IV. Workplace Privacy

Employee Background Screening:

a. Certain professions are subject to background screening by law. Anyone who works with the elderly, children or the disabled must now undergo background screening. EEOC cautions businesses to carefully review background screening processes, such as denying employment based on criminal convictions, to ensure that requirements are job related and necessary. Searches of publicly available information generally considered reasonable practice in US. Significant privacy issues can accompany such practices. i. Requirements Under FCRA: regulates how employers perform any type of background check / consumer report on a job applicant obtained from a CRA, including credit checks, criminal records, and driving records. Under FCRA, "consumer report" includes all written, oral or other communications bearing on a consumer's creditworthiness, credit standing, credit capacity, character, general reputation, personal characteristics or mode of living. FTC has aggressively enforced FCRA violations against nontraditional CRAs who collect data online without using reasonable procedures to ensure maximum possible accuracy of information being sold and report it to employers result in large civil penalties. 1. FCRA permits employers to obtain · consumer report for o pre-employment screening for the purpose of evaluating the candidate for employment o determining if an existing employee qualifies for promotion, reassignment or retention · investigative consumer report on an applicant for permissible purposes (i.e., using the information for employment purposes)of 2. Employer must meet following standards to obtain any type of consumer report: · Provide written notice to applicant that obtaining consumer report for employment purposes and indicate if investigative consumer report will be obtained · Obtain written consent from applicant (original consent can be used to get updates as needed) · Obtain data only from a qualified CRA, an entity that has taken steps to assure the accuracy and currency of the data · Certify to CRA that the employer has a permissible purpose and has obtained consent from the employee · Before taking adverse action, such as denial of employment, provide pre-adverse-action notice to applicant with a copy of consumer report, to give applicant opportunity to dispute report · After taking adverse action, provide adverse action notice · Non-compliance with the above can result in civil and criminal penalties, including private right of action 3. There are no obligations under FCRA when an employer does not use a CRA and conducts its own background check. 4. FACTA amendments to FCRA preempted many state laws on credit reporting, identity theft and other areas of FCRA, but FCRA does not preempt states from creating stricter legislation regarding employment background checks. Notable among them, the California Investigative Consumer Reporting Agencies Act (ICRAA) · Under ICRAA, unlike FCRA, the law requires new written consent each time a consumer report is sought during employment if the report is for purposes other than suspicion of wrongdoing or misconduct - employers must notify applicants and employees of intent to obtain consumer report, must obtain employee's written consent to obtain the report and enable employee to request a copy of the report every time a background check is conducted. Any adverse action must result in copy of report to employee, regardless if waived right to receive copy of the report. Notice and consent rules don't apply if employee suspected or wrongdoing or misconduct. o When California employers conduct their own background checks without contracting 3rd party, some provisions of ICRAA apply but not all. o Employer must give employee or applicant a copy of any public records resulting from in-house background check unless employee waives the right o If adverse action results, must give employee or applicant copy of public records regardless of waiver o In-house reference checks - no requirement to give info to employee or applicant · 10 other states limit use of credit information in employment - Colorado, Connecticut, Delaware, Hawaii, Illinois, Maryland, Nevada, Oregon, Vermont and Washington - in these states, credit history can only be used if related to the position applied for. ii. Methods 1. Personality and Psychological Evaluations: EPPA and ADA together place significant federal limitations on psychological testing (e.g., lying and impairment of mental health) in the workplace, but employers still use psychological tests for personality traits (e.g., honesty, preferences and habits) 2. Polygraph Testing: Employee Polygraph Protection Act of 1988 (EPPA) prohibits most private employers from using lie detector tests, or the results of such tests or any refusal to take such tests, for pre-employment screening or during the course of employment. Employer must post essential provisions of EPPA in a conspicuous location so employees aware. · Lie Detector - polygraphs, voice stress