Veronica D. Jackson

As record-high temperatures enveloped most of the U.S. earlier this month, the federal Occupational Safety and Health Administration (OSHA) released a proposed rule for comprehensive heat injury and illness prevention. The proposed rule, “Heat Injury and Illness Prevention in Outdoor and Indoor Work Settings,” was many years in the making and would affect employers throughout the United States. In the interim, OSHA and various state regulators that have not already adopted their own laws are issuing citations under Section 5(a)1

Maryland will soon have some of the strictest data protection and privacy requirements in the nation after the Maryland Online Data Privacy Act of 2024 (MODPA) was signed into law by Gov. Wes Moore last week. The law expands the scope of businesses’ personal data protection obligations and consumer privacy rights, offering protections that are aligned with contemporary concerns about data privacy and consumer autonomy. The MODPA goes into effect Oct. 1, 2025 and has a cure period that extends through April

The Federal Trade Commission (FTC) on Tuesday, in a 3-2 vote, approved a final rule banning non-competes in almost all employment contexts. This sweeping rule, while not unexpected, has caused quite a stir among employers and workers alike. Here is what employers need to know. Background The rule, which was first proposed in January, comes on the heels of the Biden administration’s 2021 executive order designed to “promote competition in the American economy, which will lower prices for families, increase wages

Sharing personal data across borders is critical for organizations operating and doing business internationally. Doing so in compliance with data security and privacy laws, however, can be a complex and challenging exercise due to the differing protections and transfer mechanisms across jurisdictions and countries. Thanks to recent developments between the United States, European Union and United Kingdom, U.S. companies once again have an easier pathway to share and receive data from their business partners and related entities in the EU

The Occupational Safety and Health Administration (“OSHA”) recently unveiled a new National Emphasis Program (“NEP”) for outdoor and indoor heat-related hazards. To best protect workers in hot working environments, particularly in a climate of ramped up enforcement, employers are wise to devote considerable attention to understanding heat-related hazards, appreciating OSHA’s planned expansion of heat-related inspections, and preparing workplaces in response to the rollout of the heightened enforcement program. Especially during a summer of record-breaking temperatures, it is never too late

When can a data breach can get worse? When the process of notifying victims creates a second breach. Take the example of a cancer treatment center that recently paid $425,000 to settle allegations that included a faulty notification process following a breach. The story provides an important lesson. One Breach Leads to Another It began with a spear phishing attack. Employees at the facility fell victim to the attack and their email accounts were compromised. The result: protected health information and other

On September 9, 2021, President Biden announced a sweeping six-pronged plan aimed at addressing the nation’s most recent surge of coronavirus cases fueled by the formidable delta variant. As part of that plan, Biden declared expansive measures, including vaccine mandates that are projected to impact over eighty-million employees in private sector businesses, and have far reaching impacts for employers across multiple industries. As such, employers should be mindful of the following policies to be implemented under Biden’s Action Plan in

On June 21, 2021, the Occupational Safety and Health Administration (“OSHA”) published its first mandatory COVID-19 workplace safety rule, which as discussed below, also includes a surprising paid leave component for vaccination, vaccination side effects, and employees that contract COVID-19. The long-awaited Emergency Temporary Standard (“ETS”) applies only to employers in certain healthcare-related work settings and is the first time since the start of the pandemic that OSHA has imposed regulatory requirements relating to COVID-19 workplace safety.  Before the issuance

You don’t need a legal blog to tell you that the country is in a state of extreme unrest regarding the killings of George Floyd, Ahmaud Arbery, Breonna Taylor and so many other Black people, at the hands of police and in other racially charged incidents. People in the United States and abroad have engaged in protests about issues related to race in America, including police brutality and institutional racism. In addition to people protesting in the streets, millions more

While response and preparedness efforts are in full swing throughout the country and globally, many employers are tackling how to handle a variety of employment issues in the face of the coronavirus pandemic. Most of our clients and other readers have likely already encouraged their employees to practice good hand washing and social distancing, and to stay home when they are sick, as the CDC has suggested through its Interim Guidance for Businesses and Employers. Beyond these recommendations, here are

