Category: Archive

Posted on

HR Organizations Promote Electronic Citizenship Verification Legislation

Prospects for broad immigration reform are dim, but legislation focusing on border security and work-site enforcement could be headed to the House floor.


The bill, written by Rep. Health Shuler, D-North Carolina, would require all employers to sign up for the government-run electronic verification system called E-Verify, which has drawn criticism from the HR community.


As momentum for the measure increases, a group of HR organizations led by the Society for Human Resource Management is backing a separate bill that would create a new electronic employment verification system based on an existing state mechanism.


Under the New Employee Verification Act, companies would enter employee identification data into a state’s new-hire reporting program, which was established in 1996 to enforce child support payments. About 90 percent of U.S. employers use the system.


The identity of the prospective employee would be checked against Social Security and Department of Homeland Security databases. The procedure would eliminate the paper-based I-9 process.


Supporters say another provision of the bill would prevent identity theft. Employers would be given the option of signing up for a secure electronic verification system that uses a network of government-approved private contractors to conduct background checks of workers and collect biometric identifiers, such as fingerprints.


“Employers want, need and deserve a reliable employment verification system,” said the bill’s author, Rep. Sam Johnson, R-Texas and ranking member of the Social Security subcommittee of the House Ways & Means Committee. “The [current] system is broken and needs to be fixed.”


Johnson’s bill, which was introduced at a Capitol Hill press conference on Thursday, February 28, would replace E-Verify. A decade old and set to expire in November, E-Verify checks I-9 information against government databases.


About 52,000 employers have voluntarily signed up for E-Verify. DHS says companies are embracing E-Verify and that it is discouraging illegal workers from applying for jobs.


Critics, including SHRM, assert that the system is inefficient, inaccurate, vulnerable to identity theft and incapable of hosting every U.S. employer. It has a 4 percent error rate, which could potentially affect 6 million workers. 


Using the system did not prevent food processor Swift & Co. from being the target of a DHS raid in December 2006 that resulted in the arrests of more than 1,000 illegal workers.


E-Verify is at the heart Shuler’s measure, which would require all companies with more than 250 employees to sign up within the first year after the bill’s enactment.


Shuler has garnered 139 co-sponsors, 91 of whom are Republicans. The popularity of an enforcement-only bill is growing following the demise last year of broad Senate legislation that included a path to legalization for undocumented workers.


Shuler is urging House Democratic leaders to bring his bill to the floor for a vote. “We’re hopeful that it will be sooner rather than later,” said Andrew Whalen, Shuler’s communications director.


Johnson hopes to persuade Shuler to drop E-Verify and replace it with his verification system. “We’re working with [Shuler] now to make it part of his bill,” Johnson said.


A co-sponsor of Shuler’s bill said that Johnson’s verification idea is better than E-Verify. “This is a smarter way to do verification,” said Rep. Kevin Brady, R-Texas and a member of the House Ways & Means Committee.


The fact that it utilizes a network of private companies to maintain identity databases prevents a national ID system run by the government, according to Rep. Paul Ryan, R-Wisconsin and a Ways & Means member.


“It allows people to reclaim their identity,” Ryan said. “It’s decentralized; it’s technologically innovative.”


The approach was shaped by the HR Initiative for a Legal Workforce, a group of HR organizations led by SHRM that worked on the bill for the last year.


SHRM president and CEO Susan Meisinger said leadership on verification from Washington is crucial. Employers are upset with the pastiche of work-site enforcement laws enacted by states after the Senate bill failed.


“It’s time for Congress to pre-empt this trend because it’s very harmful,” Meisinger said.


Given deep divisions on the issue, Congress may not be able to do much on immigration before it adjourns later this year. Meisinger is trying to position the HR community to influence whatever policy emerges.


“We’re going through a process of figuring out what is possible,” she said.


—Mark Schoeff Jr.


Posted on

SilkRoad Paving the Way to an IPO

Flush with a fresh $10 million capital infusion, SilkRoad Technology is laying the groundwork for an initial public offering while improving its product line and expanding its markets.


“We have big plans for the company in the not-so-distant future,” said Andrew Filipowski, SilkRoad’s chairman and CEO.SilkRoad, a provider of Web-based talent management software, has raised about $33 million in total seed money.


Filipowski said he expects to grow the company’s sales team from 60 to 75 within the next two months. The new hires will primarily focus on strengthening SilkRoad’s presence in the West—California, Washington state, Denver and New Mexico are on the radar screen.