analyzers, psychological stress evaluators, or any similar device used to render diagnostic opinion regarding individual's honesty · Exceptions: o Subject to restrictions, polygraph tests (a type of lie detector) can be administered to certain job applicants § Govt employees § Security service firms (armored car, alarm, and guard) § Pharmaceutical (controlled substances) manufacturers, distributors and dispensers § Defense contractors § National security functions o In connection with ongoing investigation involving economic loss or injury to the employer's business (theft, embezzlement, industrial espionage) if have reasonable suspicion - no discharge because of results or refusal unless additional supporting evidence. · Enforcement: fines from DoL as well as private right of action · No preemption of stricter state law 3. Drug and Alcohol Testing: No federal privacy statute that directly governs employer testing of employees for substances such as illegal drugs, alcohol or tobacco · For public-sector employees - 4th Amdt case law on when substance use testing is reasonable · Illegal Drug Use: current use not protected by ADA and excluded from definition of "individual with a disability," and drug test not considered medical exam o History of Illegal Drug Use: Casual drug use is not a disability under the ADA. Drug addiction considered disability under ADA if poses substantial limitation on one or more major life activities and person not currently using illegal drugs. o Denying job because of history of casual drug use would not violation of ADA o Policies that screen out applicants because of history of addiction or treatment for addiction must be job-related and consistent with business necessity o Current illegal drug use, even if addicted, can be denied employment because of current use o Asking job applicant if ever used illegal drugs or been arrested for using illegal drugs is not violation of ADA o Asking about prescription drug use permitted in response to positive drug test, even if answers may disclose information about disability · Alcohol Use: current use not automatically denied protection under ADA. Alcoholism (alcohol use disorder) is protected as a disability if person qualified to perform essential job functions - BUT- employer can o discipline, discharge or deny employment if alcohol use adversely affects job performance or conduct o prohibit alcohol use in workplace o require that employees are not under the influence of alcohol while at work · Federal Law mandates drug testing for certain positions in the federal sector (e.g., US Customs & Border Protection) and creates regulations for drug testing for employees in certain sectors - aviation, railroading and trucking industries, which preempt state laws that would otherwise limit drug testing. Because marijuana is federally prohibited, employees in these industries must adhere to federal requirements. · Permissible Reasons for Drug Testing: o Pre-employment - if not designed to identify legal use of drugs or addiction to illegal drugs o Reasonable suspicion - as a condition of continued employment if "reasonable suspicion" of drug or alcohol use based on specific facts and rational inferences from those facts (e.g., appearance, behavior, speech, odors) o Routine testing - if employees notified at time of hire, unless state or local law prohibits it o Post-accident testing - as a condition of continued employment if "reasonable suspicion" that employee involved in accident was under influence of drugs or alcohol o Random testing - sometimes required by law, prohibited in certain jurisdictions, but acceptable where used on existing employees in specific, narrowly defined jobs, such as those in highly regulated industries where the employee has a severely diminished expectation of privacy or where testing is critical to public safety or national security 4. Social Media: Employers are legally permitted to use social media in informing their decisions but can't violate anti-discrimination and privacy laws. Employers face risks when engaging in social engineering - use of manipulation to gain access to otherwise private information, including connecting with potential hires or employees through false online profile or requesting access to private networks not available to general public. These practices can results in invasion of privacy actions for violating applicant's or employee's reasonable expectation of privacy. Employers can screen publicly available social media sites on their own because FCRA doesn't prohibit DIY background checks, but if use 3rd party, must be qualified CRA that has ensured maximum possible accuracy of the information. Employers should not require current employees to divulge access information to private networks as a condition of employment. Some states have made it illegal to ask an applicant or employee for their social media login information and passwords - Maryland was the first in 2012 and, as of 2019, 25 more states have done the same and Congress has proposed similar legislation.

