your IT professionals to make sure that your proposed method of destruction really erases the information for all time.
- If a security breach occurs despite all your efforts, notify the affected employees immediately, and the rest of your employees immediately after that. Cooperate with law enforcement, and proactively keep employees informed as to the status of the case. Assist the affected employees in any way possible as they deal with the complications created by the thefts of their identities. Even if you think you have done everything possible to protect employees, do a “20-20 hindsight” audit of your security measures to make sure there was not something you missed. (Obviously, if you find a problem, correct it as soon as possible.) Pay for the employees, even the unaffected ones, to get copies of their credit reports. In short, do everything possible to let the employees know that you are on their side.
The above may seem excessive, but we expect to see a dramatic increase in litigation where businesses are accused of failing to take reasonable steps to protect SSNs. Taking these steps will go a long way toward preventing breaches or — in the event that breaches occur — resulting in a finding that your company was not at fault.
Kelli Pushman (Macon, GA) practices in the areas of employment litigation prevention and defense, and workers’ compensation defense.
According to a recent study, nine of the top 10 class action settlements in 2005, for employment cases involving private plaintiffs, involved lawsuits over employee benefits or overtime exemptions. No big surprise there.
Here are the most-frightful five settlements:
- An ERISA lawsuit, in which IBM instituted a “cash balance” pension formula that allegedly violated ERISA’s prohibition on age discrimination because the formula resulted in reduced benefits for older employees. Settlement amount: $314 million, and possibly as much as $1.4 billion.
- A lawsuit in which State Farm Mutual Automobile Insurance Co. allegedly misclassified its claims adjusters as exempt from the FLSA overtime requirements. Settlement amount: $135 million.
- Another overtime-exemption lawsuit, alleging violations of the FLSA and applicable state laws, involving claims adjusters at Allstate Insurance Co. Settlement amount: $120 million.
- An ERISA lawsuit brought by temporary employees at Microsoft over payroll and benefits practices. Settlement amount: $97 million.
- An ERISA suit alleging that Royal Dutch/Shell breached its fiduciary duty with respect to various retirement plans. Settlement amount: $90 million.
The Class Action Fairness Act allows defendants to remove class actions to federal court if (1) any defendant and any class member are from different states; (2) the class has more than 100 people; and (3) the aggregated amount in controversy exceeds $5 million. To get around the Act and keep their lawsuits in state courts, plaintiffs’ lawyers are filing multiple “mini” class actions in different states (to defeat diversity and keep the class sizes below 100), and seeking less than $5 million in damages.
In this litigation climate, employers should be sure that their benefits plans and plan administration are consistent with the law. They should also review any jobs in FLSA “gray areas,” and make sure that their exemption classifications are consistent with the FLSA and with applicable state laws.
Robin E. Shea, Editor—Winston-Salem, NC
“Zero tolerance” policies are popular among employers trying to end unlawful harassment, drug use, violence, and other egregious behavior in their workplaces. Such policies do have the benefit of being black-and-white, easy to apply, and non-discriminatory.
But is “zero tolerance” too much of a good thing? It could be — at least, if you really mean it.
Certainly there is nothing wrong with having a policy that certain types of behavior will result in termination — no ifs, ands, or buts. For example, no one would lose sleep over an employee who was immediately terminated for threatening to kill a co-worker. Or, would they?
The trouble with “zero tolerance” policies is that even a seemingly clear-cut threat such as this may be anything but. It may help to view “workplace threats” (or harassment or, possibly, even drug use) on a continuum, with “Not Threatening at All” on one end, and “Very Threatening” at the other. At the “Very Threatening” end, there are employees who say they will kill their co-workers and really mean it. Perhaps midway is the “hothead” employee who says such things in anger but in 25 years with the company has never hurt a fly and isn’t taken seriously by anyone who knows him. On the “Not Threatening at All” end is the employee who says in fun, “I’m gonna kill you!” any time he or she is mildly inconvenienced and may even be smiling or laughing when saying it. Should all three of these cases really be treated alike? They are all “threats,” but they are clearly not “equal.” Fire the first employee? Absolutely. The second? Maybe a reprimand or counseling to be careful about his speech, but termination seems excessive. Fire the third? What, are you kidding?
Some public school systems have not received this message, and they have been objects of ridicule as a result. Private employers should learn from their experience. Consider the following:
- A third grader in Alabama was suspended from school for five days for violation of the school’s substance abuse policy when he took a purple multivitamin with his lunch.
- A twelve-year-old boy in Texas was suspended for violation of the school’s sexual harassment policy. His offense? Sticking out his tongue at a girl who declined to be his girlfriend. And a little kindergarten boy in North Carolina was suspended for sexual harassment after he kissed a little kindergarten girl.
