Employers may be required to take the temperatures of employees when businesses begin to reopen in the coming days and weeks following the expiration of many states’ stay-at-home orders. Screening for fevers is a task never previously undertaken by many companies. Given that many states will require or highly recommend this practice, now is the time for to consider what precautions and procedures to undertake to implement this safety measure.
You should consider these six issues when contemplating whether to take temperatures at your workplace:
What Should Employers Do?
As you begin the process of reopening, you may want to familiarize yourself with several pieces of information:On April 29, 2020, the Department of Labor (DOL) and the Internal Revenue Service (IRS) announced in a Notice a “pause” in the timelines that affect many COBRA and HIPAA Special Enrollment Period timelines during the National Emergency due to the COVID-19 pandemic.
The National Emergency declaration for COVID-19 was issued on March 13, 2020, and as of the date of this writing, is still in effect. However, for purposes of COBRA in the eyes of the DOL, the “pause” date is set to begin on March 1, 2020. According to the Notice, the period from March 1 through 60 days after the date the National Emergency is declared ended is known as the “Outbreak Period.”
Normally, group health plan Qualified Beneficiaries (QBs) have 60 days from the date of a COBRA qualifying event to elect COBRA coverage, or in the case of a second COBRA qualifying event, to make a new COBRA election. Once a COBRA election is made, the first payment (going back to the date of the COBRA qualifying event) is due no more than 45 days later. After that, plan sponsors must allow at least a 30 day grace period for late COBRA payments.
According to the Notice, all of these timelines are affected. The 60-day election “clock” is paused beginning March 1, 2020 or later until the the end of the Outbreak Period. Similarly, the 45-day first payment “clock” is also paused during the Outbreak Period, as is the 30-day grace period for making COBRA payments.
Example
ABC Company’s group health plan is subject to COBRA continuation coverage. Jane Jetson and her family are covered under ABC’s group health plan. On February 1, 2020 Jane terminates employment at ABC, and on February 5th, Jane receives her COBRA election notice informing her she has 60 days from February 1st to make an election. Normally, that election period would end on April 1, 2020, 60 days from February 1st.
However, with the new DOL/IRS Notice, the “pause” button on the 60 day election period was hit on March 1st, the beginning of the Outbreak Period, so the 60 day clock stops at 29 days and doesn’t resume until the end of the Outbreak Period. For sake of this example, let’s assume the National Emergency declaration is lifted on May 31, 2020. On July 30, 2020, 60 days after May 31st and thus the end of the Outbreak Period, the “pause” button is lifted and the COBRA election clock restarts for another 31 days to complete the 60 day COBRA election period, which now would end on August 30, 2020.
Continuing with the example and assumptions, if Jane did make her COBRA election to continue coverage on August 30th (the last day to do so), the 45 day clock to make the first payments back to February 1st would begin, and she would have to make all seven months’ payments by October 14, 2020. Of course, by that date she’d also owe payments for September and October as well, although she’d be in the middle of the grace period for October.
Similarly, the 30 day HIPAA Special Enrollment Period (SEP) for qualified changes of status that impacts group health plan enrollment changes is also “paused” until after the end of the Outbreak Period.
Example
Homer Simpson also works for ABC Company, and has elected not to participate in ABC’s group health plan since he has coverage through his spouse Marge’s employer’s group health plan at XYZ Company. On March 15, 2020, Homer and Marge have a baby named Bart, and decide that Homer would like to cover his entire family under ABC’s plan. In normal times, Homer would have 30 days from the date of Bart’s birth to enroll in ABC’s group health plan utilizing the HIPAA SEP.
However, under the DOL/IRS Notice, that 30-day clock is on “pause” until the end of the Outbreak Period. Using the same assumption in the example above, that clock would start on July 30th, and Homer would have until August 30th to enroll his entire family.
Plan sponsors will need to pay close attention to this Notice and make proper adjustments in their established COBRA and HIPAA procedures to accommodate it.
Florida Governor Ron DeSantis just extended his Safer At Home Order for the State of Florida but announced his plan to gradually re-open the state pursuant to a new Order that will go into effect just after midnight (at 12:01 am) on the morning of May 4, 2020. The new Order initiates the first of three phases to re-open every county in Florida except for Miami-Dade, Broward and Palm Beach counties. Additionally, local governments in Florida will also be able to have more restrictive policies in place if they desire. What do Florida employers need to know?
