Your Employee Matters

At the end of September 2010 – and with little fanfare – the Department of Homeland Security and Immigration and Customs Enforcement (ICE) announced settlement of an enforcement action against Abercrombie & Fitch, the nationwide clothing retailer. This settlement is remarkable for several reasons.

The settlement amount is $1,047,110, which is an enormous monetary penalty in today’s economy. More shocking is the fact that this penalty is for paperwork violations only. There are no allegations that Abercrombie & Fitch employed illegal workers or otherwise violated immigration law. Instead, this penalty is solely for improper completion of I-9 forms.

The settlement results from a compliance audit initiated in November 2008. It’s common for ICE to take two years or more to conclude an I-9 paperwork audit.

The second surprise about this settlement is that the I-9 inspection involved the clothing retailer’s Michigan stores, and is apparently not the result of a nationwide compliance audit. The ICE press release states that the company “was fully cooperative during the investigation and no instances of the knowing hire of unauthorized aliens were discovered.” If that is the case, the agreed-upon penalty either reflects an enormous number of violations or very severe fines per violation.

Third, the violations uncovered during the inspection involved “numerous technology-related deficiencies in Abercrombie & Fitch’s electronic I-9 verification system.” This suggests that the company’s I-9 software vendor was negligent and failed to confirm that its software system achieved proper I-9 compliance or that the company was poorly trained in implementing and administering the electronic I-9 compliance program. In either case, this settlement serves as a wake-up call to all employers using electronic verification systems: Make certain the system ensures proper I-9 compliance and that you are using it correctly.

Even employers that don’t use electronic I-9 compliance systems should note the heavy fines imposed because of this investigation. The ICE press release confirms that the agency has implemented a new, comprehensive strategy to audit and investigate employers, and that this effort has resulted in a record number of civil and criminal penalties against employers. Now is the time to ensure that your compliance will survive an ICE investigation!

To obtain the free 14-step self-audit checklist, click here.

Article courtesy of Worklaw® Network firm Elarbee Thompson (www.elarbeethompson.com).

The June 2010 issue of INC Magazine featured an excellent article entitled “Learning from the Best,” by Lee Buchanan, which discusses strategies from the Top Small Company Workplaces winners and finalists. Here’s a brief summary of the article’s recommendations:

1. Engage in open-book management. No surprise there. I’ve been preaching this ever since Jack Stack published his Great Game of Business. We had an excellent Webinar on open-book management presented by Coach George from the Great Game of Business. According to the article, 83% of these companies practice open-book management. We do here at HR That Works. Everybody knows every number, including what everybody gets paid. When I do my Vistage presentations and ask CEOs using open-book management about their experience during the depth of the recession, they said they were first concerned that it would scare the employees and some would run off; however, just the opposite happened and employees were very glad to have open-book management. If you don’t have it, what are you waiting for?
2. Be flexible. 95% of companies offer flexible work arrangements.
3. Keep learning. In some of the companies, employees provide courses, usually in the evenings, to other employees. For example, the employees at Snag-a-Job teach finance fundamentals 101, HTML Basics, Peer Coaching, Texas Hold ‘Em, Goal Setting, and Women’s Self-Defense. If you’re an HR That Works member, there are more than 70 separate training videos that your regular members or management can watch at any time. Never stop learning.
4. Develop “Level 5” leaders. This term, coined by Jim Collins, talks about Level 5 leaders in terms of humility and inclusion.
5. Focus on orientation. See the Orientation Checklist on HR That Works. Make your orientation process more exciting, motivating, and presented in such a way that instantly builds rapport with new employees, as opposed to the opposite. I also encourage you to use the 60-Day New Employee Survey on HR That Works.
6. Add a little bit of sunshine. Companies help to lessen employees’ stress by allowing them to telecommute, and assist their parents or loved ones even if they’re not obligated to do so by the Family and Medical Leave Act.
7. Think inside out. The top companies focus on building a great culture which, in turn, can deliver great products and services – Southwest Airlines comes to mind. What are your company values? How do you define and celebrate them? How happy are your employees? In our Webinar on Happiness in the Workplace, the presenter offered a free analysis of your happiness level. Go to http://www.iopener.com/report to see how happy you are at work. I couldn’t be happier to say that my employees and I all scored very high on this index.
8. Help maintain employee health. Many small companies are entrepreneur driven. In my experience, if the CEO is a health nut, then so is the rest of the workplace. Savvy companies bring in ergonomics and wellness to help employees. Whether it’s concierge services, healthy lunches, or a wellness day off, there’s no substitute for a healthy workforce.
9. Finally, you can change a toxic workplace. In his book How to Turn Around a Toxic Workplace, Jeffrey Pfeiffer states that you can turn around a toxic workplace in four ways: 1) Let people make decisions, 2) Share the economic results either through profit-sharing or gain-sharing, 3) Share information, and 4) Invest in people. Sounds like a great summary of the article!

