Getting with the (Wellness) Program: EEOC Proposes New ADA Regulations for Wellness Programs

Health Overhaul

This post was written by Ogletree Deakins attorneys, Jeanne E. Floyd (Of Counsel, Richmond Office), and Ruth Anne Collins Michels (Shareholder, Atlanta Office), and was published originally on the firm’s website on April 21, 2015.

For some time, employers have faced uncertainty about the status of their wellness programs under the Americans with Disabilities Act (ADA). While the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Affordable Care Act (ACA) have allowed employers to provide financial incentives for employee participation in wellness programs for several years, the U.S. Equal Employment Opportunity Commission (EEOC) increased employer anxieties over otherwise-compliant wellness programs in 2013 and 2014 by suing several large companies over alleged ADA-related defects in the design of their wellness programs.

After holding contentious public hearings on wellness programs in 2013, the EEOC seemed poised to throw sand in the gears of the wellness machine, but on April 16, 2015, the EEOC had a surprise for the employer community in the form of highly anticipated proposed rules that attempt to reconcile the ADA with HIPAA and the ACA. The proposed rules  provide guidance on the extent to which employers may use incentives (such as rewards or penalties in the form of prizes, cash, or a reduction or increase in health care premiums) to encourage employees to participate in wellness programs that include disability-related inquiries and/or medical examinations.


The ADA prohibits employers from making disability-related inquiries or requiring medical examinations; however, employers may conduct “voluntary” medical examinations or obtain medical histories as part of an employee health program, including wellness programs.

Previous EEOC guidance provided that a wellness program is “voluntary” if an employer neither requires participation by employees nor penalizes employees who do not participate. However, no guidance addressed the extent to which incentives (or penalties) might affect the “voluntary” nature of a wellness program for ADA purposes.

This lack of guidance created uncertainty regarding the application of the ADA to wellness programs, particularly in light of the EEOC’s pursuit of claims against employers asserting that certain potentially punitive wellness program designs violated the ADA.

The Proposed Rules

The Voluntary Standard. The proposed rules list several requirements that must be satisfied for an employee health program (or wellness program) to meet the “voluntary” standard (and thus, comply with the ADA). Specifically, an employer may not require employees to participate in an employee health program or wellness program, may not deny access to health coverage or limit coverage for non-participation, and may not take adverse action, retaliate or take similar action—such as intimidation or coercion—against employees.

In addition, if the wellness program is part of a group health plan, the employer must provide employees with a notice explaining what medical information will be obtained, how it will be used, who will receive it, the restrictions on its disclosure, and steps the employer will take to prevent improper disclosure.

Many wellness programs will not encounter difficulty with these proposed requirements, but more aggressive plan designs may require adjustment to avoid EEOC scrutiny. Communications regarding wellness programs are also likely to require updates to provide more detailed disclosures about the particulars of the information to be collected through wellness testing and how that information will be used and safeguarded.

Incentive Limits. The proposed rules also set limits on the incentives that employers may use to encourage participation in wellness programs. However, because these limits do not exactly track those under HIPAA and the ACA, further clarification may be necessary in the final EEOC guidance.

Under the proposed rules, the maximum permitted incentive for all wellness programs offered as part of a group health plan (regardless of whether those programs are participatory or health-contingent programs under the HIPAA regulations), cannot exceed 30% of the total cost of “employee-only coverage.”

However, HIPAA and the ACA not only permit an incentive of up to 30% of the “total cost of the coverage in which the employee and any dependents are enrolled,” but also provide that the limitation is applied only with respect to health-contingent wellness programs.  Thus, under HIPAA and the ACA, an employer could offer incentives for participatory wellness programs that would not be aggregated with the health contingent programs in determining whether the 30% limitation was exceeded.

Further, an employee could receive an incentive of up to 30% of the total cost of family coverage if an employee is enrolled in family coverage versus self-only coverage.  The EEOC’s final rule may address this discrepancy. If not, the EEOC will have introduced new complexities into the design and administration of wellness programs.

Smoking Cessation Programs. While HIPAA and the ACA permit incentives up to 50% of the employee-only premium (or family premium in some circumstances) for participation in a smoking cessation program, the 30% limitation found in the proposed rules may cap that incentive for some smoking cessation programs.

Interpretive guidance issued with the proposed rules provides that the 30% incentive limit would apply to a smoking cessation program that includes a biometric screening or other medical examination, but a smoking cessation program that merely asks employees whether or not they use tobacco (e.g., by completion of an affidavit) could continue to use the “50% of the cost of employee coverage” limitation permitted under HIPAA and the ACA.

