Sony Hack Spawns Lawsuit from Former Employees

The Sony Hacking Lawsuit

A lawsuit has been filed in the Central District of California on 12/14/2014 on behalf of former employees of Sony Corporation claiming that former employees have been damaged by the hacking of Sony’s IT systems. The complaint filed in Los Angeles federal court claims that Sony “failed to secure its computer systems, servers and databases, despite weaknesses that it has known about for years” and “subsequently failed to timely protect confidential information of its current and former employees from law-breaking hackers.”

The scale of the breach is breathtaking. According to the suit over 47,000 employees had data revealed including: unique social security numbers and names, birth dates, home addresses, email addresses, salary information. According to Identity Finder LLC, the personal information was copied more than 1.1 million times throughout the 601 files stolen by hackers. The personal info was found in more than 500 spreadsheets, 75 PDF files, and several Word documents, none of which were password protected.

HRIS Systems Security Obligations and Liability
The exposure of sensitive employee information should give everyone in the HRIS industry some concern. The Sony hacking situation is unique in that the attackers appear to have stolen all sorts of data with the very public intention of harming the company. How often is employee data stolen when it is never publicly revealed? Let’s face it, no company wants it revealed that hackers stole employee data. That is bad press and feeds more legal exposure. There is no way of knowing how many times this happens because companies won’t disclose it and if it is discovered, things will be settled quietly out of court. Can you imagine the impact to a payroll/HRIS provider like ADP or Paychex if they were hacked and it became known that sensitive employee identity, wage, performance and health insurance information was exposed to the criminal elements around the globe? According to ADP, they serve over 400,000 clients and pay 31 million people worldwide. If they were hacked like this is it would be game over.

Impact for Cloud HRIS Vendors
Companies who outsource their HRIS and Payroll to a cloud based vendor may want to take a hard look at their exposure should that vendor get hacked and their employees damaged. Many PEOs have moved from in house IT datacenters, to cloud based providers. All PEOs need to take a hard look at their security practices for with their clients/employee information. PEOs using cloud based solutions need to review their agreements and determine just who is on the hook if something like this happens to them.

Image courtesy of Alexandre Dulaunoy at flickr


2014 State UI Solvency Report Released – SUTA/FUTA

The United States Department of Labor’s (DOL) Office of Unemployment Insurance recently released results of its review of state unemployment trust fund loan status. If a state’s unemployment insurance trust fund is insolvent, states are permitted to borrow from the federal government’s Unemployment Trust Fund in order to meet the state’s expenditures for unemployment compensation benefits. Federal loans for UI shortfalls must be repaid in accordance with federal law and in 2014, a number of states are being penalized, through federal credit reductions, due to outstanding loans. See if your state’s Federal Unemployment Tax (FUTA) rate will be increasing in 2015.

2014 FUTA Rates by State


Yeah Boss, I am really sick.

California Passes Paid Sick Leave Law:
What Employers Need to Know

Note: The following article was sourced from Gonzales, Saggio & Harlan LLP
Their website is SGILLP and was authored by Rebecca Newman, ESQ

While employers in other states may watch leaves turn from green to yellow to orange, California employers are accustomed to seeing many new yellow cautions and red flags each fall. Among a number of new legal requirements for California employers, from anti-bullying components to harassment training for managers to protecting unpaid interns and apprentices under the state’s antidiscrimination statute, Governor Jerry Brown also signed the Healthy Workplaces, Healthy Families Act of 2014 (“HWHFA”), which requires employers to provide paid sick days to employees effective July 1, 2015.

Currently, Connecticut is the only other state in the country with a paid sick leave law, though some major cities, such as San Francisco; New York City; Portland, Oregon; Washington, D.C.; and Newark, New Jersey, have already enacted paid sick leave provisions. California’s HWHFA goes a step further than most other paid sick leave laws and ordinances in that it applies to all employers regardless of company size, subject to a few exceptions detailed below.

Here’s the quick breakdown of employer requirements under HWHFA:
Accrual: Employees working in California for 30 days or more per year will begin accruing at least one hour of sick pay per every 30 hours worked, as of July 1, 2015, or the first day of work, whichever is later. Exempt employees are deemed to work 40 hours per week for purposes of the law, unless their normal workweek is less than 40 hours. Employers can limit accrual to six days, or 48 hours, per year.

Use: Employees’ accrued sick time can be used after 90 days of employment. Paid sick leave can be used in minimum increments of two hours or more.

Carry-Over: Accrued sick days carry over to the following year of employment, but employers may limit an employee’s use of paid sick days to three days, or 24 hours, per year of employment.

Eligibility and Use: Paid sick leave can be used for the illness or preventative care of an employee or an employee’s family member (defined as a parent, child, spouse, registered domestic partner, grandparent, grandchild, or sibling). Paid sick leave can also be used for employees who are victims of domestic violence, sexual assault, or stalking, as described in California Labor Code Sections 230 and 230.1. As these issues were referenced in the bill’s findings, it is clear that the California legislature enacted HWHFA in part in order to mandate paid sick leave provision to such victims.

Compensation: Paid sick days are compensated at the same wage rate as the employee normally earns during regular work hours. If, in the 90 days before an employee is eligible to use the sick leave, the employee has varying rates of pay (or was paid by commission or piece rate, or was non-exempt and salaried), the rate of pay is determined by dividing the employee’s total wages (except overtime) during the 90 days by total hours worked in that period.

Unlike paid vacation days, paid sick days do not have to be paid out at the termination or separation of employment. HWHFA does not apply to employees covered by collective bargaining agreements that provide paid sick leave terms and certain wage rates, to providers of in-home supportive services, and to individuals employed by air carriers as flight deck or cabin crew members.