I’m an environmentalist. I’ve even hugged a few trees, but I don’t claim that they’ve talked back to me. I’ve also sat on environmental non-profit boards and ran a non-profit environmental agency. That was the three-year environmental phase of my career. Then I had to start making money again. But during this period I learned that companies can have a significant impact on the environment — and that HR and a volunteer team can spearhead this effort. Here are some basic guidelines that you can consider:

• Consider telecommuting – Do employees really have to spend the time, energy, and money to drive to work every day or can they be more effective working from home or from remote offices?
• Go paperless – I’m impressed by how many insurance agencies I work with have gone paperless.
• Encourage carpooling and public transportation – You might even help pay for some of the gas.
• Recycle – Paper, glass, and plastic should all be recycled. Take one good look at a local shoreline and you’ll understand why.
• Beware of indoor air pollution – For many people, the building they work in has more air pollution than any other environment. Indoor air inspections can help prevent sick days and attendant non-productivity.
• Turn off the lights and computers – I’m amazed at how many building keep the lights on at night, and you know the cleaning crew isn’t there any longer. Turn off your lights and turn off your computers.
• Think in terms of sustainability – Although this is a broader objective, focus on how you can manufacture things or deliver services in a way that produces less of an environmental impact. For example, I can do a webinar rather than flying across the country to speak.
• Finally, encourage employees to offer green suggestions – Perhaps it’s a rooftop garden, organic lunches, or supporting a local environmental cause.

Going green is important to all of us. Our current ways are unsustainable. Fact is, HR can make a green difference.

Medical Examinations. Requiring an employee to undergo a fitness for duty examination (FFDE) does not violate the Americans with Disabilities Act, if the employer has an objective, legitimate basis to doubt the employee’s ability to perform his or her duties. Under the ADA, an employer may require an employee to undergo medical testing only where the testing is job related and consistent with business necessity. In Brownfield v. City of Yakima, a police officer argued that the City violated the ADA by requiring an FFDE, after he had engaged in a number of emotional outbursts, without showing that his job performance had actually suffered due to any health problems. The Court disagreed, finding that requiring a “preemptive” medical examination may be permissible under the ADA. It cautioned, however, that the standard for establishing the validity of such a requirement is quite high – the employee’s behavior cannot be “merely annoying or inefficient to justify an examination; rather, there must be genuine reason to doubt whether that employee can perform job-related functions.”

The court ruled that The City of Yakima had a legitimate basis to doubt the plaintiff’s ability to perform the duties of a police officer. In coming to its conclusion, it used these words, which everyone should remember:

“We agree … that prophylactic psychological examinations can sometimes satisfy the business necessity standard, particularly when the employee is engaged in dangerous work. However, we must be keen to guard against the potential for employer abuse of such exams … Employers are prohibited from using medical exams as a pretext to harass employees or to fish for non-work-related issues and the attendant ‘unwanted exposure of the employee’s disability’ and the stigma it may carry … An employee’s behavior cannot be merely annoying or ineffective to justify an examination; rather, there must be genuine reason to doubt whether that employee can perform job-related functions.”

This case reassures employers that sending an employee for a fitness for duty examination will not violate the ADA if the employer has a reasonable belief that the employee is not capable of performing his job. Of course, the ADA’s requirement that a medical examination be consistent with business necessity is an objective one and the employer bears the burden of demonstrating this business necessity.

Religious Accommodation. The U.S. Court of Appeals for the Third Circuit held that a prison that prohibited female Muslim employees from wearing religious head coverings called khimars did not violate Title VII’s religious accommodation obligations. Under Title VII, an employer must provide accommodation for an employee’s religious beliefs and needs unless the accommodation would pose an undue burden to the employer. In EEOC v. The GEO Group, Inc., the Court credited the employer’s identified safety and security risks associated with the wearing of head coverings in prison: Smuggling of contraband, interference with identification of the wearer, and the potential use of the head covering as a strangulation weapon. This case demonstrates that an employer’s position in refusing a religious accommodation is stronger where significant safety concerns exist.