As is suggested by the proposed “voluntary” standard, the EEOC appears to be concerned about more intrusive wellness testing methods such as blood tests to confirm non-use of tobacco products and has therefore limited the extent to which larger incentives may be used to encourage participation.

Not content to cede the wellness stage to the EEOC, the other three regulatory agencies with jurisdiction over wellness programs (i.e., the U.S. Department of Health and Human Services, the U.S. Department of Labor, and the U.S. Department of Treasury (the Departments)) issued their own guidance on April 16 in the form of additional frequently asked questions on its FAQs about Affordable Care Act Implementation (Part XXV) page.

This guidance reiterates previous wellness guidance issued by the Departments, but also cautions that compliance with the Departments’ wellness program regulations is not determinative of compliance with other laws, such as the ADA. The EEOC indicated that the Departments worked in conjunction with one another on the proposed rules, but the EEOC and the Departments may recognize that all wellness program guidance is not perfectly reconciled.

Employer Action Items

While employers are not required to comply with the proposed rules at this time, it would be wise to review wellness programs now in light of these rules, particularly for wellness programs that use stricter standards or impose larger penalties on their prospective participants.

In particular, employers should review the financial incentives currently provided under their wellness programs to see where they fall in relation to the 30% limitation of the new rules.  In addition, employers should review their smoking cessation programs to determine whether those programs will be aggregated within the 30% rule or may continue to rely on the 50% limitation under HIPAA and the ACA.



When is a background search not a background search . . . ?


In a thoroughly reasoned and illustrative opinion, one federal court magistrate judge recently dismissed the claims of a group of individuals who alleged they were not hired because a potential employer used LinkedIn’s “Reference Search” feature to obtain background information. Sweet v. LinkedIn Corporation, NDCA, No. 5:14-cv-04531, April 14, 2015.

The Fair Credit Reporting Act (FCRA) was enacted to insure that consumer reporting agencies act with “fairness, impartiality, and respect for the consumer’s right to privacy.” But one federal court held recently that LinkedIn’s search technology does not make that site a “consumer reporting agency” for purposes of FCRA.

LinkedIn, the online professional network, allows users to create, manage, and share professional identities online. When a user adds information to his or her profile page, that information is added to LinkedIn’s professional database. LinkedIn’s “proprietary search technology” allows users to search that data. Part of that search functionality is the Reference Search feature, which allows subscriptions users to search for “references” for any LinkedIn member (“searched member”).

The Reference Search lists the searched member’s name, along with the names of his or her current and former employers. The Reference Search then provides a list of other members in the same network as the searcher, and who may have worked at a particular company during the same period as did the searched member.

The Reference Search results encourage search initiators to contact the listed references, but does not do that for them; it also does not tell searched members when users run searches on them.

The plaintiffs in the California lawsuit alleged that LinkedIn violated their rights under the FCRA by furnishing information for employment purposes. They sought certification of a class, demanding actual damages, punitive damages, attorney’s fees, and costs. LinkedIn moved to dismiss the case, arguing that the plaintiffs failed to state a claim under the FCRA.

The federal judge reviewing the case held that the plaintiffs were unable to set forth a right to relief above the speculative level, and that they failed to raise facts sufficient to “support a plausible inference that the Reference Searches are within the FCRA’s definition of a consumer report.”

The judge listed four reasons for that holding:

  • that the publications of employment histories of the searched members are not consumer reports because they came solely from LinkedIn’s transactions with these same consumers (that is, the purpose of LinkedIn is for consumers to “share their professional identities online”);
  • that a “consumer reporting agency” regularly assembles or evaluates consumer credit/background information for the purpose of furnishing reports to third parties (whereas, the function of LinkedIn is to “carry out consumers’ information-sharing objectives”);
  • that because the search results come from people in the searchers’ networks, and not the searched members’ networks, the results do not indicate that the searched member is well-connected in the industry; and
  • that LinkedIn does not market the results of the search as a source of reliable feedback about job candidates and, therefore, plaintiffs cannot establish that the results themselves are used or intended to be used to determine a searched member’s eligibility for employment.

While the court made a thorough analysis of the situation, its holding included permission for the plaintiffs to amend their complaint to attempt to come within the parameters of a FCRA cause of action, so we may be seeing more of this issue before it is fully resolved.

An article in, commenting on the case, provides a common sense view of the court’s decision, and the decision itself points out the various increasing uses and end-results of electronic searches and tools. But the question raised by recent cases in this area is whether the expanded use of electronic search tools will lead to a parallel increase in the regulation of social media, especially as it relates to employment issues.