The company is also eyeing international markets, such as Brazil, Argentina and Singapore. SilkRoad is already active in several European markets, including England and Germany, but wants to expand its international footprint because it believes the demand for talent management tools is on the rise overseas.


Product development is also an important goal for SilkRoad, which is best known for its onboarding platform, RedCarpet.


Filipowski said there are plans to enhance existing software lines as well as to introduce new products. He declined to provide specifics, but said the company is taking a look at software that addresses important HR issues, such as affirmative action and litigation support.


SilkRoad’s new product development projects—and international expansion efforts—are part of a broader strategic plan to go public in about a year, Filipowski said.


The company’s bid could have a big payoff, according to Jason Corsello, vice president at HR technology consulting firm Knowledge Infusion.


SilkRoad is in the popular talent management “software as a service” arena, Corsello said. This means that clients can access software by using an Internet account, rather than by buying a disk to download the program, he says.


“Wall Street is really keen on these types of vendors,” Corsello notes. Other companies that use this model include well-known HR brands Taleo, Kenexa and SuccessFactors.


Consolidation is also on Filipowski’s mind—though he is uncertain of where the company may end up.


“I cannot tell you whether SilkRoad will be the one doing the acquiring or the one who gets acquired,” he said. “What I can say is that the industry will not be this fragmented for too much longer.”


When the dust settles, only a handful of large providers will remain, noted Lisa Rowan, an analyst with research firm IDC. She said there is no way to predict which companies will be the ones left standing.


Case in point: Workstream, a public company with a significant market presence. These characteristics should have made it an unlikely takeover candidate. Workstream recently raised many eyebrows when it announced a merger with the operating holding company of Empagio, which owns payroll application Tesseract.


“There is no telling what will happen,” Rowan said. “It is going to be interesting to watch.”


—Gina Ruiz


Posted on

A PEO Deal Goes Upside Down

It’s the stuff of nightmares.

A week before Christmas 2007, a North Carolina professional employer organization abruptly shut down, leaving 3,000 workers it managed for close to 100 clients wondering if they’d get paid or still had health insurance. Days later, the company, the Castleton Group of Raleigh, North Carolina, filed for bankruptcy protection. Now the state’s Bureau of Investigation is looking into the company’s finances, and the North Carolina Insurance Department alleges, among other things, that the company owes $8 million in back federal payroll taxes.

As the Castleton case makes painfully clear, companies large and small must thoroughly vet the outsourcers they hire or leave themselves open to unexpected disruptions, sometimes with dire consequences.

“Oftentimes when these things happen it’s sad and there are hurt folks,” says Gray McCaskill, president of an insurance company that took over the workers’ compensation contracts of some Castleton clients after the company shut down. “You have to look before you leap.”

Professional employer organizations such as Castleton are often likened to HR outsourcers for smaller companies of up to several hundred employees. But there’s one big difference. Unlike HR outsourcers, PEOs act as co-employers, handling HR functions like payroll, health benefits and workers’ compensation while the client company manages workers’ day-to-day activities.

In the past 20 years, PEOs have mushroomed into a $61 billion industry with more than 400 companies covering 2 million employees, according to Milan Yager, executive vice president of the National Association of Professional Employer Organizations, an Alexandria, Virginia, trade group.

From the outside, Castleton was a pillar of the community. During 2007, the 10-year-old business made it onto Inc. magazine’s list of the 5,000 fastest-growing private companies, was named the year’s top woman-owned business by a local business weekly, and moved into a new 32,000-square-foot office complex near downtown Raleigh.

Castleton owner Suzanne Clifton, 64, held a seat on the state PEO association’s advisory council. According to local news reports, Clifton and her husband owned three homes with a combined tax value of $4.2 million, including one in the Virgin Islands.

But trouble was brewing behind that successful façade. Since 2005, the North Carolina Insurance Department had denied Castleton’s license requests because of concerns about the company’s solvency. In court filings, William Brewer, the Raleigh lawyer representing Castleton in the bankruptcy proceedings, called the company’s financial dealings “voluminous but inscrutable.”

After Castleton shut its doors on December 18, clients scrambled to replace employees’ benefits. Castleton attempted to transfer employees to another PEO without disrupting benefits, but it didn’t work out “for reasons outside of Castleton’s control,” according to Terry Carlton, a former Castleton attorney.