NLRB Decisions. The Supreme Court ruled that the National Labor Relations Board was not authorized to issue decisions during the more than two years that three of its five seats were vacant. The NLRB has compiled a list of the 595 decisions issued by the two-member Board. Most of the cases were already closed under the Board processes or are at some point in compliance proceedings; the remaining open cases were returned to the Board for reconsideration by at least three members. The Board has just begun to issue rulings on those cases.

Courtesy of Shaw Rosenthal (www.shawe.com).

You just might be lucky enough to hire or manage employees that want to help improve the company. How you handle their ideas greatly impacts the future of your relationship. Mishandle this conversation, and you’ll pay the price. Here are some approaches that won’t burn bridges:

• Sounds interesting; keep talking so I understand this better.
• Where did this idea take root? Anyone else involved? What got you to this point?
• How will this help the company meet its vision, mission or goals?
• What assumptions are you making and how do they factor into your idea?
• Why are you so excited about it?
• If it worked the way you envision, what would it look like?
• If we were to pursue this idea further, what would be the next step?
• What needs to change if this is going to work?
• What impact can it have on the bottom line?
• I like it. How would you like to fill out this Great Idea Form so we can study the idea further?

I read some interesting research in Scientific American on how touch affects how people feel. It turns out that “everything we think is somehow tied to the physical experiences we have.” These experiences fall into these categories: Weight, texture, and hardness. For example, weight itself implies that something is more important. People who simply held a heavier clipboard rated job candidates as better and more serious about a job. Similarly, people who handle rough textures before observing a social scene rated it as more harsh; and even sitting on a hard chair made people less likely to veer from an original offer in negotiating with a car dealer. Across the board, there was about a 25% difference in how people behaved when given something heavy, rough, or hard.

The researchers concluded that understanding these tactile effects presumably would give you the upper hand. So, can you use this understanding in management or sales? To begin with, if I wanted to have a prospect take something seriously, I would provide them with something heavy to hold on to or think about. I would have them sit in comfortable surroundings in a soft chair. Not all of this should come as a surprise. For example, I can remember shopping for a bed for the guest room. The salesman asked me if I wanted the guest to stay for two days, two weeks, or two months. He would sell me a bed with the right texture to assist in that outcome. So, think to yourself, “How can I make this heavier or lighter, rougher or smoother, harder or softer, depending on what I need under the circumstances?” If I’m trying to train a Marine, it’s going to be heavy, rough, and hard. If I’m coddling a baby, it’s going to be light, smooth, and soft.

We can create metaphors that will affect the way that people think about things. For example, if in your discussion, you say something like, “What kind of criteria do you use when you make a serious decision such as buying a car?” The prospect will take the situation more seriously. Other times you might want to talk about a smooth transition or a soft landing. Finally, studying neuro-linguistic programming (NLP) you learn that people are primarily auditory, visual, or kinesthetic. So, you might say something like, “Can you see the heaviness of the situation?” “Can you feel the weight of the situation?” or “Can you hear the gravity of the situation?” (Depending on which modality the person favors). Remember this: How we use language has a significant impact on how we are perceived and how we influence others.

Last month one of our Members had to deal with a request for disability accommodation/leave that seemed contrived by the employee as a way to protect her job. The question was whether the company could send the employee for a second opinion from a doctor of their choice. Here is the response from Linda Batiste, counsel for JAN:

“In general, you can ask for a second opinion if you have insufficient information in the first opinion you received. For example, if an employee indicated she needs a certain accommodation, but the statement by the employee’s doctor does not provide you with all the information you need to justify the accommodation, you can require a second opinion.

“The following is from Disability-Related Inquiries and Medical Examinations of Employees under the ADA.

“May an employer require an employee to go to a health care professional of the employer’s (rather than the employee’s) choice when the employee requests a reasonable accommodation?

“The ADA does not prevent an employer from requiring an employee to go to an appropriate health care professional of the employer’s choice if the employee provides insufficient documentation from his/her treating physician (or other health care professional) to substantiate that s/he has an ADA disability and needs a reasonable accommodation. (55) However, if an employee provides insufficient documentation in response to the employer’s initial request, the employer should explain why the documentation is insufficient and allow the employee an opportunity to provide the missing information in a timely manner.(56) The employer also should consider consulting with the employee’s doctor (with the employee’s consent) before requiring the employee to go to a health care professional of its choice.(57)

“Documentation is insufficient if it does not specify the existence of an ADA disability and explain the need for reasonable accommodation.(58) Documentation also might be insufficient where, for example: (1) the health care professional does not have the expertise to give an opinion about the employee’s medical condition and the limitations imposed by it; (2) the information does not specify the functional limitations due to the disability; or, (3) other factors indicate that the information provided is not credible or is fraudulent. If an employee provides insufficient documentation, an employer does not have to provide reasonable accommodation until sufficient documentation is provided.

