WIRTW #522 (the “back to school” edition)

If your kids go back to school and you don't post photographic evidence, does it count?

View this post on Instagram

First day of school: 7th and 4th grades. Also, I've officially entered the "Dad, you're embarrassing me" years.

A post shared by Jon Hyman (@jonhyman) on Aug 22, 2018 at 5:09am PDT

Here's what I read this week:

Compliance-by-carrot trumps compliance-by-stick

Democratic administrations are about enforcement.
Republican administrations are about education.

The endgame is still enforcement, but each side approaches this goal very differently.

This dichotomy might be an oversimplification, but, in at least in contrasting the Obama Administration to the Trump Administration, it is very true.

The FLSA's exemptions are becoming more "fair" for employers

In Encino Motorcars, LLC v. Navarro, the Supreme Court ruled that overtime exemptions under the Fair Labor Standards Act "are to be given a 'fair reading,' meaning they are not to be construed too narrowly" (as had historically been the case).

The Court applied this "fair reading" standard to conclude that automobile service advisors are exempt under the FLSA's automobile-service exemption.

Training won't fix stupid

A fast-food restaurant fired a recently hired employee after its manager learned she was pregnant.

How do we know this was the manager's reason for the termination? Because he texted it to the employee (which she later posted on Facebook).

WIRTW #521 (the “master of my domain” edition)

What's the top employee issue that makes HR folks queasy? Drugs? Sex? Pornography?

According to Robin Schooling, the worst conversation to have with an employee is about sexual self-pleasuring at work.

What's the most uncomfortable conversation you've ever had with an employee? Please share in the comments below.


Here's what else I read this week:

Does the FMLA protect organ-donation surgery as a "serious health condition?"

Organ donors are living saints. If you are in need of an organ to save your life, and someone is willing to sacrifice a kidney, or a liver segment, or bone marrow, and selflessly accept the pain and inconvenience, you are very, very fortunate.

Sacrificing one's organ to save another's life should not also result in sacrificing one's job.

Earlier this week, the U.S. Department of Labor Wage and Hour Division published Opinion Letter FMLA2018-2-A [pdf], which answers the question, "Does organ-donation surgery can qualify as a "serious health condition" under the FMLA?" (Thanks to Eric Meyer for bringing this to my attention.)

The answer is yes.

The FMLA defines a "serious health condition," in part, as an "illness, injury, impairment, or physical or mental condition that involves … inpatient care in a hospital, hospice, or residential medical care facility." "Inpatient care" means as "an overnight stay in a hospital, hospice, or residential medical care facility, including any period of incapacity … or any subsequent treatment in connection with such inpatient care."

According to the United Network for Organ Sharing, donors usually remain in the hospital four to seven days after the harvesting surgery. Thus, because organ donation commonly requires overnight hospitalization, it qualifies as a serious health condition covered by the FMLA.

Thus, covered employers (those with 50 or more employees on the payroll during 20 or more calendar workweeks in either the current or the preceding calendar year) must provide FMLA leave to an eligible employee-donor (someone employed for at least 12 non-consecutive months, who worked 1,250 hours during the 12-month period preceding the start of the requested leave, and who works at a location with 50 or more employees within a 75-mile radius).

What if, however, you are not an FMLA-covered employer? Or the employee-donor is not FMLA eligible? Or they already used up their 12 weeks of FMLA leave? Think twice before you deny requested time off for organ donation.

• Many states have their own specific organ-donor leave laws that require leave above and beyond the FMLA.

• The ADA may require that you grant the time off with, or without, the FMLA or state-specific law. The ADA does not require an employer to provide a reasonable accommodation to a person without a disability due to that person’s association with someone with a disability. Nevertheless, the ADA mandates that an employer avoid treating an employee differently than other employees because of an association with a person with a disability. Thus, if an employer grants time off to employees for their own surgeries, the ADA will require similar treatment to employees taking time off to donate an organ to one’s association or relation.

Is it inconvenient for an employer to provide time off to any employee? Absolutely. Do you want to be in a position of defending your decision to fire that employee in the face of a leave request for the selfless act donating an organ to save another's life? Absolutely not. While such a decision is likely illegal, it's also undoubtedly inhuman. And it's that inhumanity that will cost your company dearly in front of a judge or a jury.

* Photo by Tim Gouw on Unsplash

I ❤️ my wife, and I ❤️ attendance policies

On August 29, 2003, I married my wife.