Employee’s online and obscenity-laced rant viewed as protected activity by the NLRB.

Facebook firing 2

By a two-to-one vote, a three-member panel of the National Labor Relations Board (NLRB) upheld an administrative law judge’s findings that an employer unlawfully discharged an employee because of social media comments – including strong obscenities – that were personally critical of a company manager. Pier Sixty, LLC and Hernan Perez, et al, NLRB Cases No 02-CA-068612 and 02-CA-070797, March 31, 2015.

Pier Sixty operates a catering service company in Manhattan, NY. In early 2011, the company’s employees expressed interest in union representation, based in part because of concerns that management treated them “disrespectfully and in an undignified manner.” Those efforts resulted in a successful organizing campaign, after which the Union was certified as the exclusive collective bargaining representatives for the servers, captains, bartenders and coat checkers in the company’s banquet department after an October 27, 2011 election.

Two days before that election, Hernan Perez, a long-term employee, was working as a server at an event. During the cocktail service, a company manager, Robert McSweeney, allegedly approached and – in a loud voice and in front of guests – addressed Perez and two other employees, using an unnecessarily harsh tone, and waiving his arms. McSweeney was one of the company managers identified by employees as treating company workers disrespectfully.

Upset with McSweeney’s treatment, Perez took a break and, outside of the banquet facility, posted from his phone a message to his personal Facebook page. The message referred to McSweeney as a “NASTY M***** F***er” and a “LOSER!!!!,” stated “f*** his mother and his entire f***ing family,” and ended with “Vote YES for the UNION!!!!!!!”

After being made aware of that posting, the Company fired Perez for violation of its obscenity policy. Two charges subsequently were filed: one on behalf of Perez for his firing, and one on behalf of the Union stating that Pier Sixty had threatened employees with loss of jobs and benefits if the Union was chosen as a collective bargaining agent.

The case was tried before an administrative law judge (ALJ), who found on behalf of Perez and in favor of the Union on the charges. The decisions were appealed and reviewed jointly, and the NLRB panel that reviewed the cases upheld the ALJ’s decisions. The Union’s complaints were found to be substantiated, based on remarks made by the Company’s general manager interpreted by employees as threatening jobs, benefits, and access to Company managers.

The panel also upheld the ALJ’s determination that Perez’s firing violated the National Labor Relations Act (NLRA) because Perez’ Facebook post was deemed to be protected concerted activity. Although the Company argued that Perez had violated Company policy regarding obscene language, it was determined that since 2005, the Company had issued only five written warnings to employees who had used obscene language, and had discharged no one on that basis.

Further – and importantly – it was found that Perez’ use of obscene language in his posting was not “qualitatively different from profanity regularly tolerated by [the Company].” According to the NLRB, “the overwhelming evidence establishes that, while distasteful, [the Company] tolerated the widespread use of profanity in the workplace, including the words “f***” and “motherf*****.” Considering that setting, the panel held that Perez’ language in his posting should not have cause him to lose the protections allowed under the NLRA for protected speech.

While critics of this decision have focused on the strongly personal nature of the obscenities used by Perez, a broader reading could serve as a warning to employers who institute anti-obscenity and anti-bullying policies, but fail to implement them consistently. In this case, had the Company regularly trained supervisors, managers and employees on appropriate workplace behavior, and had discipline been imposed consistently for violations of policies related to that behavior, this case may have ended differently.

Switch in safety handbooks without collective bargaining could violate CBA.


An arbitrator’s finding that an employer could not unilaterally switch safety handbooks without bargaining for that switch was upheld by a federal district court. Firstenergy Generation Corp. v. IBEW, WDPA, No. 14-560, March 16, 2015.

The International Brotherhood of Electrical Workers (IBEW) filed a grievance after Firstenergy Generation Corporation attempted to replace the Company’s original safety handbook (“the Red Handbook”) with another manual (“the Green Handbook”).

The Union’s grievance was based on language in the Collective Bargaining Agreement (CBA) which stated that “The Company and the Union agree to cooperate in maintaining safe work practices. In furtherance of this undertaking, it is agreed that the parties will comply with the rules set forth in the [Red] Handbook. Any claim or alleged violation of the rules contained in the [Red] Handbook by either the Company or an employee represented by the Union shall be subject to the grievance procedure [in] this agreement.”

A “grievance” was defined in the CBA as “any compliant or dispute that may arise between the Company, the Union or bargaining unit employee(s) as to the meaning, application or claimed violation of the terms of [the CBA].”