“Any medical examination conducted by the employer’s health care professional must be job related and consistent with business necessity. This means that the examination must be limited to determining the existence of an ADA disability and the functional limitations that require reasonable accommodation. If an employer requires an employee to go to a health care professional of the employer’s choice, the employer must pay all costs associated with the visit(s).(59)

“The Commission has previously stated that when an employee provides sufficient evidence of the existence of a disability and the need for reasonable accommodation, continued efforts by the employer to require that the individual provide more documentation and/or submit to a medical examination could be considered retaliation.(60) “However, an employer that requests additional information or requires a medical examination based on a good faith belief that the documentation the employee submitted is insufficient would not be liable for retaliation.

“May an employer require that an employee, who it reasonably believes will pose a direct threat, be examined by an appropriate health care professional of the employer’s choice?

“Yes. The determination that an employee poses a direct threat must be based on an individualized assessment of the employee’s present ability to safely perform the essential functions of the job. This assessment must be based on a reasonable medical judgment that relies on the most current medical knowledge and/or best objective evidence.(61) To meet this burden, an employer might want to have the employee examined by a health care professional of its choice who has expertise in the employee’s specific condition and can provide medical information that allows the employer to determine the effects of the condition on the employee’s ability to perform his/her job. Any medical examination, however, must be limited to determining whether the employee can perform his/her job without posing a direct threat, with or without reasonable accommodation. An employer also must pay all costs associated with the employee’s visit(s) to its health care professional.(62)

“An employer should be cautious about relying solely on the opinion of its own health care professional that an employee poses a direct threat where that opinion is contradicted by documentation from the employee’s own treating physician, who is knowledgeable about the employee’s medical condition and job functions, and/or other objective evidence. In evaluating conflicting medical information, the employer may find it helpful to consider: (1) the area of expertise of each medical professional who has provided information; (2) the kind of information each person providing documentation has about the job’s essential functions and the work environment in which they are performed; (3) whether a particular opinion is based on speculation or on current, objectively verifiable information about the risks associated with a particular condition; and, (4) whether the medical opinion is contradicted by information known to or observed by the employer (e.g., information about the employee’s actual experience in the job in question or in previous similar jobs).

What is Cyber Liability?

In 1992, when I started our company and bought my first computer (a Gateway 33 mhz.), you couldn’t buy a “Cyber Liability” policy. Few people knew what a “website” was, and “security breaches” created images of Mission Impossible.

Flash forward to 2010 and issues arising out of data security, management of confidential information, and infringement of intellectual property rights are all considered major exposures. In today’s interconnected cyberworld, the potential for catastrophic loss has escalated dramatically. Although the early “hackers” seemed to be challenging themselves intellectually to see what type of mischief they could cause, today’s cyberthieves have serious criminal intent in mind. Terrorists, organized crime, and random computer geeks working alone are making cyber crime a growth industry. According to Privacy Rights Clearinghouse, more than 263 million data records of U.S. residents have suffered breaches since 2005.

Risk Analysis

Step one in the Cavignac & Associates Risk Management Process is “risk analysis: Identifying assets or circumstances which could lead to a loss.” This process, also known as “exposure analysis,” defines the assets or circumstances as “loss exposures.” Potential exposures include the loss of your company’s data and the cost of restoring it, defending against or settling a third party claim, cyber extortion, damage to reputation, notifying individuals whose personal information might have been compromised, and paying for credit monitoring of individuals (if required by law). Nearly every state now requires businesses that have compromised an individuals’ information to notify this individual. One study of larger companies estimated the cost of a data breach at $204 per compromised record. The same study calculated the average cost of a single data breach at $6.75 million!

Risk Control

Once you’ve defined your exposures, you need to determine how you can manage them. In other words, what can you do to lower the likelihood of a cyber liability claim or the severity of a claim if one occurs? A number of companies focus on helping businesses manage and protect both their own data and the data of their customers. The key is to centralize IT management and develop enforceable policies and procedures across your network. Check the implementation of these policies and procedures periodically. After a suspected or actual breach, take action as soon as possible. If necessary, call the appropriate IT security specialist companies.

Is This Risk Insurable?

As cyber liability exposures have evolved, so has insurance coverage. Although the Insurance Services Office (ISO) created a “standard” policy in November of 2009, most policies today are unique to the company offering the coverage. This means that you’ll need to evaluate the policy to make certain it addresses your potential exposures. These policies include both first party and third-party coverages. First-party coverage pays you for the costs of repairing or replacing damage caused by a covered peril; third party coverage includes the cost of defending and settling third-party claims, including regulatory actions.