McCaskill, president of insurer Senn Dunn in Greensboro, North Carolina, says he was contacted by several Castleton clients and ultimately took over workers’ comp for a number of businesses.

To avoid catastrophe, anyone who wants to outsource or enter into a PEO arrangement should perform due diligence on prospective vendors, NAPEO’s Yager says. Companies can start by determining whether their state is one of 29 that, like North Carolina, have PEO licensing or registration laws. NAPEO is lobbying other states to follow suit and recommends that regulations include financial audit requirements so that even if PEOs are privately held, customers can find out if they’re fiscally stable. “The truth is many still aren’t [audited], and consumers aren’t asking for it,” Yager says.

As a further sign of their trustworthiness, some PEOs choose to become bonded by passing a financial accreditation process administered by a nonprofit industry group called the Employer Services Assurance Corp. that NAPEO started in 1995. About 25 PEOs representing 30 percent of the industry’s total revenue are bonded, Yager says. While Castleton was an NAPEO member, the company wasn’t bonded.

Yager also suggests that prospective clients check in with a PEO’s existing customers to find out what the company is like to work with, whether they meet contractual obligations, if their benefits package is acceptable, and whether there have been any problems.

To Yager, Castleton’s failure proves that state PEO regulations work. “It’s only because there was a statute with an audit provision that this whole situation came out,” he says. “The state had the company under observation, the public was aware of it, but the clients trusted them so much they didn’t leave.”

Posted on

Lawson Nabbing New HR Software Exec, Vendor

Continuing its push into HR applications, Lawson Software has snagged an executive in the field and is acquiring a vendor of staffing and scheduling software.


Lawson said Monday, February 25, that it has appointed Jennifer Langer as global director of HCM product management. Lawson said that Langer “has more than 20 years of experience in the health care enterprise software industry, having served in managerial and leadership positions for Oracle, PeopleSoft, Workbrain and Neoforma.”


Additionally, Lawson said Friday, February 22, that it has agreed to acquire VasTech, a workforce management software and services specialist. Lawson said that with the acquisition, it will offer customers in the health care, hospitality and gaming industries “an advanced workforce management staffing and scheduling” product to complement its HR software offerings.


In recent years, Lawson has prioritized HR software as part of a plan under chief executive Harry Debes to make the St. Paul, Minnesota-based firm a legitimate competitor to business software titans Oracle and SAP. Last year, Lawson introduced a new set of HR applications, including tools for workforce acquisition and development.


Workforce management software, which refers to applications for handling tasks such as time-and-attendance management and employee scheduling, is a growing area. Other vendors in the field include Infor and Kronos.


Lawson said the new workforce management product will help health care organizations manage a variety of compliance and reporting challenges associated with safety initiatives, labor productivity and staffing levels.


“By combining the strong staffing and scheduling offerings from VasTech with Lawson’s industry-leading products and team, we are again addressing key business challenges that confront our customers every day,” Steffan Haithcox, health care strategy director for Lawson, said in a statement.


VasTech is headquartered in Annapolis, Maryland, and employs 45 people. Financial details of the transaction were not disclosed. The deal is expected to close in March.

Ed Frauenheim

Posted on

UAW Retirees Settle Dispute With GM Over Trust Fund

The United Auto Workers, along with UAW retirees, filed a proposed settlement of health care claims against General Motors Corp. with the U.S. District Court in Detroit on Friday, February 22.


If approved by the court, the settlement would establish an independent voluntary employees’ beneficiary association trust, which will pay health benefits for current and future UAW GM retirees.


“This proposed settlement will put into effect what we negotiated in 2007,” UAW president Ron Gettelfinger said in a statement. “Through hard work and hard bargaining, we have negotiated an innovative way to secure health care benefits for UAW GM retirees.”


General Motors also filed a document in the case Friday that acknowledges its support of the settlement.


The UAW signed new labor agreements with Detroit’s Big Three automakers last fall, but details about how the VEBA would be structured have been limited.


In recent interviews, Gettelfinger said it was important that the settlement of the case included an ethical practices code and that it would spell out other details about how the trust would be managed.


The agreement includes a two-page code of ethics that says the trust and all employees who work for the trust must manage the VEBA’s money and its affairs in the best interest of UAW retirees.


