A compilation of time-sensitive and trending legal and regulatory issues that general counsels and business leaders should be aware of in 2015.
Multigenerational Workforce – Differing Approaches and Attitudes Increase Risk in Workplace
For the first time, four different generations of employees are working side by side at work. Commentators are quick to note the different characteristics among these generations of workers, such as their expectations regarding career path, their desire for flexible work schedules and locations, their comfort with emerging technologies, their preferred means of communication, and other issues. These differences are not only managerial challenges, but legal risks that can include claims of age discrimination, wage and hour issues associated with “after-hours” use of technology, and the improper use of social media. Employers must also face the critical need to protect their confidential information and customer relationships given the increasing mobility that characterizes a Generation X and Millennial workforce. More than ever, employers should examine their policies and procedures and train their managers to avoid these risks associated with the unique dynamics of a multigenerational workforce.
Cloud Computing Agreements – IT and Legal Departments should Work Collaboratively
Regardless of the cloud service model—Infrastructure as a Service (“IaaS”), which provides access to servers and network capacity and other resources; Software as a Service (“SaaS”) which provides access to remotely deployed published software; or Platform as a Service (“PaaS”) which provides access to software that is customizable, enterprises are quickly adopting cloud services solutions. But while there are plenty of benefits to using cloud services for customer and company data, there are also privacy and data security risks. You need to make sure your cloud vendor understands the particular privacy rules that apply to your industry, such as HIPPA or the Payment Card Industry Data Security Standards (PCI DSS). You also need to make sure you have the proper indemnity and other risk management clauses in your agreements to minimize potential liability.
Rethinking the Register – Risks Increasing at the Point of Sale
The payments industry is dynamic. But, historically, much of the innovation within the industry has taken place “behind the scenes.” Upcoming changes at the point of sale, however, will fundamentally alter the way merchants interact with consumers, with significant impacts to the retail, hospitality, and e-commerce sectors. Additionally, regulatory and industry changes with alter how risk is disbursed long after the transaction concludes. Companies must address these changes, including significant revisions to data security standards (PCI DSS); the implementation of chip and pin (EMV) technology and the risks to merchants who fail to adopt EMV capabilities; and how pending litigation may alter merchants’ ability to steer consumers to alternative payment methods.
Obama & Immigration – What’s going on?
Executive action on immigration has made headlines. Obama’s decision to prioritize enforcement by granting deferred action (and employment authorization) to several million of the estimated 11 million plus undocumented immigrants has sparked debate. Many industries – ranging from high tech to agriculture and construction - will benefit from the increased pool of available workers. But the current legal focus on the authority of the executive branch to prioritize immigration enforcement may affect many more businesses. Would an end to “executive action” in immigration enforcement mean more I-9 audits? Would ICE conduct more worksite raids? Would employers be subject to more fines, including for paperwork violations? (One company had no unauthorized workers and had completed I-9s for every worker, but was still fined in excess of $227,000 for technical I-9 violations.) With such a high level of interest in immigration matters, this is a great time for employers to review compliance policies and practices. Consider an internal I-9 audit and policy changes as necessary.
Audit Your Business’ Privacy Risk Regarding Managing Personally Identifiable Information (PII)
Every business collects, stores, uses and sometimes even disseminates personally identifiable information (PII). PII may be about your consumer customers; about executives of your business customers; about executives at key vendors or business partners; and certainly, the PII will be about your employees. Do you know how much PII you can collect? What kind of PII? How long you can keep this PII? How you can use this PII? And, of course, who can see it? AGG utilizes a one day diagnostic privacy check to protect clients against business privacy risk.
Regulatory Complexities Increasing as Global Commerce Increases
Global commerce brings with it not only unprecedented opportunities, but new and more complex regulatory challenges. The challenges are particularly important in the healthcare, food and drug / life sciences, affordable housing, financial services, global logistics and transportation, information services, and financial payment processing industries. A recent survey by a large legal services organization of hundreds of corporate counsel around the globe – more than half from the U.S. -- showed heightened concern about regulatory and investigative matters. Among companies with revenues of at least $1 billion, more than half reported having at least one regulatory procedure pending against them. Greater than 40 percent of U.S. respondents said their companies had been involved in at least one arbitration over the past 12 months (as opposed to 35 percent reported among all respondents). U.S. companies also lead in regulatory proceedings commenced against other companies. Respondents said they expect the legal complications to increase as more opportunities are pursued in a variety of jurisdictions, each with different rules.