An arbitrator issued an award finding that substitution of the safety handbook would require collective bargaining. The Company appealed that finding to federal court, arguing that the arbitrator exceeded the scope of his authority (which was limited to interpreting the CBA) by deciding whether the Company had “unilateral right to replace the safety handbook.”

The district court disagreed, finding that the arbitrator’s holding that collective bargaining was required before replacing the handbook flowed directly from an interpretation of the CBA, and “easily” withstood the court’s scope of review.

The take-away from this decision is the Court’s explanatory footnote regarding its limited scope of review of the arbitrator’s decision. The Court points out that whether or not it agrees with an arbitrator’s decision is immaterial, because a court may not overrule an arbitrator simply because it disagrees with the arbitrator’s interpretation of the CBA. So long as the arbitrator is “even arguably construing or applying the contract,” even a court’s finding that the arbitrator “committed serious error” or made an “improvident, even silly, factfinding” does not allow that court to refuse to enforce the award.

EEOC has defined “ability to interact with others” as a major life activity, making social anxiety disorder a disability under the ADA.

social outsider

An employee fired after asking to be reassigned to a role with less direct personal interaction as an accommodation for her “social anxiety disorder” is being allowed by the 4th U.S. Circuit Court of Appeals to take her case to a jury. Jacobs v. N.C. Administrative Office of the Courts, 4th Circ., No. 13-2212, March 12, 2015.

Christina Jacobs was hired in January 2009 as an office assistant to the criminal division of the North Carolina Administrative Office of the Courts (AOC). In that role, Jacobs’ job consisted largely of microfilming and filing.

Less than a month after being hired in the office assistant role, Jacobs was promoted to a position as one of 30 deputy clerks in the criminal division of the AOC. While all deputy clerks held the same title and job description, four or five also provided customer service at the division’s front counter. The remaining clerks performed jobs that did not require face-to-face interaction with the public, including filing and record-keeping tasks.

In March 2009, Jacobs began training to work at the front counter, but soon began to experience extreme stress and panic attacks. On or about May 5, 2009, Jacobs informed one of her supervisors that she previously had been treated for mental health issues and had been diagnosed with social anxiety disorder. The supervisor relayed that information to the clerk of courts (Tucker).

On September 8, 2009, Jacobs sent an e-mail to her three immediate supervisors, again disclosing her diagnosis and requesting, as an accommodation, that she be “trained to fill a different role in the Clerk’s Office and perhaps work at the front counter only once a week.” Jacobs was told that Tucker was the decision-maker on the issue, but was on vacation for three weeks, and that nothing could change until her return.

During the three-week period, Jacobs made a request to use accrued leave. Even though Jacobs’ prior requests for leave had been granted, this request was denied.

Upon Tucker’s return from vacation on September 29, 2009, Jacobs was called into a meeting with Tucker and Jacobs’ three supervisors. At that meeting – which included no discussion of Jacobs’ request for accommodation – Jacob’s was fired, and was told that she was not “getting it.” Jacobs also was told that Tucker had no position in which she could use Jacobs’ services; nothing further was said about Jacobs’ performance or any other work-related issue. During her employment, Jacobs had not been written up for any performance or disciplinary issue.

Jacobs then filed an EEOC charge, in response to which she received a favorable determination, and after which she filed a federal court lawsuit.

The federal district court granted summary judgment in favor of the AOC, finding that Jacobs’ social anxiety disorder was not a disability as a matter of law under the ADA.

On appeal, however, the Fourth Circuit reversed that dismissal, agreeing with the EEOC’s view that interacting with others is a major life activity, and pointing out that the Diagnostic and Statistical Manual’s fourth edition (DSM-IV) describes social anxiety disorder as a condition that “interferes significantly with the person’s normal routine, occupational . . . functioning, or social activities or relationships.” Therefore, under the ADA, social anxiety disorder would be viewed as a disability.

The court’s opinion includes a detailed explanation of the mistaken analysis of the district court. While the opinion includes numerous important analytical points – specifically including the analysis of social anxiety disorder as a per se disability under the ADA – the court raised two additional issues of which employers should take particular note.

First, the court points out, more than once in its analysis, the complete lack of documentation related to the performance issues that ultimately were used by AOC as reasons for Jacobs’ firing (Jacobs “never received a negative performance review, evaluation, or written warning”), which discredited AOC’s argument that Jacobs’ sub-par performance was the basis of her firing. That lack doomed AOC’s effort to use any performance or disciplinary issue as a valid reason for the ultimate discharge, and supported Jacobs’ argument that the reasons asserted were simply pretext for disability discrimination.