In the statement, Gettelfinger said the VEBA trust “will be managed by independent trustees with expertise in health care, investments, finance and other key areas. We are confident it will have sufficient assets and sufficient cash flow to pay benefits to our retirees for the next 80 years.”


The settlement also includes a seven-page explanation of the duties and powers of those trustees.


Filed by Brent Snavely of Crain’s Detroit Business, a sister publication of Workforce Management. To comment, e-mail editors@workforce.com.

Posted on

Meet the Bosses Who Could Win the Awful

Dressed in their Sunday best, everyone leaned forward to hear the words: “The envelope, please.”

Anticipation grew. Who would win and who would lose? The room was hushed. The envelope loomed large in the announcer’s hand. “And the winner is …”


This could be a scene from the Academy Awards. Or it could be a scene from any courtroom in the country, any day of the week. Actors who receive an Oscar are honored for their behavior on-screen. Employer-defendants who receive a jury verdict in favor of a plaintiff are also recognized—for their bad behavior in the workplace.


Here, in no particular order, are this year’s nominees for the Awfuls—my Bad Boss Behavior of the Year Award.


First: American Apparel CEO Dov Charney, noted for his role in the lawsuit Mary Nelson v. American Apparel, Inc., et al. Mr. Charney often referred to women as “sluts.” He testified, however, that “some of us love sluts. … It could be also an endearing term.” Mr. Charney is also nominated for posting a video on his company Web site showing him running around in his underwear in the workplace. The video was later removed from the site, but someone (here’s a surprise) saved a copy. Charney’s defense to the claims of sexual harassment? None of his conduct or speech was directed at the plaintiff because of her gender; he wore his underwear in the presence of employees to test “product fit,” and plaintiff was not treated any differently from male employees.


Next up is the judiciary’s contribution in 2007: Judge W. Kennedy Boone of Washington County, Maryland, Circuit Court, who christened three African-American female public defenders appearing in his courtroom “The Supremes.” Judge Boone suggested the three women wear matching gold sequined miniskirts and “shake their groove thing.” Judge Boone encouraged the criminal defendant accused of assault and cocaine possession to get “an experienced male attorney.” Judge Boone has received one award already: He was reprimanded by the Maryland Commission on Judicial Disabilities.


Our next nominee is a group performance: Alarm One, a California alarm-sales company, and two supervisors. Most of the employees in the company’s Fresno office were 18 to 25 years old. Plaintiff Janet Orlando was 52. The supervisors held a meeting every morning before the field supervisors and the sales team left for a day of selling alarm systems door-to-door. The meetings had a pep rally atmosphere with yelling, chanting and cheering. Motivational techniques used at the morning meetings included passing out bonuses, singing in front of the group, pies in the face, eating baby food, wearing diapers and spanking with Alarm One and its competitor’s yard signs. Employees were spanked for arriving late or for losing a sales competition.


On January 14, 2004, Janet Orlando was spanked and sustained a cut and a bruise. She filled out an injury report and was taken to the doctor. Alarm One’s defense? Orlando was not injured; she never reported the injury; and she never sought medical care. The verdict was in Orlando’s favor, and the jury awarded her $500,000 in compensatory damages against the company and the two supervisors, plus $1 million in punitive damages. (An appeals court sent the case back to the trial court because of a judge’s erroneous jury instruction, but defense costs continue.)


Former Kansas Attorney General Paul Morrison also gets a nod. In a year in which Kansas experienced floods, tornadoes and damaging winter storms, Morrison, a member of the American College of Trial Lawyers and once described as a “poster boy for a Kansas Democratic Party on a roll,” stands out for his role in the two-year-plus sexual relationship he had with Linda Carter, an administrator in the Johnson County District Attorney’s Office.


Morrison and the administrator had sex in the Johnson County Courthouse many times, including the day before he was sworn in as attorney general, as well as on business trips together across the country. At one point, Morrison bought Carter a ring, appraised at $16,000, and promised he would get a divorce and marry her. (After the pair’s relationship deteriorated, Carter’s husband found the ring and sold it for $4,750. And then deposited the money in his bank account.)


To prove his love, Morrison went to a shop in Kansas City and got a tattoo in the shape of a heart with the initials “LC.” Eventually, Carter filed a federal sexual harassment complaint against Morrison. Morrison resigned five days after a local newspaper broke the story, and he told the media he was trying to “get right with God.” He urged a state ethics board to investigate his conduct. They did. One award has already been given: to the Topeka Capital-Journal for its investigation and reporting of the story.