- Four kindergarteners in New Jersey were suspended after they violated the anti-violence policy by playing “cops and robbers” during recess and using their fingers as “guns.”
It’s not just schools who have trouble with “zero tolerance.” Most employers will remember the “Seinfeld case” from the 1990’s, in which a male employee discussed the previous night’s episode, involving a character whose name rhymed with a female body part, at the office water cooler. A female co-worker was offended and reported him, and he was fired. He sued his employer and won a verdict for $26.6MM. Assuming the female really was offended by the conversation, should this man’s behavior have been “dealt with”? Most definitely, but terminating his employment would strike most people as excessive.
So, it’s all right to keep those “zero tolerance” policies as long as everyone understands that they don’t mean that anyone who commits a violation, no matter how trivial, will receive the ultimate sanction. A “zero tolerance” policy should never prevent you from exercising your judgment and common sense:
- “Zero tolerance” should never mean that you can’t retain an employee whom you found to be innocent, or against whom there was insufficient evidence of wrongdoing.
- “Zero tolerance” should never prevent you from electing to discipline rather than terminate an employee if the violation was relatively trivial.
- “Zero tolerance” should never prevent you from refraining from discipline at all, where the violation was really trivial, inoffensive, or in jest and understood as such.
- “Zero tolerance” should never prevent you from making an exception where a reasonable accommodation for the employee’s disability or religion is appropriate.
There is an old cliché that one should never say “never” and always avoid saying “always.” But a prudent employer will never apply a “zero tolerance” policy mechanically, and will always exercise sound discretion and judgment based on the circumstances of the case. Zero tolerance for “zero tolerance” policies! (The strict kind, anyway.)
John Critchfield (Macon, GA) practices in the area of employment litigation prevention and defense, and workers’ compensation defense.
JOHN CRITCHFIELD (Macon, GA, worker’s compensation and employment litigation) received his bachelor’s degree in biology from Wofford College and his law degree from Samford University’s Cumberland School of Law. Before attending law school, John worked as both a microbial geneticist and an environmental chemist. John is Treasurer for the Georgia Employers’ Committee and Treasurer for the Macon Younger Lawyers Division. He also serves on the board of the Crisis Line and Safe House of Middle Georgia and is a member of the Sons of the American Revolution. He was also voted Sertoma’s "Man of the Year" in 2002-03. John loves canoeing, hiking, and almost anything that allows him to be outdoors. He has also toured Poland and Ukraine as an "Ambassador" for the Rotary Club of Macon. John is engaged to be married in July.
CAROL HAWKINS (Atlanta, GA, labor relations and employment litigation) received both her bachelor’s degree in political science and her law degree from Loyola University of Chicago. Carol was born in Port-au-Prince, Haiti, to Jamaican parents and grew up in Kingston, Jamaica. While there, she worked as a Spanish Interpreter and Consular Secretary at the Venezuelan Embassy. Before joining Constangy, Carol was an Assistant States Attorney in Cook County, Illinois; counsel for the United Steelworkers of America; with a private law firm; and in-house employment counsel for an Atlanta bank. In 2002, Carol received an Outstanding Achievement Award by Fleming Companies for labor relations. When she is not practicing law, Carol enjoys cooking, traveling, entertaining friends and spending time with her 14-year old son, Christian.
RICK BROWN (Birmingham, AL, labor relations, and employment and administrative law) received his bachelor’s degree with honors in business administration from Auburn University, and both his masters’ and law degrees from the University of Alabama. Before attending law school, Rick worked in labor and employee relations for Union Camp Corporation. Since joining Constangy, Rick has negotiated collective bargaining agreements, and handled union organizing campaigns and decertification efforts, in the manufacturing, automotive, transportation, health care, financial services and food service industries. Rick and his wife, Joy, have three grown children and one middle-schooler. When he is not working or spending time with his family, Rick enjoys gardening and collecting specialty automobiles.
JENA TARABULA (Atlanta, GA, labor relations, and employment litigation prevention and defense) received her bachelor’s degree summa cum laude in international affairs from Georgia Tech and her law degree cum laude from Georgia State University. Before joining Constangy, Jena worked as a clerk for the Southeastern Legal Foundation and as an intern in the Dekalb County District Attorney’s office. Jena is an avid sports fan (especially of the Braves and NFL football). In fact, her literature partner in college was Heinz Ward of the Pittsburgh Steelers. Jena was also a classical ballet dancer for 15 years and still loves the ballet along with wine tasting, fishing, and traveling with her husband, Isaac.