Second, AOC’s lack of good faith effort to engage with Jacobs in any interactive process to identify a reasonable accommodation for her disorder – especially prior to the termination meeting – could allow a jury to find AOC liable on Jacobs’ claim of disability discrimination. The requirement to engage in the interactive process is an immutable provision of the ADA, and one to which both employers and employees are obligated to adhere.

Supervisor’s alleged remark regarding sick child precludes dismissal of ADA associational claim.

Baby w-medical provider

To establish a claim of “associational discrimination” under the Americans with Disabilities Act (ADA), a plaintiff must demonstrate that she was discriminated against by her employer because of her relationship with a disabled person.

To substantiate a claim of associational discrimination under the ADA, an employee must establish each of the following key elements of a “prima facie” case: (1) the plaintiff was qualified for the position; (2) the plaintiff was subjected to an adverse employment action; (3) the plaintiff was known by his or her employer to have a relative or associate with a disability; and (4) the adverse employment action occurred under circumstances that raise a reasonable inference that the disability of the relative was a determining factor in the employer’s decision.

However, if a plaintiff can produce direct evidence of discrimination, he or she may prevail on the claim without having to separately establish each of the elements of the prima facie case.

Recently, one federal district court used “direct evidence” to preclude dismissal of a plaintiff’s associational disability claim, pointing to an alleged remark from the woman’s supervisor that would have forced the employee to choose between “your job or your daughter.” Manon v. 878 Education, LLC, SDNY, No. 1;13-cv-03476, March 4, 2015.

Elizabeth Manon, the mother of an infant ultimately diagnosed with Reactive Airway Disease, worked as a receptionist with 878 Education, LLC (“the School”) in New York City. Manon asserts that she was a “dedicated and conscientious employee” who was never informed of performance deficiencies.

In the six months during which she worked for the School, Manon took frequent time off for the purpose of caring for her infant daughter, who was hospitalized several times, and taken to the hospital emergency room on multiple others. In fact, during her 132 day tenure at the School, Manon arrived late 27 times, left work early 54 times, and was absent 17 days.

There was, however, no documentation of any actual problems related to Manon’s work performance, other than one verbal warning for arriving at work 6 minutes late, and one verbal reprimand for wearing jogging attire at work.

According to Manon, she informed her supervisor, Alfonso Garcia, who was the Director of Admissions for the School, that her absences were based on the fact that her daughter frequently had breathing problems and, at one point, was suffering from pneumonia. Manon allegedly informed Garcia that had her daughter been an adult, the problems would have been diagnosed as asthma; in children, however, the condition is referred to as Reactive Airway Disease, which was the ultimate diagnosis made regarding the child’s condition.

On November 14, 2012, Manon took time off to care for her daughter, with whom she had gone to the emergency room the night before. She also missed work on November 15, informing Garcia that her child required “asthma treatment every 4 hours” and remained “extremely ill.”

When Manon returned to work on November 16, Garcia terminated her employment. According to Manon, at that meeting, Garcia told her that he was “letting her go” because he wanted to hire a receptionist who had no children. (“I need someone who does not have kids who can be at the front desk at all times.”) Manon alleges that Garcia went on to ask “How can you guarantee me that [] two weeks from now your daughter is not going to be sick again?. . . . So, what is it, your job or your daughter?”

That final statement is the hook on which the court ultimately hung its “direct evidence” analysis, calling it “a ‘smoking gun’ admission that Garcia believed [Manon’s] daughter was disabled and would be frequently ill.” The statement provided evidence that linked Garcia’s hostility toward Manon’s association with her sick child to his decision to fire Manon.

Manon filed a lawsuit alleging ADA associational disability, as well as both caregiver discrimination and gender discrimination under the New York City Human Rights Law (NYCHRL). The School filed a motion for summary judgment, asking that the claims be dismissed. Although the court dismissed the NYCHRL gender claim – finding that there was no evidence in the record to suggest that the School’s decision would have been different had Manon been a man or a father – it refused to dismiss the caregiver discrimination claim or the ADA associational disability claim. Those claims will go forward to a jury unless otherwise resolved.

While there has not been a recent upsurge of associational discrimination claims, those claims are not infrequently filed. Employers should be aware of associational claims, and supervisors and managers should be regularly informed and trained on those issues. A lack of information and training could easily lead to remarks like the one alleged here, which can subject an employer to substantial legal risk.