Our last nominee is Houston District Attorney Chuck Rosenthal, whose office has sent more people to death row than any other local agency in the country. There were allegations of racism in the District Attorney’s Office, and some defense attorneys and former prosecutors claimed black potential jurors were struck because they were seen as soft on crime. Black leaders believed that blacks were punished more harshly than whites.


Rosenthal was faced with a citation for contempt of court for deleting more than 2,500 e-mails that had been subpoenaed in connection with a federal civil rights lawsuit. But 800 e-mails and attachments preserved on Rosenthal’s office computer contained nudity, hard-core pornography and racist jokes and comments. Rosenthal refused to resign, saying “stupidity” was not grounds for quitting. But just this week, Rosenthal resigned as district attorney and said that prescription drugs may have impaired his judgment.


Award-ceremony custom calls for the speaking of the magic words, “And the winner is …” But in these situations, there aren’t any winners.


When bad boss behavior occurs, it generally happens in an atmosphere in which the law is ignored, company policy is ignored, and the line separating good business practices from boorish conduct—and often unlawful conduct—is crossed. A dose of stupidity, mixed with a larger dose of arrogance, is the guaranteed formula for bad boss behavior. Litigation usually results.


And in a lawsuit, just like the Academy Awards, losers far outnumber winners. While sometimes it is necessary for a company to defend itself against plaintiffs’ attorneys and former and current employees hellbent on litigation, the fight is not without cost, even if an employer wins. There is anxiety, uncertainty, corporate downtime, a loss of employee morale and the risk of a judge or jury acting as “supervisor for a day,” and directing how a business should be run.


Following the law and following company policy will keep you out of a situation in which a “winner” needs to be announced. No envelope, please.

Posted on

Supreme Court Parses Congressional Intent on Retaliation Law

A case involving a former Cracker Barrel employee sparked a lively debate among Supreme Court justices on Wednesday, February 20, about whether Congress intended to amend a civil rights law to encompass retaliation.


Hedrick Humphries, an African-American who worked for the restaurant as an associate manager from 1999 to 2001, alleges that he was fired after he complained about the racially discriminatory behavior of his supervisor.


He filed his suit under two civil rights statutes—one from the 1960s that has an explicit retaliation provision and one from the 1860s that lacks language about retaliation. A district court dismissed Humphries’ claims on summary judgment.


But the 7th Circuit Court of Appeals ruled that 19th century law, known as Section 1981, does address retaliation. That statute, which protects minorities in the making and enforcing of contracts, provides a four-year statute of limitations as well as unlimited damages.


A provision of the Civil Rights Act of 1964, Title VII, is more restrictive. It caps damages, requires plaintiffs to file their cases within months of a discriminatory act and establishes an administrative procedure to try to resolve the dispute.


Chief Justice John Roberts Jr. questioned whether a ruling in favor of Humphries would allow plaintiffs to “obliterate that cap [in] any case brought under 1981.”


Supreme Court thinking on the issue has changed over the years. In the late 1960s, the court ruled that Section 1981 does cover retaliation. But in 1989, it narrowed the scope of the law. In reaction to the latter decision, Congress amended the law in 1991.


Since then, courts have interpreted the congressional action as broadening Section 1981 to include retaliation.


“They haven’t been following the text of the law,” Michael Hawkins, who represents Cracker Barrel, told the court.


Several justices seemed to agree. Justice Anthony Kennedy told Humphries’ lawyer, Cynthia Hyndman, that language about retaliation was absent even from the revised version that Congress passed in 1991.


“You’re admitting none of the words in the statute as amended help you,” Kennedy said. “You want me to add a new term.”


Justice Antonin Scalia characterized Hyndman’s argument for a broad interpretation of the law as a good pitch for congressional changes rather than a Supreme Court decision. “That statute says what it says,” Scalia said. “We don’t write statutes, we read them.”


Demonstrating the complexities of the case, however, both Kennedy and Scalia pushed Hawkins on his restrictive view of the law.


When Hawkins argued that the 1989 case would not have allowed a retaliation claim even after the 1991 amendment, Kennedy and Scalia were askance.


Hawkins tried to clarify his answer, but the justices weren’t convinced.