Federal Trade Commission (FTC):

i. Enforces a variety of laws including FCRA, which limits employer's ability to receive an employee's or applicant's credit report, driving records, criminal records and other consumer reports from a CRA in reference checking and background checks of employees 1. When employer uses consumer reports to make employment decisions, including hiring, retention, promotion or reassignment, it must comply with FCRA

Investigation of employee misconduct

a. Employer's typically conduct workplace investigations of employee misconduct for (1) discrimination or harassment, (2) threat of violence, (3) theft, embezzlement or fraud, or (4) controlled substances. i. Best Practices: 1. Take allegations seriously 2. Treat employees fairly 3. Follow laws, corporate policies and collective bargaining agreements 4. Document alleged misconduct 5. Consider rights of other employees and 3rd parties ii. Data handling in misconduct investigations: Document alleged misconduct and investigation to minimize risks from subsequent claims by employee. All information related to the investigation should be kept strictly confidential. Investigations involve handling PI of employee under investigation, witnesses and other 3rd parties. Must comply with data privacy laws. iii. Use of third parties in investigations: FACTA amended the FCRA to address problems created by the FTC's "Vail Letter" (1999 FTC staff opinion letter concluding that FCRA regulates workplace misconduct investigations conducted by third parties, which would require employee consent for the related "investigative consumer report"). 1. FACTA nullifies Vail Letter by excluding from definition of consumer reports misconduct investigation reports and investigation reports into "compliance with Federal, State, or local laws and regulations, the rules of a self-regulatory organization, or any preexisting written policies of the employer." 2. Adverse Action: If employer takes adverse action on basis of report, FACTA requires employer to disclose summary of nature and substance of report to employee, which can be issued after investigation completed to maintain secrecy of investigation. Does not prescribe amount of information that must be disclosed but permits exclusion of "sources of the information acquired solely for use in preparing [the report]," e.g., the names of any witnesses. iv. Documenting performance problems: Progressive and documented discipline for initial or minor infractions can provide a reasoned basis for more serious discipline or termination if necessary. Work with compliance department to determine appropriate level of documentation. v. Balancing rights of multiple individuals in a single situation: Consider rights of people other than those being investigated, such as fellow employees/witnesses who could be subject to retaliation or other problems. Witnesses have an ongoing duty to keep all information relevant to the investigation and their own statements strictly confidential and not to discuss this internally or externally. Witnesses need to be assured that can give evidence w/o detrimental treatment or penalty for participating in investigation.