Evidence of “color bias” may lead to jury trial under Title VII.

Colors in words of different colors

Title VII of the Civil Rights Act prohibits employment discrimination against an individual because of that person’s “race, color, religion, sex, or national origin.” While courts routinely address claims of race discrimination, claims of discrimination on the basis of color alone are far less frequently reviewed.

Recently, in a case of first impression, the 5th U.S. Circuit Court of Appeals reversed a lower court’s dismissal of a case in which a plaintiff claimed that she was passed over for a managerial position because she was a “dark skinned black person.” The Fifth Circuit based that reversal on statements that it deemed to be “direct evidence” of color discrimination. Etienne v. Spanish Lake Truck & Casino Plaza, LLC, 5th Cir., No. 14-30026, February 2, 2015.

Esma Etienne was a waitress and bartender at Spanish Lake Truck & Casino Plaza (“Spanish Lake”) in New Iberia, Louisiana, and routinely was rated as an excellent performer who exceeded the requirements for her position. After working at Spanish Lake for three years, Etienne was passed over for a promotion to a managerial position. The position ultimately was filled by a white female waitress trained by Etienne.

Etienne filed a lawsuit, alleging failure to promote based on race and color. To support those allegations, Etienne submitted an affidavit from a former manager, who testified that Bernard Terradot, Spanish Lake’s general manager, allocated responsibilities to employees based upon skin color. According to the affidavit, Terradot and his wife had stated on multiple occasions that he would not let a “dark skinned black person handle any money” and that he believe that Etienne was “too black” to do various tasks.

The lower court granted summary judgment in favor of Spanish Lake, relying heavily on the fact that most of the managers at Spanish Lake were of the black race. On appeal, however, the Fifth Circuit stated that although it “never recognized ‘color’ as a separate unlawful basis for discrimination by employers,” the text of Title VII was “unequivocal” on the issue, and precluded color discrimination.

To prevail at the summary judgment stage of litigation – which allows a judge to dismiss a matter prior to the jury’s review – Spanish Lake had to show that a reasonable jury would have concluded that the same promotional decision would have been made absent the alleged discrimination. The Fifth Circuit held that evidence of Etienne’s qualifications, coupled with the direct evidence regarding Tarradot’s statements, were sufficient to allow the case to go to a jury. The dismissal was vacated, and the case was remanded for trial.

In this case, “color” discrimination was reviewed by the appellate court as a stand-alone discrimination claim – something not frequently seen to this point. Employers should recognize the two issues touched upon in the Fifth Circuit’s decision: (1) that “color” is referenced under Title VII as a separate basis for discrimination and, therefore, should not be discounted when complained of by an employee; and (2) that evidence of statements related to skin color as a basis of job assignment is likely to be viewed by the courts as direct evidence of discrimination, and not simply as “stray remarks.”

Employees suspended without pay may be entitled to COBRA notice.


The Comprehensive Omnibus Budget Reconciliation Act of 1986 (COBRA) – part of the Employee Retirement Income Security Act (ERISA) – imposes an obligation on a healthcare coverage plan administrator to notify any employee covered by the administrator’s plan of that employee’s right to continue health insurance coverage for up to 18 months after a “qualifying event.”

One federal district court has determined that the Baltimore City School Board breached its duties under COBRA when it failed to provide the required notice to two individual employees suspended by the school system, without pay. Green v. Balt. City Bd. of Sch. Commissioners, Dist. Md., No. WMN-14-3132, January 22, 2015.

Anna Green and Carolyn Richards both were recommended for termination, but initially were suspended by the School Board of the Baltimore City Public School System (“the System”) without pay. Working hours for both employees were adjusted to zero, but both remained eligible for coverage under the System’s health care plan and were automatically enrolled without further action from either of them.

System employees generally are removed from coverage only if there is a final termination of employment, the employee fails to pay the premiums due, or the employee specifically requests removal from coverage. Here, health care benefit coverage continued for both Green and Richards, but the System stopped paying any share of the premiums.

Green learned of the continued coverage when medical care she received was mistakenly billed through the System plan rather than her new employer’s plan. At that time, Green submitted a written request to be removed from the System’s plan, but was asked to pay the outstanding premiums for the period in which she had (unknowingly) been covered by the System’s plan.

Richards’ coverage also was continued with her knowledge. However, Richards chose to forego needed medical treatments, believing she had no health insurance coverage. However, once Richards officially resigned her employment, she received a bill for $4,076.59 for unpaid contributions to the plan.

Green and Richards brought a legal action in federal court under ERISA/COBRA. The School Board moved to dismiss, to which the plaintiffs responded with a motion for summary judgment.