Kennedy also questioned Hawkins’ assertion that Title VII was meant to be the avenue for retaliation cases rather than Section 1981. He said that Congress didn’t seem to want a clear delineation.


“If Congress is not concerned about [overlap], why should we be?” Kennedy asked.


Justice Ruth Bader Ginsburg asserted that it was necessary for Section 1981 to cover retaliation in order to deter bias.


“What kind of right to be free from discrimination would there be if once one complains, one can be fired, demoted?” she asked. “That would not be a very effective right, would it be?”


In supporting Humphries, the government made a similar argument.


“It seems to me that the guarantee of equal treatment quite naturally is violated not just by the basic discrimination but is also violated by retaliating against someone for exercising their rights,” said Solicitor General Paul Clement.


Between now and the end of its term in July, the court will have to decide whether Congress meant to say the same thing.


—Mark Schoeff Jr.

Posted on

Disclosure of Incentive Pay Targets Improved in 2007

Corporations are making progress in disclosing more details about how executives’ bonuses are determined—but many are still far from giving regulators and shareholders the full monty.


While almost all companies now disclose the metrics used to determine executives’ annual incentive pay, only about a third of corporations in the S&P 500 actually disclose the specific targets they use to make these calculations, according to a new study conducted by the Corporate Library.


The difference between disclosing metrics and targets isn’t just semantics, according to Paul Hodgson, senior research associate at the Corporate Library. “Without knowing the actual targets, you don’t know how difficult—or how easy—it was for an executive to earn their bonus.”


So while a company may note that it considers earnings per share, for example, when determining executive pay, it likely would decline to disclose that it set a goal of $0.32 earnings per share, Hodgson pointed out.


A number of companies have not included such specific performance targets, claiming that by doing so, they could be putting themselves at a competitive disadvantage. Many companies making such claims were criticized in October by the Securities and Exchange Commission for failing to make adequate disclosures, with regulators stating at the time that these companies should look to provide more clearly defined targets in their 2008 proxies.


Despite the lack of total disclosure, Hodgson noted that in 2007, 32.7 percent of companies in the S&P 500—or 160 companies—disclosed specific performance targets, compared with only 10 companies that did so in 2004.


“It’s a significant step forward,” he said, adding that he expects more than half of all companies to reveal specific targets in this year’s proxy filings.


The Corporate Library’s findings come several weeks after a similar study by Watson Wyatt noted that just 42 percent of companies plan to disclose the exact performance measures considered in executive pay packages. About 30 percent of companies said they do not plan to make such disclosures, and the remaining 27 percent said they were not sure whether they would include such details.


Filed by Mark Bruno of Financial Week, a sister publication of Workforce Management. To comment, e-mail editors@workforce.com.

Posted on

HR Data Breaches Can Leave Holes in Corporate Pockets

Employee data breaches are becoming like leaky roofs for companies—frustrating but familiar. And as such, experts say, organizations are getting smarter about preventing the kind of personal information exposures that can anger workers and damage a firm’s reputation.

Some employers have faced lawsuits related to breaches. And challenges persist when it comes to protecting employees’ privacy, including the difficulty of safeguarding sensitive information when so many workers take computers home or on the road. But through steps such as training and data encryption, organizations are finding ways to keep a tight grasp on employee information.


“It is now a routine concern,” says Doug Rosinski, an attorney with law firm Ogletree, Deakins, Nash, Smoak & Stewart.


Serious issue
During the past few years, the issue of employee data breaches has come to the fore for businesses and workers. That’s partly because of the related rash of consumer data exposures, in which banks and other organizations have lost control of key information. It also stems from the way millions of Americans have had to wrestle with the headache of identity theft.


What’s more, a number of high-profile cases involving lost or stolen employee data have focused attention on the issue.


Among the most public of the snafus was a May 2006 incident involving the U.S. Department of Veterans Affairs. In that case, computer equipment with data including names, Social Security numbers and dates of birth for as many as 26.5 million veterans and other individuals was stolen from the home of a VA employee.


Also key to the growing awareness is a set of state laws on data breach notification. California led the way with a statute passed several years ago.


Under California law, a business that maintains unencrypted computerized data that includes certain personal information must notify any California resident “whose unencrypted personal information was, or is reasonably believed to have been, acquired by an unauthorized person.” Other states have similar legislation, says Alan Raul, an attorney specializing in privacy and information security issues with the law firm Sidley Austin.