RUPESH PATEL (Jacksonville, FL, labor relations, and employment litigation prevention and defense) was born in London, and his family moved to Jacksonville when he was five years old. He received both his bachelor’s degree in business administration and finance, and his law degree cum laude from the University of Florida. Before joining Constangy, Rupesh worked as an intern at the Office of the General Counsel for the City of Jacksonville. He is a life-long vegetarian and an avid sports fan, especially of college football and NASCAR, and also enjoys playing basketball, tennis, and volleyball. His other interests include real estate, business, and the stock market. When he is not practicing law, Rupesh enjoys reading and traveling with his wife, Krupa.
Many employers get sued, not because they did anything illegal, but because their poor management practices invited employee lawsuits. Here are the top six employer actions or omissions that lead employees to believe that litigation is their only recourse.
No. 1: Tolerate poor performance, and then abruptly fire the employee when you’ve had enough. When an employee is suddenly discharged for unsatisfactory job performance after receiving consistently positive appraisals, she tends to suspect (understandably) that there is an ulterior motive for the termination — such as discrimination, retaliation, or some other unlawful motive.
No. 2: Don’t explain now; explain later. Employers who fail to offer any explanation for their employment decisions frequently end up explaining anyway ...to a judge or jury. Employees do not assume that “no news is good news.” To the contrary, they usually view silence as a sign that there was no legitimate explanation for the decision. And the impact of employer silence on the employee rumor mill should go without saying.
No. 3: Don’t let little things like policies and procedures get in your way. Deviation from an established policy or procedure usually makes employees feel that they’ve gotten the shaft. Once you break your rule, you set a new precedent unless you’re very careful (see No. 4).
No. 4: Slavishly follow your policies and procedures to the letter in every instance, regardless of your common sense and sense of fairness, no exceptions, ever. Normally, it’s best to follow your policies and procedures. However, sometimes you may get into trouble for being too rule-bound. For example, “reasonable accommodation” may legally require you to make exceptions to your normal rules. Moreover, you generally should feel free to exercise your good judgment when a rule seems too harsh when applied to a given situation. To protect your company from claims of discrimination, be sure that you have carefully documented the reasons for the exception, and apply the same exception to comparable situations that arise in the future.
No. 5: Blow off those silly internal complaints! Employees who believe their work-related complaints have fallen on deaf ears feel compelled to take their complaints elsewhere — to a lawyer, a government agency, or a court. Even baseless complaints allow you to satisfy the employee’s desire to be heard, which can mean a lot. Most people will accept decisions they don’t like, as long as the rationale is explained to them (See No. 2).
No. 6: “Love means never having to say you’re sorry.” In fact, love does mean saying you’re sorry. Apologizing for employer mistakes, or employer-created hassles and burdens, acknowledges the employee’s dignity and is a sign of respect. This might run counter to what you’ve previously been told by attorneys, who used to warn that an apology was an admission of fault. They are right, but employees usually appreciate the acknowledgement and don’t take their grievances any further. A few tips: don’t apologize if you don’t mean it (the employee will always know if you’re extending a phony apology), and try to back up your apology with meaningful action if appropriate. If the offending situation cannot be corrected, at least continue to follow up as best you can. In most cases, you can apologize without compromising your company’s legal position or making unwarranted concessions.
Jill S. Cox (Winston-Salem, NC) practices in the area of employment litigation prevention and defense.
Our federal contractor readers may be interested to know that the U.S. Department of Labor has reorganized its Internet Applicant “FAQs” and added 32 new ones.
The full set of FAQs can be accessed at the following address on the USDOL website:
The new FAQs are clearly designated.
Some of the new topics addressed are whether contractors can use BOTs (robots) to screen for candidates who meet basic qualifications (ANSWER: normally, yes), whether an individual is an “applicant” when told by a recruiter to apply electronically for a position and the individual never does so (ANSWER: no), and whether contractors having “technical difficulties” can get an extension of the February 6, 2006, effective date of the rule (ANSWER: no).
Meeting work demands while making time for family and other personal needs has never been easy. Fortunately, many companies have recognized the problem and are taking steps to ensure that their employees achieve a balance between their work and personal lives. As an employers’ law firm, Constangy strongly endorses these efforts, finding that they not only reduce litigation and union activity . . . but, more importantly, also promote diversity, increase employee satisfaction, and are “the right thing to do.”
Thus, in recognition of its 60th anniversary, Constangy will present its first annual Corporate Counsel Work-Life Balance Award. The Award is designed to recognize an in-house legal department that has demonstrated an outstanding commitment to work-life balance. The winning department will receive a crystal trophy, and Constangy will make a $1,000 donation to the non-profit organization of the department’s choice.