The System argued that a “reduction in hours alone is not a qualifying event triggering the notice requirement,” and further argued that such reduction in hours must be accompanied by a “loss in coverage” to trigger COBRA notice.

The plaintiffs argued that their reduction in hours actually triggered a loss in coverage (when they became responsible for all premiums) and, therefore, was a qualifying event.

The court agreed with the plaintiffs, pointing out that the System’s interpretation of “loss in coverage” – going from eligible to ineligible for coverage only – was overly narrow. The applicable regulations, according to the court, define “loss of coverage” more broadly, as “to cease to be covered under the same terms and conditions as in effect immediately before the qualifying event.” According to the court, under that definition, the increase in premiums expected to have been paid by Green and Richards constituted a “loss in coverage” which resulted directly from their reduction in work hours. The reduction of hours that occurred when they were suspended therefore constituted a “qualifying event” that required COBRA notice.

In reviewing the competing motions, the district court denied the System’s motion to dismiss, and granted the plaintiffs’ motion for summary judgment.

The court then issued a declaration that each of the two plaintiffs suffered a qualifying event on the date of her suspension, triggering the employer’s obligations under COBRA. The court held that all invoices and bills issued to Green and Richards after the qualifying event were null and void.

Employers should be aware of this case and its implications. To act without being fully aware of the nuances of the COBRA regulations can lead to unintended legal liability under that Act.

Once more into the (data privacy) breach. . . .!

cyber attack

This post is excerpted from an article Honored in the Breach: Employer Action Items for an Insurer Data Breach, written by Timothy G. Verrall (Houston), Stephen A. Riga (Indianapolis), and Danielle Vanderzanden (Boston), which appeared on Ogletree Deakins Blog.

On February 5, 2015, Anthem Blue Cross and Blue Shield, one of the largest health insurers in the country, notified its policyholders, members, and business partners that it recently had been the target of an external cyber attack. The attack appears to have comprised the confidentiality of medical and other personal information maintained on Anthem’s information technology (IT) system.

The information at issue includes names, birthdays, medical identification numbers, Social Security numbers, addresses, employment information, and other similar information of over 80 million current and former members. The notices that Anthem delivered to those potentially affected by the attack indicate that this attack did not compromise medical or credit card information.

An employer facing news that its insurer or third-party administrator (TPA) has experienced a data breach may find such news both confusing and alarming. Even if no medical information was compromised, identifying information associated with a means of paying for medical services—such as current or former members’ enrollment in health insurance, or information about members’ health claims from a TPA—qualifies as protected health information (PHI) under the Health Insurance Portability and Accountability Act of 1996 (HIPAA). This is true even if neither diagnostic codes nor other sensitive information is included among the identifying information.

If a plan participant’s name, Social Security number, address, or other identifying information were to be compromised while held by an insurer or TPA, such disclosure would constitute a breach for purposes of the Health Information Technology for Economic and Clinical Health (HITECH) Act and HIPAA. In that situation, state-level breach notification laws also are likely to be implicated.

Employers’ Obligations

As companies consider how to respond on behalf of their health plans, employers’ obligations will depend on the relationship between that employer and its health plan and the insurer or TPA.

  • Insured Plan—If the plan is insured, the insurer is the covered entity responsible for investigating the situation, undertaking appropriate mitigating measures, and providing all required notices to plan participants, regulators, and, sometimes, the media.
  • Self-Funded Plan—If the plan is self-insured, the responsibility for investigating a breach and providing any required notice, by default, falls on the plan and the employer as its sponsor. If, however, the employer has outsourced the claims administration role (as is typically the case), the TPA may have the contractual obligation for assessing and responding to the breach. At a minimum, the TPA will have a notice obligation to the plan/employer and a responsibility to provide details surrounding the breach.

In all cases, under state breach notification laws the party that held the data when the breach occurred is responsible for issuing the notice. State laws govern who must provide notice and define the contents and recipients of such notices. Employers should identify the implicated states and comply with their obligations in the relevant jurisdictions.

