Law360 is providing free access to its coronavirus coverage to make sure all members of the legal community have accurate information in this time of uncertainty and change. Use the form below to sign up for any of our weekly newsletters. Signing up for any of our section newsletters will opt you in to the weekly Coronavirus briefing.
Sign up for our Intellectual Property newsletter
You must correct or enter the following before you can sign up:
Thank You!
Law360 (March 18, 2020, 3:07 PM EDT )
Jeremy Feigelson |
Avi Gesser |
Jyotin Hamid |
Tricia Sherno |
Brooke Willig |
Remote work arrangements can thus provide a useful tool to limit COVID-19 risk — but they can also pose legal risks or challenges to which companies should stay alert.
Government agencies have begun actively encouraging employers to develop remote work policies and programs. For instance, in its Interim Guidance for Businesses and Employers, the Centers for Disease Control and Prevention expressly asks employers to explore "policies and practices, such as flexible worksites (e.g., telecommuting) ... to increase the physical distance among employees."[1]
Similarly, the Occupational Safety and Health Administration's Guidance on Preparing Workplaces for COVID-19 recommends "[m]inimizing contact among workers, clients and customers" by means of "virtual communications and implementing telework if feasible."[2]
The U.S. Department of Labor has likewise made clear that employers "may encourage or require employees to telework as an infection-control strategy,"[3] and the U.S. Equal Employment Opportunity Commission has agreed that "[t]elework is an effective infection-control strategy."[4]
Companies confronting COVID-19 are thus strongly encouraged to consider promoting or facilitating remote work arrangements where possible. In doing so, however, they should stay mindful of certain legal risks and challenges posed by teleworking programs, particularly when implementing new policies quickly or for workplaces unfamiliar with remote work. Below are a few key reminders and practice points for developing remote work arrangements:
1. Be mindful of discrimination risks.
A remote work policy cannot treat employees differently on the basis of any protected characteristic, such as age, disability or perceived disability status, or national origin. Federal, state and local laws against discrimination in employment remain in full effect, so employers should not, for instance, ask only those over a certain age, those with preexisting conditions or those from certain countries to work from home.
Employers should also ensure that employees receive any necessary reasonable accommodations in accordance with the Americans with Disabilities Act as the nature of the workplace changes and employees are asked to contend with new technologies. For example, it is possible that disabled employees may require special equipment or technology at home in order to continue to perform the essential functions of the job.
More generally, employers should keep in mind the stresses faced by employees during uncertain times and the potential for stressful situations to negatively affect a company's culture and morale. Employers should stay attuned to workplace dynamics even when some or all of the employees are working remotely to make sure that employees are continuing to treat each other with respect and are not taking actions based on cultural biases or stereotypes.
It will be important to foster a sense of community while teleworking and to affirmatively promote the company's policies against discrimination and harassment, such as by holding regular teleconferences, sending out periodic email reminders of the company's commitment to a safe and respectful workplace, and encouraging supervisors to regularly check in with workers.
2. Manage timekeeping and overtime risks.
As with laws against discrimination, employers must continue to follow the wage and hour laws. In particular, for nonexempt employees who work remotely, their remote work is still considered "hours worked" for purposes of wage and hour requirements like overtime and minimum wage. Employers must thus make sure that nonexempt remote workers accurately record their time worked in the absence of usual clock in and clock out procedures.
Employers can use a number of different tools for maintaining appropriate timekeeping for nonexempt employees, including electronic time sheets, documenting hours via personal or group spreadsheet, or asking employees to email managers when they clock in and out.
Whichever system is used, managers will need to be diligent about reminding employees that the same timekeeping policies apply, such as by sending out an email reiterating the policies and telling employees to sign off if they are sending emails after hours or otherwise working unauthorized overtime. Employers should also closely monitor the reporting of hours worked to make sure that their remote timekeeping system is effective and employees are not reporting incorrect times (e.g., simply listing 9 a.m. and 5 p.m. every day).
3. Remember employee expense and equipment reimbursements.
Once employees are working remotely, they may in certain states be eligible for reimbursement for cell phone, internet or equipment used in furtherance of the employer's business.
In California, for instance, courts have required employers to reimburse a reasonable percentage of employees' phone bills and internet bills when they use their devices for work, even if those employees have unlimited phone or data plans and incur no additional expenses as a result of the work usage. Additional states with expense reimbursement laws include Illinois, New Hampshire, Massachusetts, Pennsylvania, Washington, D.C., and others.
Employers in these jurisdictions — and elsewhere — may want to consider the expenses they now expect employees to incur while teleworking and assess what reasonable reimbursement amount should be paid to employees.
4. Take cyber risks seriously.
With more remote work comes more opportunities for business disruptions from technological glitches. First and foremost, companies should make sure that they can handle the remote capacity expected from new remote work arrangements, such as by running tests where employees log on simultaneously before implementing full-scale teleworking. Similarly, employers should try to anticipate the additional burdens on information technology resources and staff and provide support as needed.
Companies should also be alert to potential cybersecurity risks. Be on the lookout for coronavirus phishing scams — like fake CDC updates or IT alerts — and make sure that legitimate mass emails to employees do not look like or get discarded as phishing emails. Employers may also want to consider investing in secure video or telephone conferencing systems and checking with vendors to ensure that they are prepared against cybersecurity threats.[5]
5. Protect confidential information.
Working outside the office may mean that trade secrets or sensitive business information also have traveled outside the office. Employers should make sure that employees are aware of company policies on confidential information and information security and, in particular, are aware of how those policies play out in a remote work setting.
For instance, employers should make clear to employees what physical items are acceptable to be taken from the workplace and what precautions should be taken for confidential documents and information, such as keeping them out of public spaces or maintaining a folder or box for documents that need to be disposed of securely. Where companies require protected remote access, they should remind employees of that requirement and reinforce prohibitions on workarounds that may become more attractive during a prolonged period of teleworking.
6. Consider the effects on all aspects of the business.
Remote working can have an impact on all aspects of a business, so employers should think broadly and critically about how telework may affect normal business functions, including hiring, discipline and terminations. For instance, if hiring new employees during a period of remote work, employers should remember that the I-9 rules require an employer to review original identity and work authorization documents in the physical presence of the employee within three days of onboarding.
Employers may, however, designate an individual to serve as an agent for the in-person review of the documentation, so employers may want to consider a protocol for designating an agent to ensure the I-9 process is compliant. Similarly, employers will want to consider how to continue with training, feedback and discipline functions and will need to seriously consider how to handle any necessary terminations during the period of remote work.
Jeremy Feigelson is a partner and co-chair of the cybersecurity and data privacy practice at Debevoise & Plimpton LLP.
Avi Gesser and Jyotin Hamid are partners, Tricia Bozyk Sherno is counsel, and Brooke J. Willig is an associate at the firm.
The opinions expressed are those of the author(s) and do not necessarily reflect the views of the firm, its clients, or Portfolio Media Inc., or any of its or their respective affiliates. This article is for general information purposes and is not intended to be and should not be taken as legal advice.
[1] https://www.cdc.gov/coronavirus/2019-ncov/community/guidance-business-response.html.
[2] https://www.osha.gov/Publications/OSHA3990.pdf.
[3] https://www.dol.gov/whd/healthcare/flu_FLSA.htm.
[4] https://www.eeoc.gov/facts/pandemic_flu.html.
[5] You can find more information on cyber preparedness in the face of COVID-19 at https://www.debevoise.com/insights/publications/2020/03/debevoise-coronavirus-checklists-cybersecurity.
For a reprint of this article, please contact reprints@law360.com.