Cyber Liability policies usually include some or all of these coverages:

• Website Publishing Liability – Nearly everyone has a website these days. This coverage protects you from liability-based information posted on your website, which might include actual or alleged misstatements; infringement of another’s copyright; trademark, etc., or violation of a person’s right to privacy.
• Security Breach Liability – Covers your liability from a security breach or transmission of a computer virus to a third party. A security breach occurs if an unauthorized person accesses the personal information of another, or if someone authorized to access such information uses it inappropriately.
• Programming Errors and Omissions Liability – Protects against your legal liability from actual or alleged programming errors that lead to disclosing a client’s personal information
• Replacement or Restoration of Electronic Data – This first-party coverage repays you for replacing or restoring data or programs damaged or destroyed as a direct result of a computer virus or similar bug.
• Extortion Threats – Reimburses you for extortion expenses and ransom payments resulting directly from an extortion threat. These threats usually involved on introducing a virus, malicious code, or publishing clients’ personal information.
• Business Income and Extra Expense – Covers loss of business income and extraordinary operating expenses due to a cyber incident or extortion threat.
• Public Relations Expense – Cyber liability incidents can create bad press. This covers the costs of a public relations firm to help you protect or restore your reputation after such an incident.
• Security Breach Expense – Covers the often significant expenses of notifying others that their personal information has been compromised These costs include overtime salaries for employees dealing with the issue, fees and costs of a company hired to operate a call center, post-event credit monitoring services, and other reasonable expenses.

The Cost

Cost can vary dramatically, depending on the type of business, type and volume of information on file, and other factors. Because Cyber Liability insurance is a relatively new coverage, there’s not a large enough database to calculate rates. Most companies are basing their prices based on what they believe the exposure to be and what they think they can charge. Annual premiums for smaller firms (with fewer than 50 employees) will probably range from $1,000 to $10,000. Larger firms might expect to pay $15,000 to $25,000.

Best Practices

Every firm, regardless of size, should evaluate its exposure to this type of loss and determine what steps they can take to manage this type of potential claim. Finally, you should obtain a quotation for coverage. Even if you don’t buy the coverage, you should know the cost and make the conscious decision not to buy it as opposed to assuming you don’t want to afford it.

Managing a Security Breach

If you become aware of an actual or potential security breach, investigate it immediately! If personal information has been compromised, at a minimum, you should take these steps:

• Depending on the circumstances, contact local law enforcement, and if appropriate the FBI and possibly the U.S. Postal Inspection Service (if the fraud involves mail theft).
• Notify any businesses that the breach might affect.
• Notify any individuals whose personal information might have been compromised. Designate a contact person to coordinate the notification process.
• If the incident involves Social Security numbers, credit card information, or other sensitive personal information, contact the major credit bureaus.
• Remove any inappropriately posted information on your website immediately.
• Consult with counsel to make certain you’re complying with any applicable laws, specifically those pertaining to notification and credit monitoring.
• Notify your insurance advisor to determine if insurance might apply to the incident.
• If necessary, consider contacting your public relations consultant to help manage the process and protect your firm’s reputation.

Article Courtesy of Jeffrey Cavignac of Cavignac and Associates (www.cavignac.com). Jeff is a long-time HR That Works and Sitkins International member located in beautiful downtown San Diego.

Many HR That Works Members have asked about limitations on using credit checks under federal and state laws. Here’s the most recent EEOC “informal” discussion letter on this topic.

As of this date, four states (Illinois, Hawaii, Oregon, and Washington) have laws restricting the use of credit checks to employees in financially sensitive positions – never mind that an applicant or employee with poor credit is a greater overall “risk” for employers. The Illinois statute is typical in limiting credit checks to:

• Positions involving access to sensitive information
• Positions involving unsupervised access to cash or marketable assets valued at more than $2,500
• Positions with signatory power over business assets of $100 or more per transaction
• Managers who set the direction of or control a business
• Positions for which the employer is required by law to obtain a bond
• Positions for which state or federal law or regulation establishes credit history as a bona fide occupational qualification
• Positions for which the law requires employers to obtain credit history

This is one reason why we recommend that you work with our partner Global HR Research, who stays on top of these developments.

Responding to an HR That Works Member who asked if an employee’s short stature, which limited her performance, could be considered a disability, Beth Loy from JAN http://AskJAN.org provided this document that summarizes the definition of an impairment (an essential requirement for a covered disability), and provides a number of examples.