Action Items for Employers Regarding Anthem

Initial action items for employers include:

  • Define the relationship between the employer’s health plan and Anthem. Is Anthem acting as an insurer or as a TPA for the plan?
  • If the plan is insured, the notification obligation resides primarily with Anthem, and based on Anthem’s public communications thus far, it appears that Anthem is proceeding with the mitigation and notice process.
  • Besides notifying the affected individuals, employers should review their insurance contract documents and evaluate their provisions regarding data privacy and security. Ultimately, if the plan is fully insured, Anthem should be responsible for HIPAA and HITECH compliance and the proper issuer of notices under state data breach laws.
  • If the plan is self-insured and Anthem serves as TPA, the employer should closely examine its service contract and “business associate agreement.” In particular, the employer should focus on the breach assessment and notice provisions and determine who is responsible for evaluating possible breaches and issuing required notifications to the affected individuals.
  • Examine the information that Anthem has provided regarding its handling of the breach and make sure that those actions coincide with the contractual provisions, HIPAA, HITECH, and applicable state breach notification laws.
  • If the employer retains responsibility to provide the required notice, determine whose data was compromised, identify the actions required to protect the data and mitigate harm, and prepare the notices necessary to comply with the plan’s obligations under HIPAA and state law.
  • The employer must likely work with Anthem to collect the detailed information to prepare the required notices, and Anthem has an obligation to provide the employer with the information to prepare that notice. Additional information about breach response under HIPAA and HITECH, is available in a prior article on this subject, No Harm, No Foul, No More—New HIPAA “Breach” Standards Seek to Provide Consistency, Objectivity.”
  • Consider additional steps the employer should take to mitigate any harm caused by the breach. Review the service agreement and business associate agreement for any provisions governing mitigation obligations and indemnification clauses for the employer’s ability to recover for costs related to the breach.

Although Anthem was the victim of this cyber attack, recent large-scale data breaches with major retailers and financial institutions demonstrate that all forms of sensitive personal information can be vulnerable to exploitation, and the employee benefits world is not immune from these challenges. Other major health insurers and benefits consultants, insurance brokers, and third-party administrators are likely vulnerable to similar attacks in the future, and employers should be prepared to respond quickly if their plans or business partners are affected.


Supervisor’s knowledge of unreported overtime may lead to liability under the FLSA.

off the clock

The Fair Labor Standards Act (FLSA) requires employers to pay to non-exempt employees at least one and one-half times the employees’ regular hourly wage for every hour worked in excess of 40 in a week. Courts regularly have held that the goal of the FLSA is to counteract the inequality of bargaining power between employees and employers.

Recognizing that goal, the 11th U.S. Circuit Court of Appeals recently held that if an employer knew – or had reason to know – that an employee has under-reported work hours, that employer cannot escape liability under the FLSA by asserting, as a defense, that the employee inaccurately and purposely reported his or her work hours incorrectly and therefore has “unclean hands.” Bailey v. TitleMax of Ga., Inc., 11th Cir., No. 14-11747, January 15, 2015.

Santonias Bailey worked at a TitleMax store in Jonesboro, Georgia, for under a year. Bailey alleges that during that time, he worked overtime hours which he did not report, and for which he was not paid. Bailey asserts that he worked “off the clock” because his supervisor told him that TitleMax “does not allow overtime pay,” and that he was encouraged not to report overtime hours when recording his work time. Bailey further alleges that his supervisor changed his hours, at one point adding an unpaid lunch hour when, in fact, Bailey claims to have worked through lunch.

Bailey sued, claiming violation of the FLSA, and TitleMax moved for summary judgment. That motion was granted by a district court that pointed to Bailey’s violation of company policies requiring accurate time entries by employees.

However, on appeal, the Eleventh Circuit reversed that decision, holding that once an employee has established that he or she has worked overtime without pay, and that the employer knew (or should have known) that overtime was worked, no “equitable” defenses can be asserted to defend against the FLSA claim.

An equitable defense shifts most or all of the responsibility to the employee. Here, TitleMax claimed that Bailey did not follow the company’s policy for reporting accurate time records, and/or should have complained about his supervisor’s directives about working unpaid overtime.

The Eleventh Circuit rejected those equitable defenses, finding that the evidence indicating that Bailey’s supervisor knew of the underreporting precluded the assertion of the equitable defenses. To do otherwise, said the Court, would contravene the purpose of the FLSA, and would allow an employer to rely on written policies regarding accurate reporting, while allowing supervisors to undermine those policies by encouraging, or even requiring, under-reporting.

This case was remanded back to the lower court to allow Bailey’s claim to go forward to trial. While the Eleventh Circuit’s ruling does not assure that the employee will succeed at trial, it seems to impose another level of diligence on employers.

This holding goes beyond the FLSA’s requirement that employers should have policies and procedures for assuring accurate reporting of work hours, and imposes an affirmative duty on employers to assure that supervisors and managers are not making statements contradictory to those policies, with or without the company’s imprimatur.