Data security and privacy concerns have become one of the top issues keeping business leaders up at night. According to the Ponemon Institute’s 2018 study regarding the cost of data breaches, data breaches are increasingly costly and result in more consumer records being lost or stolen, year after year. 1 In 2017, for example, the average per capita cost of a data breach rose from 2016’s average of $141 to $148, an increase of 4.8%. 2 To help address these concerns, employees should be

There is a growing trend to regulate biometric data and severely punish companies that do not adequately protect this data. Every company that collects or uses biometric data should be careful to ensure compliance with applicable laws intended to protect this sensitive information. What is Biometric Data? Biometric data is generally defined as ‘unique physical identifiers including fingerprints, facial structures, iris scans, and voiceprints.’ While there are no current Federal laws governing the collection, use, and protection of biometric data, several states

The EU General Data Protection Regulation (GDPR) took effect on May 25, 2018. Potential fines for violating the GDPR include up to four percent of an organization's annual profits or €20 million (approximately $23 million), whichever is greater. Despite the risks associated with failing to meet the GDPR standards, many companies are still working towards compliance.   If you are among this group, it is critical to not give up but, rather, to focus on actively continuing efforts to achieve (and

The EU General Data Protection Regulation (GDPR) took effect on May 25, 2018. Potential fines for violating the GDPR include up to four percent of an organization's annual profits or €20 million (approximately $23 million), whichever is greater. Despite the risks associated with failing to meet the GDPR standards, many companies are still working towards compliance.   If you are among this group, it is critical to not give up but, rather, to focus on actively continuing efforts to achieve (and

California enacted the California Consumer Privacy Act on June 28, 2018. This law broadly expands the rights of California residents in their personal information collected through online means. The law imposes requirements tied to disclosure of what personal data is collected, how it is used, and with whom a data collector shares this information. Individuals may opt out of having their data sold. Data collectors are also required to provide specific disclosures in connection with security breaches of the data.

The EU General Data Protection Regulation (GDPR) took effect on May 25, 2018. Potential fines for violating the GDPR include up to 4 percent of an organization's annual profits or €20 million ($23 million), whichever is greater. Despite the risks associated with failing to meet the GDPR standards, many companies are still working towards compliance.   If you are among this group, it is critical to not give up but, rather, to focus on actively continuing efforts to achieve (and maintain)

The EU General Data Protection Regulation (GDPR) took effect on May 25, 2018. Potential fines for violating the GDPR include up to 4 percent of an organization's annual profits or €20 million ($23 million), whichever is greater. Despite the risks associated with failing to meet the GDPR standards, many companies are still working towards compliance.   If you are among this group, it is critical to not give up but, rather, to focus on actively continuing efforts to achieve (and maintain)

Employers are abuzz about the upcoming start of the Maryland Healthy Working Families Act, which goes into effect this Sunday, February 11, 2018.  Contrary to some local news reports, efforts to delay this bill have not yet been successful and will still be an uphill battle.   As readers may recall, House Democrats recently won a six-year battle for paid sick leave, which ended with an override of Governor Hogan’s veto. As we reported to you last month, the Maryland General Assembly

As employers prepare to send employees their W-2s for last year by the end of the month, cybercriminals are preparing phishing emails under the guise of company executives requesting personal information on employees. The IRS has warned payroll and human resources professionals of the surge in these schemes particularly during the tax season when companies’ guards may be down and such requests may not appear out of the ordinary. These hackers have become more sophisticated in their schemes by researching the names of company

In the wake of the latest massive data breach, this one involving Equifax, more and more companies are likely wondering what they should do in the event that they are faced with a data breach that exposes the personal data of their employees or customers. Data security incidents involve complex legal issues that must be navigated carefully to reduce the risk of improper (or unnecessary) breach notification, attention from state and federal regulators, and potential class actions related to the