It is not so much that organizations have gotten sloppier with their data in recent years as the law has put a spotlight on the matter, he says.


“The spate of apparent data breaches was not triggered by changes in practice,” Raul says.


Since early 2006, there typically have been four to six media accounts of human resources data breaches per month, according to research by Don Harris, founder of consulting firm HR Privacy Solutions.


That number spiked in October 2007 to eight, but hit lows of just two for both September and November. Harris says the lulls could signal companies’ determination to keep themselves out of the papers on the data breach front.


“Maybe more and more employers are waking up and saying, ‘I just don’t want to be there. I want to do something about it,’ ” Harris says.


Legal liability
Still, a number of organizations have found themselves on the receiving end of lawsuits related to employee data exposures.


Among them is Union Pacific, the transportation giant that operates Union Pacific Railroad. Union Pacific, which employs about 50,000 workers, has acknowledged a series of eight data breach incidents between April 2006 and January 2007, most of which involved stolen laptop computers.


Those breaches gave rise to three lawsuits. The lost or stolen equipment in the incidents was judged to contain personal information for 35,738 current and former Union Pacific employees from across the U.S., according to a court document.


Union Pacific employees weren’t just worried about the dangers of missing computer equipment with personal information; they also fretted about the way the company used their Social Security numbers for a wide variety of purposes, says Robert O’Connor Jr., an Omaha, Nebraska-based attorney who represented employees in the litigation. Employees were even asked to disclose their Social Security number in filling out a reimbursement form when purchasing work shoes, O’Connor says.


“You’d go to Red Wing shoes and you’d have to put your Social Security number on it, instead of your employee identification number,” he says.


In December, a court approved a settlement that creates a $550,000 fund for paying half of a current or former employee’s identity theft losses, up to a maximum of $25,000 per person. The company also agreed to phase in a set of measures related to the protection of current and former employees’ confidential data. Union Pacific said that as a general matter it “will cease using Social Security Numbers as a routine means of identifying its employees.” It also pledged to encrypt all data files stored on company laptop computers.


Union Pacific spokesman James Barnes declined to comment on the allegation about shoe reimbursement. He said the company is focused on a future of better safeguarding employee data in order to give workers “peace of mind” on the issue.


“We’re going to extraordinary lengths to protect the identities of our employees, and that includes their Social Security numbers,” he says.


The VA also has been hit with a data breach lawsuit, one focused on the May 2006 incident. Attorney Rosinski, who is representing plaintiffs in the suit, says the two sides are in mediation talks.


Authorities eventually recovered the stolen computer equipment, and the VA says an FBI investigation concluded that no veterans’ personal information had been accessed or compromised. Rosinski, however, isn’t convinced.


“You can never prove it wasn’t taken,” he says.


The VA has weathered other troubles related to data protection. For example, three computers containing information on 12,000 veterans were stolen from a VA medical center in Indianapolis last year.


The agency says it has worked to improve its data security practices. It updated required annual privacy and cyber security training and has hosted satellite broadcasts on information security. It also has encrypted most VA laptops.


New ways of working
An emerging difficulty in employment-related data protection is the way organizations’ traditional boundaries are expanding to include mobile work and outsourcing.


Using electronic job boards to recruit candidates, for example, is a form of outsourcing—one that has proved to be somewhat hazardous. Last year, job board Monster said employer client log-in credentials had been compromised and used to illegally download contact information for 1.3 million job seekers.


Employee “homework” represents another challenge for companies, attorney Raul says.


The number of Americans whose employer allows them to work remotely at least one day per month jumped from 7.6 million in 2004 to 12.4 million in 2006, according to a report announced last year by professional association WorldatWork.


Raul says that employees who lug their laptops home may end up sharing them with family members, who in turn may download software. In other words, he argues, the potential is there for remote workers to expose sensitive employee data to hackers.


“Are all of the defensive measures that are available at the office available at the home?” he asks.


In addition, cyber criminals are growing more sophisticated, Raul says. The number of employee data exposure incidents may drop, he says, “but those breaches that do occur could possibly be more serious.”


Raul says companies ought to set policies for acceptable remote computer usage, as well as ask tough questions about whether sensitive data truly needs to be taken home. He also recommends creating formal agreements with vendors about how they treat an organization’s data.


Another key, he says, is encryption—which means altering data so that it cannot be understood by unauthorized people. In recent years it has become easier to encrypt the contents of a computer without seriously lowering the performance of the machine, he says.