How will this affect the many employers who already provide discretionary PTO benefits to their employees? For these employers, if their PTO policy (1) can be used for the illness or preventative care for the employee or eligible family members, (2) provides at least three days, or 24 hours, of equivalent paid time off per year, and (3) meets the accrual, use, and carry-over requirements discussed above, their policy does not need to be altered. There are, however, notice, posting, and record-keeping requirements under the law, and it may be advisable to consult with employment counsel to review existing policies for compliance.

California employers without a PTO policy may want to consider creating a wholly separate, compliant paid sick leave policy. Although many employers have moved away from separating sick leave from other types of leave, opting instead for a regular “no-hassle” PTO policy, in light of HWHFA it may be easier for employers without PTO policies to tailor their paid sick leave policies to the law’s requirements. For employers interested in doing so, there are a few things to keep in mind. First, the policy must apply to both non-exempt and exempt employees, so a full-time salaried employee working 2,080 hours per year would accrue approximately 8.66 sick days (69.33 hours) per year. However, an employer may limit use of paid sick leave to three days (24 hours) per year of employment, and can limit total accrual to six days (48 hours).

Employers should also consider HWHFA’s interaction with California’s Kin Care requirement, which authorizes employees to use up to one-half of annually accrued sick leave to take time off to care for a sick family member. Previously, Kin Care did not apply to employers who did not have specific paid sick leave policies, but now that all California employers must have such policies, employers need to become more familiar with Kin Care requirements.

Importantly, HWHFA has a prohibition against taking any adverse action against an employee for using accrued sick days, including a presumption of retaliation if the employer takes any action against an employee for using the leave or after the employee has complained about any issues with their sick leave. For example, if an employee has procedures in place in the event of an unexpected absence, an employee who fails to follow such procedures, but invokes their accrued sick time for protected reasons, may be insulated from adverse action. The Labor Commissioner has jurisdiction to investigate and enforce the law, which carries hefty penalties similar to other wage and hour violations for unlawful withholding of sick days or other related violations.

As with many new laws, there are still open questions raised by HWHFA. The law does not specify whether employers may require a doctor’s note or certification from employees before applying accrued paid sick days to absences. Moreover, an employer cannot require that the employee find a replacement for the time they are out sick. As several other state legislatures introduced paid sick leave bills in 2014, all employers should closely monitor such legislative developments in the states in which they do business. California employers in particular should check in with employment counsel as they weather the fall and winter and prepare for paid sick leave next summer.

Progressive Employer Services Gets New Leadership

The Tampa Bay Business Observer has a great story about the new management team at Progressive Employer Services in Sarasota, Florida.  It seems that once an executive gets a taste for the PEO industry, it is to hard shake.

View the story here.

Progressive handles payroll, workers’ compensation, employee benefits and human resource services for a variety of businesses, mostly companies with five to 25 employees. The firm had $74 million in revenues in 2013, up 8.8% from 2012, when it had $68 million.

Burgess says the firm’s clients are “blue collar and gray collar, with a smattering of white collar.” That covers construction, hospitality and service sectors. Progressive’s geographic targets stretch from Florida to the Carolinas to Texas, and most of the states in between. The firm, in total, oversees around 40,000 worksite employees — a figure Burgess would like to see hit 75,000 by 2019.

Have comments about this story?

3 Ways

3 Ways to come up with 3 ways to make a list of irresistible links

Has anybody else noticed how lame most social media / promotional media have become? We all know that to get someone to actually read your material is a challenge. There is a tsunami of web based material being published every day and it seems that taking the time to write an article of depth and quality is now out of favor. Hey, just write a quick list type article, and then tweet about it. Now rinse and repeat. The half life of your new web content is a matter of minutes so frequent and shallow content is the word of the day. This is like a cocktail party where a loudmouth drunk is yammering incessantly and will not let anyone get a word in edgewise. In fact is worse than that because the current internet marketing model rewards the loudmouth. Any real conversations are drowned out by the noise.

So back to that marketing piece – make that list!
So what kind of list should you create? It really doesn’t matter but what is important is to get your headline to grab people’s attention. Here are some sure fire methods:

Schadenfreude – pleasure derived from the misfortunes of others.

Everyone loves to revel in how others have screwed up.
For Example:

  • Three CEOs now on skid row
  • Three housewives whose deep dark secrets cost them everything
  • Three former centerfold women now over 300 pounds

See how that works? Who could resist that headline!

Go Negative

Provide reinforcement for people who want negative information. People like reinforcement for their belief that others people are bad or seek confirmation they themselves are not bad.

For example:

Ten things bad bosses do

  • This is great because if you have a boss you can see if they do those bad things!
  • If you are a boss, you can see if you are a bad one!

Five mistakes bad parents make.

Holy smokes, I’m a parent and I want to be a good one, I gotta read that. Or, I have parents, did they make these mistakes with me? I gotta know.

Play on Stereotypes

How about the headline that plays against stereotypes?
For Example:

  • Three Rap artists who don’t like guns and weed.
  • Three CEOs who actually fly coach
  • Three people on EBT who are actually multimillionaires

Make ridiculous and outrageous statements

  • Three ways to make your iPhone in to a coffeemaker
  • Five top hedge funds hire palm readers and fortune tellers
  • Three people who think Barack Obama was a actually a constitutional law professor

3 ways to make your list:

1) Get your phone or PC device out.
2) Open a notepad or your favorite editor
3) Type three things in this order:
Thing One
Thing Two
Thing Three
Viola, you now have a marketing masterpiece!

Can’t think of anything original? It doesn’t matter, what is important is that you have an article with a list of things. Now you can tweet about it! Yeah!