Essential And Non-Essential Businesses Are Permitted To Operate Pursuant To CDC And OSHA Guidelines
The new Order permits all services and activities currently allowed under the previous Safer-at-Home Order. Any non-essential businesses that were not previously permitted to be open can reopen as long as they also follow CDC and OSHA guidelines. However, The Order contains the following industry specific restrictions:
Every business is required to continue to follow guidelines issued by the CDC and OSHA. These guidelines include:
The CDC also recommends that businesses only reopen after they have implemented safeguards for the ongoing monitoring of employees, including:
Senior Citizens And Individuals With Significant Underlying Medical Conditions
The Order strongly encourages individuals who are older than 65 and those with significant underlying medical conditions to stay at home. They should take all measures to limit the risk of exposure to COVID-19 such as wearing masks during face-to-face interactions. Additionally, the Order encourages individuals to avoid socializing in groups of more than 10.
Social Distancing And Other Guidelines
Additionally, all persons in Florida should practice social distancing, avoid nonessential travel, and adhere to guidelines from the CDC regarding isolation for 14 days following travel on a cruise or from any international destination and any area with significant presence of COVID-19. The Order also extends Governor DeSantis’ Orders regarding airport screening and isolation of individuals traveling to Florida. Notably, there is an exception for these orders for persons involved in military, emergency, health or infrastructure response or involved in commercial activity.
Criminal Penalties
A violation of the Order is a second-degree misdemeanor which is punishable by imprisonment not to exceed 60 days, a fine not to exceed $500.00 or both.
What Does This Mean For Employers?
Employers with operations in Florida should review the CISA guidance and Miami-Dade County Emergency Order 07-20, and its amendments, to determine if they are deemed essential or non-essential.
Before reopening, you should have a thorough plan in place to establish a safe and healthy workplace and share that plan to provide employees peace of mind. You should also be prepared to address concerns from older employees and those with underlying significant health conditions regarding whether or not they must come in to work. You should also carefully assess the availability of telework for these employees.
As you begin the process of reopening, you should familiarize yourself with some useful info:
Although the Department of Homeland Security (DHS) recently relaxed I-9 requirements for employers operating remotely as a result of the COVID-19 crisis, employers are still left with some questions on how to meet their obligations in this uncertain time.
Under federal guidance, employers are temporarily no longer be required to review an employee’s identity and work authorization documents in the employee’s physical presence. Instead, inspection of these documents can be conducted remotely (e.g., by video, fax, or email).
According to the U.S. Citizenship and Immigration Services (USCIS), “if employers are performing inspections remotely (e.g., over video link, fax or email, etc.) they must obtain, inspect, and retain copies of the Section 2 documents within three business day of hire. In addition to completing Section 2, Employers also should enter ‘COVID-19’ in the Additional Information field.”
Then, when “normal operations resume,” all employees whose documents were presented via remote verification must, within three business days, undergo the required “in-person” examination of documents. The person conducting the physical examination should write the words “documents physically examined” in the Additional Information box in Section 2, and should include their name and the date of inspection.
It is important to keep in mind that the DHS’s relaxed requirements apply only to employers who are operating remotely. According to the guidance, if there are employees physically present at a work location, then you must follow the normal in-person physical inspection rules. However, if newly hired employees or existing employees of an employer who still has employees present at a work location are subject to COVID-19 quarantine or lockdown protocols, “DHS will evaluate this on a case-by-case basis.”
While employers appreciate the DHS’s temporary relaxation of the in-person document inspection rules, some questions are not addressed by either DHS or USCIS. Here are the most common questions we have seen and the best practices to follow.
The COVID-19 pandemic has caused many employers now operating remotely to conduct meetings via video conference – which has created a whole new set of various privacy and cybersecurity concerns. While these remote work tools have facilitated a more personal connection and interactive experience, their use is fraught with privacy concerns you may never have before considered. If your organization is weighing its options or unaware of the risks these services may create, this article provides a 10-point plan to protect your personal and confidential information and ensure you remain compliant with various federal and state privacy laws.
The Risks of Video Conferencing
Before diving into the blueprint for compliance, it is first helpful to understand the three main risks of video conferencing.
“Zoom-Bombing”
Since the start of the COVID-19 public health emergency, the FBI has noted a substantial increase in the number of businesses and schools reporting instances of video conference “hijackings” (also known as “Zoom-bombings”). During these hijackings — which generally occur where a video conference link is shared over social media or is not password-protected — uninvited participants have disrupted meetings by interjecting inappropriate language or displaying hateful or pornographic images into business meetings.