The ceremony was to start at 11 am, and by 10:55 I was nervous. Not your normal, "I'm about to get married" nervous, but the, "What the hell, we start in 5 minutes and my bride-to-be isn't here yet" nervous. With no cell phone on me, I just had to have faith that Colleen was on her way. Nevertheless, I was most definitely jittery.

Temporary employees have permanent legal rights

Temporary employees do not leave their legal rights at your door. In fact, they enjoy the same rights as your permanent employees.

Consider, for example, EEOC v. Massimo Zanetti Beverage USA, in which an employer recently agreed to pay $65,000 to settle claims brought by a temporary employee that she was subjected to a sexually hostile work environment and fired after repeatedly complaining about it.

The allegations are not pretty.

LaToya Young began working as a temp at Massimo Zanetti in late January 2015. Within 10 days of starting her placement, a male co-worker began making sexually harassing comments to her:

• Telling Young that he had "blue balls" and asking her "Why don’t you help me out with that?"
• Telling Young that he wanted to "suck [her] bottom lip."
• Telling Young that he wanted to have sex with her, often using lewd language.
• Telling Young that he imagined himself engaging in sexual relations with her.
• Telling Young that he would "ball [her] up like a pretzel" and would "have [her] screaming."
• Grabbing his groin area while looking directly at her.
• Blowing kisses at her.
• Licking his lips and biting his bottom lip while looking at her.

Young complained three times to her supervisor. The harassment continued unabated after the first complaint. After the second complaint, Young alleges that her supervisor warned her that going to HR "would jeopardize her employment." After the third complaint, she was fired. 

According to EEOC Regional Attorney Kara Haden, "Employers must take appropriate action to stop harassment of all employees, including temporary workers." She adds, "We hope that this case sends a clear message that the EEOC will hold accountable employers who fail to protect all employees from workplace harassment."

Take heed of this lesson. Your temporary employees have the same civil rights as your permanent employees.

* Photo by Sunyu on Unsplash

7 tips on how to handle cyber-sabotage and other insider cyber threats

Your employees are your company's weakest link, and therefore, your greatest threat to suffering a cyber-attack and resulting data breach. While employee negligence (that is, employees not knowing or understanding how their actions risk your company's data security) remains the biggest cyber risk, another is growing and also demands your attention—the malicious insider.

According to one recent report, malicious insiders are responsible for 27 percent of  all cybercrime. Over at her Employment & Labor Insider Blog, Robin Shea suggests that one recent workplace embarrassment for an employer was the result of internal cyber-vandalism, and not external hacking.

Dark Reading reports on a recent survey, entitled, "Monetizing the Insider: The Growing Symbiosis of Insiders and the Dark Web."

"Recruitment of insiders is increasing, and the use of the dark web is the current methodology that malicious actors are using to find insiders," explains researcher Tim Condello, technical account manager and security researcher at RedOwl.

Cybercriminals recruit with the goal of finding insiders to steal data, make illegal trades, or otherwise generate profit. Advanced threat actors look for insiders to place malware within a business' perimeter security. …

There are three types of people who fall into the "insider" category, says Condello: negligent employees who don't practice good cyber hygiene, disgruntled employees with ill will, and malicious employees who join organizations with the intent to defraud them. 

What is a company to do? I've previously discussed how to protect against the negligent employees who don't practice good cyber hygiene—training, training, and more cyber-training.

No amount of training, however, will stop a disgruntled employee with ill intent, or a malicious employee who joins to do harm.

These latter two categories need more specialized attention—an insider threat program. The Wall Street Journal explains:

Companies are increasingly building out cyber programs to protect themselves from their own employees.… Businesses … are taking advantage of systems … to find internal users who are accidentally exposing their company to hackers or malicious insiders attacking the company. These "systems," however, can prove costly, especially for the small-business owner. While investment in a technological solution is one way to tackle this serious problem, it's not the only way. Indeed, there is lots any company, of any size, with any amount of resources, can do to develop an insider threat program.

Aside from the expense of costly monitoring programs, what types of issues should employers include in an insider threat program? Here are seven suggestions:

1. Heightened monitoring of high-risk employees, such as those who previously violated IT policies, those who seek access to non-job-related business information, and those who are, or are likely to be, disgruntled (i.e., employees who express job dissatisfaction, who are on a performance improvement plan, or who are pending termination).


2. Deterrence controls, such as data loss prevention, data encryption, access management, endpoint security, mobile security, and cloud security.