According to a study sponsored by the National Association for Law Placement Foundation, more than 75 percent of supervised attorneys report having moderate to major problems in meeting their personal and health needs. More than 70 percent of the attorneys responding to the NALP study, In Pursuit of Attorney Work-Life Balance: Best Practices in Management, also reported having problems in handling family needs and household responsibilities, and in finding time for leisure activity.
“In-house legal departments are implementing a range of programs to help create an atmosphere that fosters work-life balance,” said Neil Wasser, Chairman of Constangy’s Executive Committee. “Initiatives include reduced-hours work arrangements, flexible career tracks and firm-sponsored fitness programs. We look forward to learning about other practices that companies have implemented in-house.”
To nominate your company’s legal department, go to www.constangy.com and click on “Award Nomination.” The deadline for nominations is Friday, July 28, 2006.
Constangy has awarded $2,000 scholarships to eight highly accomplished second-year law students as part of its inaugural Diversity Scholars Awards Program. This scholarship program was designed to recognize the achievements of deserving law students and help defray the considerable expense of law school, while helping to promote diversity in the legal profession.
The selection criteria for the scholarships, which are expected to be awarded annually, were academic achievement; commitment to diversity in the community, school or work environment; and personal achievement in overcoming challenges to reach their goals.
That’s why we get the big bucks. The U.S. Department of Labor Administrative Board dismissed an untimely Sarbanes-Oxley claim. The employee had tried to argue that his claim should survive because SOX was only a few months old when he was terminated, and his attorney hadn’t become aware of it yet.
What’s good for the hacker is good for the hackee. A plaintiff claimed that her supervisor sexually harassed her and hacked into her America Online e-mail account, stealing some e-mails. The employer requested production of the e-mails, but she produced versions that showed only the transmission history and no text. A magistrate judge in New York held that the plaintiff was required to give her employer complete copies of all the e-mails that were allegedly “hacked.” As employers struggle with electronic discovery issues, it might be some comfort to see that plaintiffs are having a hard time, as well.
You’ve gotta be kidding. An employee was fired for lying about an extramarital affair with his female subordinate. A federal court in Minnesota wisely dismissed his lawsuit . . . for sex and marital status discrimination.
We (HEART) Judge Weber. Federal Judge Herman Weber of Ohio dismissed a race, age, and retaliation case brought by an employee who copied other employees’ personnel files and gave the copies to his attorney. The plaintiff claimed that his work was “protected activity” under the Ohio anti-retaliation statute. No way, said the Judge: “Far from being entitled to protection under the law, plaintiff’s conduct was counterproductive, wrongful and a breach of his employer’s trust.”
AND REASON FLAILS…
Not a very nice employer (allegedly). Sometimes in “Reason Flails,” we cite cases — not because the judge made a bad decision — but because, in our opinion, an employer really blew it. In this case, an employer allegedly blew it — because the case hasn’t been tried yet, we don’t know for sure. A federal district judge in Delaware allowed a custodian’s claims under the Americans With Disabilities Act to go to trial. The custodian, who had cerebral palsy, partial deformities on one side of his body, and mental impairments, alleged failures to accommodate and to promote. The custodian presented evidence that a member of the hiring panel referred to him as “Rainman” and that another manager said it would be a waste of time to train him. (For more information about the boom in ADA claims from genuinely disabled people, please see “The ADA a Dead Letter? Don’t Bet the Rent!” in the Spring/Summer 2005 edition of Insights.)
But this employer seems to have gotten the shaft. The EEOC won an ADA verdict against FedEx in a federal court in Baltimore, receiving $8,000 in actual and $100,000 in punitive damages. The agency had sued on behalf of a “profoundly” (the EEOC’s adjective, not ours) deaf package handler who wanted a sign language interpreter, which FedEx did not provide. Presumably there would be significant safety issues involved with having a profoundly deaf employee working in a package handling area, with or without an interpreter. We hope FedEx will appeal.
Secretiva refuses to provide her Social Security number to her new employer, citing "privacy concerns." Her employer fires her. Secretiva sues. Does she win?
Not according to a unanimous panel of the U.S. Court of Appeals for the Second Circuit (Connecticut, New York, Vermont). The panel recently affirmed dismissal of such a lawsuit, in which the employee claimed that her employer violated her rights under a number of civil rights statutes and the U.S. Constitution. Among other things, she claimed that providing her Social Security number put her “in dire jeopardy of having her identity stolen.”
The panel found that she was not discriminated against because the employer’s policy of requiring SSNs applied to all employees. Moreover, the demand for her SSN “was also a necessary consequence of [the company’s] obligations under federal law.”
Constangy would expect courts nationwide to follow the Second Circuit’s sensible approach.