Aside from unwanted disruptions, uninvited interlopers pose a more serious threat. Those that choose to remain undetected could lead to the unauthorized disclosure of personal or confidential information.
Insufficient Or Non-Existent Encryption
Many video conferencing companies tout their services’ encryption capabilities. However, these claims should be closely scrutinized. By way of example, the video conferencing platform Zoom has indicated that hosts may “enable an end-to-end (E2E) encrypted meeting.” This was reportedly proven to be untrue. The company was supposedly able to access user data and video conferences in transit and it was reported that it could be compelled to provide access or information to the government if such a request was made.
Additionally, the storage of recorded video conferences creates other issues. Thousands of Zoom conference recordings were recently found on an unsecured online storage platform. Prior to Zoom restricting access to their storage location, anyone with an internet connection could access the private and confidential meetings of countless users. Likewise, if your business does not store its recorded conferences in a secure manner, there is a substantial possibility that an unauthorized individual may gain access to their contents.
Inadequate Privacy
Video conferencing raises privacy issues on two fronts. First, according to a recent California class action lawsuit, video conferencing providers may be improperly using their subscriber’s data. Specifically, as alleged in the suit, California’s privacy law and other state statutes may have been violated if users’ personal information was shared with Facebook without the users’ consent.
End-users may also create privacy issues. Among other things, confidential information may be mistakenly divulged if an employee shares their screen while such information is visible. If an end-user participates in a video conference in a public space, everything that is said and displayed during the conference is disclosed to those around them. Moreover, if an end-user records or takes screenshots of images displayed during the meeting, those items may be improperly disseminated.
Legal Consequences Of A Video Conferencing Breach
If you or your video conference provider has inadequate privacy and cybersecurity policies or procedures, your business may inadvertently run afoul of various federal and state laws. Among other laws, the unauthorized disclosure of your employees’ personal and confidential information may violate:
10-Point Plan To Prevent Video Conferencing Disasters
To avoid potential video conferencing related privacy or cybersecurity breaches when using Zoom or similar platforms, your business should consider employing the following practices:
Conclusion
In the wake of the COVID-19 pandemic, many employers are relying on video conferencing platforms to conduct meetings and providing remote educational instruction. While Zoom and other video conferencing platforms can provide a valuable interactive experience while social distancing, it is important to educate employees on potential privacy and cybersecurity risks. You must require them to adhere to best practices to ensure the security of remote meetings, protect the privacy of participants, and reduce the risk of intervention by unwanted participants.
Besides continuing to follow recommendations issued by the state and local health departments, you can consider these 5 steps:
According to the CDC guidance, you should consider three questions when deciding whether to reopen:
CDC states you should only consider reopening if you can answer “yes” to all three questions.
Once you feel comfortable that your organization can satisfy the three preliminary questions, you should next adopt the CDC’s recommended safety actions. They include:
Next, before reopening, you should implement safeguards for the ongoing monitoring of employees. They include:
The final step before you reopen your doors involves preparing your location for the reentry of workers, customers, guests, and other visitors. The CDC has released guidance for cleaning and disinfecting public spaces, workplaces, businesses, schools, and homes. Review this guidance when implementing cleaning procedures at your facilities after shelter-in-place orders are lifted.
The Department of Labor’s Occupational Safety and Health Administration issued guidance for enforcing OSHA’s recordkeeping requirements for COVID-19 cases. OSHA recordkeeping requirements mandate covered employers record certain work-related injuries and illnesses on their OSHA 300 log.
According to the guidance, COVID-19 is a recordable illness, and must be recorded on an employer’s OSHA 300 log if:
Recognizing the difficulty in determining whether COVID-19 was contracted while on the job, OSHA will not enforce its recordkeeping requirements that would require employers in areas where there is ongoing community transmission to make work-relatedness determinations for COVID-19 cases, except where:
This waiver of enforcement does not apply to employers in the healthcare industry, emergency response organizations (e.g., emergency medical, firefighting and law enforcement services), and correctional institutions in areas where there is ongoing community transmission. These employers must continue to make work-relatedness determinations.
This new guidance provides employers with one fewer issue to worry about in their response efforts to an employee with a confirmed case of COVID-19. Employers should continue to focus on minimizing the risk of transmission in the workplace.