3. Detection controls, such as intrusion detection and prevention, log management, security information and event management, and predictive analytics.


4. Inventories and audits for computers, mobile devices, and removable media (i.e., USB and external hard drives), both during employment and post-employment. 


5. Policies and programs that promote the resolution of employee grievances and protect whistleblowers.


6. Pre-employment background checks to help screen out potential problem employees before they become problems. 


7. Termination processes that removes access as early as possible for a terminated employee.

No company can make itself bulletproof from a cyber-attack. Indeed, for all businesses, data breaches are a when issue, not an if issue. However, ignoring the serious threat insiders pose to your company's cyber security will only serve to accelerate the when.

WIRTW #520 (the “cucaracha” edition)

Welcome to fun-fact Friday.

The Mexican folk song La Cucaracha has a long and fascinating history. It was popularized during the Mexican Revolution when each army would write verses as battle songs. Amazingly, one such verse, which has become the most popular version of the song, references marijuana:

The cockroach, the cockroach,
can't walk anymore
because it doesn't have,
because it's lacking
marijuana to smoke.

Maybe this explains why Speedy Gonzales was so speedy.


Here's what I read this week:

Dirty Harry, the worst recruiter ever

After yesterday's detective novel of a post, I thought I'd go with something light and airy today (if you consider watching Dirty Harry conduct a job interview of a female interviewee, while sharing his views on feminism and job quotas, light and airy).


My worst job interview? The interviewer forgot my appointment, and never showed up to work. It all worked out in the end. I came back a week later, and that's how I got my first job after law school.

What's you job interview horror story? Share in the comments below, and I'll pull the best (or the worst?) for a future post.

A cautionary tale about an attempted fraud (updated, 11:25 am)

I was recently the target of a highly sophisticated legal-services fraud. Thankfully, this scam set off my Spidey sense from the beginning, and I did not fall for it. I'm sharing so that others can learn the lengths that some will go to steal from professionals. (My apologies in advance. This post is long, but I think it's worth your time.)

An expensive lesson on disability harassment

With of all of the attention the #MeToo Movement has provided sexual harassment, employers must not forget that all forms of unlawful workplace discrimination include unlawful harassment.

This includes disability harassment.

For example, consider Caldera v. Department of Corrections & Rehabilitation (Cal. Ct. App. 7/9/18).

EEOC sues on behalf of harassed Catholic employee

Religion a funny thing. Throughout the history of mankind it's fueled so much hate, war, and death. And yet, it brings so much peace, comfort, and love to so many people.

My philosophy is live and let live. You believe what you want, and I'll believe what I want. Your religion is none of my business, just as mine is none of yours.

The world we be a better place is everyone lived this message. But not everyone does.

WIRTW #519 (the “R-I-P-R-E-S-P-E-C-T” edition)

While I've always loved Aretha's music, and her voice, and her soul, I never appreciated until watching yesterday's tributes how key of a role she played in the civil rights movement.

Rest in peace Queen of Soul. Your message and your spirit will be missed as much as your voice.

Here's what I read this week:

Can you lawfully fire an employee who writes "whore board" to protest a new overtime rule?

In Constellium Rolled Products Ravenswood, LLC, the NLRB held that an employer unlawfully fired an employee who wrote "whore board" on an overtime sign-up sheet.

How is this unlawful? Let's explore.

Are "digital addiction" claims about to invade your workplace?

There is no doubt that addiction is a protected disability under the ADA (and Ohio's parallel law).

Typically, we think of addiction as relating to drugs or alcohol. But, there's a new wave of addictions on the horizon—digital addictions.

Ohio's new cybersecurity safe harbor for businesses means the time for cybersecurity compliance is NOW

Do you know that the average total cost of a data breach to a business is $3.86 million?

This is a 6.4% increase over the past year.

For companies doing business in Ohio, some relief is on the way.

Protecting your business from an "Omarosa": workplace recordings and the law

Omarosa Manigault-Newman, formerly a contestant on Donald Trump's The Apprentice and also formerly an employee in President Trump's White House, secretly recorded Chief of Staff John Kelly firing her.

In 38 states plus the District of Columbia, this surreptitious recording would be perfectly legal.

WIRTW #518 (the “no-stress zone” edition)

What de-stresses you? Where do you go, or what do you do, that makes all the stress in your life melt away?

My wife and I recently spent a few days in Sedona, Arizona. We hiked, we jeep-toured, and we drank wine.

It was the most stress-free we've felt in years.