“Many more companies are encrypting information that is contained on laptops,” he says.


Attorney O’Connor also sees encryption as crucial as organizations seek to safeguard employees’ confidential data.


“They need to encrypt, and they need to stop using Social Security numbers,” he says.


Rosinski says the private sector is headed in the right direction.


“The market is driving the employers to do the right things,” he says.


Consultant Harris also sees progress on employee privacy. He says hundreds of companies now have “chief privacy officers.” What’s more, he notices greater awareness of international data privacy rules.


“To me, it’s a sign that the whole privacy scene is starting to mature,” he says.

Posted on

Kill the HR Speak

I can’t stand “HR speak,” that convoluted language that HR consultants, vendors and professors love to create and use. Whether you call it HR speak, or HR blah blah or HR babble, once you bring up the term among executives, almost everyone immediately knows what you’re talking about.

The HR profession has managed to create a bewildering array of meaningless terms. When you’re in the realm of HR strategy, it is nearly impossible to read an article or view a PowerPoint that isn’t littered with terms like “business partner,” “seat at the table,” “organizational alignment” or “balanced scorecard.”

The organizational development function really seems to excel at making up words that follow the fad of the month. In fact, the term organizational development itself probably qualifies as one of the most impossible-to-define terms. In recent years, OD wordsmiths have enshrined themselves in the HR Speak Hall of Fame with terms like “engagement,” “corporate culture” and “360-degree performance review.” They are not alone, however. Training and development also excels at confusing managers and employees with terms like “learning organization,” “performance coaching,” “distance learning” and my all-time favorite, “competency management.”

Every function within the HR profession deserves some level of credit for creating confusion. These terms often emerge when corporate leaders are fed up and want something different, a situation that can lead HR leaders to rebrand the same old approaches and tools under a different name: “talent management” becomes “human capital management,” for example.

I’m not the first to accuse HR of using confusing jargon. Keith Hammond’s famous Fast Company magazine article “Why We Hate HR” superbly described how the national SHRM conference was the epicenter of confusing HR speak. Scott Adams, originator of the Dilbert series, has made a fortune making fun of our fads and terminology. A Google search also brings up thousands of comments from individuals complaining about HR speak and wanting to know what HR really means when it uses such phrases.

Why is the proliferation of HR speak a problem? To begin with, it builds a language wall between us and the rest of the business. If you’ve ever sat with a CEO during executive committee meetings, you’ll note that most executives have a relatively limited vocabulary. It often includes “hard” and easily measurable words like “profit,” “stock price,” “ROI” and “market share.”

Executives also use a quantifiable language, one which is primarily made up of numbers and dollars. HR practitioners, in contrast, use in their presentations and conversations “soft” terminology like “emotional intelligence,” “work/life balance” and “empowerment.” These are almost totally devoid of numbers and dollars.

And because it so often amounts to Orwellian doublespeak, HR speak causes a great deal of anxiety and confusion among both managers and employees. Ask anyone who has ever been told by HR that the company was about to be “right-sized.”

The proliferation of such jargon not only affects those whom HR serves, but also causes HR professionals to waste an inordinate amount of time just trying to reach agreement on what these terms actually mean. Can anyone agree on what distinguishes a “human capital management” approach from that of a traditional HR approach? Further, what differentiates the activities of “talent management” functions from traditional recruiting, staffing and talent development functions?

The solution to this linguistic problem is pretty simple. First of all, we in HR need to make a conscious effort to use business terms exclusively. If we can’t find a word in an annual report or a financial statement, we shouldn’t use it, period. Next, we need to make every attempt to use not the most complex word, but instead, the most understandable word when dealing with managers and employees. So instead of saying “competencies,” we should simply say “skills.”

We should aggressively challenge HR professionals who use HR speak, or demand that they clearly and measurably define each term.

Finally, because the root of all these words is some kind of HR fad, HR professionals need to realize that their job is to increase the productivity, capability and innovation of the workforce. They should focus on the basics that contribute to these goals. When a vendor, consultant, speaker or professor from Michigan, Cornell, USC, Princeton or Minnesota tries to tell you that they have a “new” approach with a fancy new name, you should immediately stand up and walk out. Let them bounce their empty terms off an equally empty room.

Workforce Management, February 18, 2008, p. 23Subscribe Now!