Employee Monitoring

a. In US, private-sector employees have limited expectations of privacy at workplace. Physical facilities belong to employer, and employer in private sector has broad legal authority to monitor and search workplace. Formal policies about workplace monitoring and accompanying documents may be required by state law for monitoring to be lawful. Providing employees with notices of these policies helps establish their knowledge and reasonable expectations about workplace activities. i. Technologies: Federal and state laws regulate and restrict workplace surveillance activities, including video surveillance, monitoring of telephone calls, and electronic surveillance, such as accessing emails and monitoring internet activities. 1. Computer Usage (including Social Media): Invasive monitoring practices may provide basis for discrimination lawsuits if employer accesses and appears to use legally protected information, including religion, ethnicity, gender or sexual orientation, political affiliations, and other sensitive information, all of which is commonly available on individuals' social media pages. Although reading publicly available information is lawful, discriminatory actions and invasions of privacy in the workplace - such as monitoring information about an employee on social medial sites - are not. 2. Biometrics: Biometric information privacy laws in place in different states throughout the country typically require specific disclosures be made to employees prior to collection, use, or storage of biometric data and carry heavy penalties for employers who fail to do so. · Illinois Biometric Information Privacy Act (BIPA) is the forerunner of modern US biometric information privacy laws. · CCPA: regulates collection, storage, and use of "biometric information," defined broadly · Texas and Washington: prohibit unauthorized collection and use of 'biometric identifiers' · 4th Cir "Mark of the Beast" Case (EEOC v. Consol Energy): held that when combine sincerely held religious belief with conflicting employment requirement (biometric time clock), employer is obligated to consider religious accommodation. 3. Location-Based Services (LBS): Mobile phones, GPS devices, and some tablet computers provide geolocation data, which enables tracking of the user's physical location and movements. Employers can monitor location of company vehicles equipped with GPS if monitoring is for business purposes during work hours and employee informed beforehand. Some state laws limit monitoring of geolocation data of employees themselves to an extent. CT requires written notice for any type of electronic employee monitoring and civil penalty for violations. CA has outlawed use of "electronic tracking devices to determine the location or movement of a person." Use of LBS to monitor employees runs risk of invasion of privacy claims where employee has reasonable expectation of privacy. 4. Wellness Programs: Employee must provide written consent and participate voluntarily. If wellness program offered as part of company's group health insurance plan, PII collected from or created about participants in program is PHI and protected by HIPAA privacy rule. HIPAA also protects PHI held by employer as plan sponsor on the plan's behalf when the plan sponsor administers aspects of the plan, including wellness program benefits offered through the plan. Wellness programs offered directly by employer and not as part of group plan are not covered by HIPAA. ADA (applies to wellness programs that ask for medical info or require medical exams of employees - wellness programs must be voluntary because they're not job related), GINA (applies to wellness programs that ask for medical info or require medical exams of employee spouses - exception where employee/family member consents in writing and voluntarily participates in health or genetic services (i.e., wellness programs) if related info kept confidential) and state laws apply regardless of HIPAA coverage. 5. Mobile Computing - Bring Your Own Device (BYOD): employees use their personal computing devices for work purposes, which presents security challenges stemming from lack of employer control over employee devices as well as workplace privacy issues. Employee expectations of privacy in BYOD context likely higher because personal device involved. Surveillance and monitoring activities used for work-issued devices may not be appropriate for personal devices. Employers should clearly address issues and convey to employees privacy limits and risks when using personal devices in workplace. If employer engaged in device monitoring or surveillance, it should disclose that information and obtain employee consent. When monitoring and searching the device, exposure of private employee data should be minimized. 6. Postal Mail: Federal law prohibits interference with US mail delivery. Mail is considered "delivered," however, when it reaches a business. Opening business letters and packages by a company does not violate statute, even if the rep is not intended recipient. But state common law might present risk (confidentiality of personal information). 7. Stored Communications · The Stored Communications Act (SCA) creates general prohibition against unauthorized acquisition, alteration or blocking of electronic communications while in electronic storage in facility through which electronic communications service provided. Employer Exceptions if conduct authorized: o "By the person or entity providing a wire or electronic communications service" (often the employer) o "By a user of that service with respect to a communication of or intended for that user" · Employers permitted to look at workers' electronic communications if employer's reason for doing so is reasonable and work related 8. Photography: Federal law doesn't limit use of photography in workplace areas, but state statutes and common law create limits in some settings - e.g., common areas, such as break rooms, restrooms, locker rooms, and places where employees change clothes. 9. E-Mail and Telephony: Wiretap Act and ECPA prohibit interception of wire communications (nonconsensual surveillance), such as phone calls or sound recordings from video cameras; oral communications, such as hidden bugs or microphones; and electronic communications, such as emails. Unless exception applies, interception of these communications is criminal offense and provides private right of action. Exceptions: · Person is party to the call or one of the parties consents to the interception · Interception done in the ordinary course of business (reasonably related to a business purpose) Employer who provides communication services, such as a company telephone or email service, can intercept if employee consents or interception occurs in normal course of user's business. 10. Video: Cameras and video recordings w/o sound recordings are outside scope of federal wiretap and stored-record statutes. Federal law doesn't limit use of video cameras in workplace areas, but state statutes and common law create limits in some settings - e.g., common areas, such as break rooms, restrooms, locker rooms, and places where employees change clothes. Closed-circuit TV (CCTV), security cameras and other video surveillance are permitted in workplace common areas that generally wouldn't be considered "private places" that might be considered offensive or an invasion of privacy. ii. Requirements under the Electronic Communications Privacy Act of 1986 (ECPA): Encompasses both the Stored Communications Act (SCA) and the Wiretap Act (the federal Wiretap Act is a one-party consent statute). No preemption of stricter state privacy laws. Some state laws protect email communications. 1. ECPA provides that employer may not record telephone conversations unless one of the following exceptions applies: · Consent: employer can monitor or intercept employee communications if employee consents to the surveillance - consent satisfied, or at least implied, where employee notified that calls are being recorded, or has expressly given consent pursuant to employment contract or company policy o Employers should notify and forewarn employees that calls may be recorded and that have limited expectation of privacy in workplace · Business Extension or Business Use: Wiretapping permitted to monitor, intercept, and record employee's conversations without employee's consent when employee uses employer's phone system and call is work-related, including to protect trade secrets or ensure compliance with non-compete agreements. Also, if employer has reasonable suspicion that employee engaged in misconduct or violating company policy, employer can justify recording work-related calls. o surveillance of employee personal phone calls beyond point of determining whether work-related (or not) is outside "the ordinary course of business" and prohibited by Wiretap Act o general policy of monitoring employee calls does not legitimize wholesale surveillance of employee calls or establish that all calls occur in ordinary course of business - each act of surveillance must be reasonably business-related 2. City of Ontario v Quon: SCOTUS held that government employer's search of police officer's personal and work-related text messages on employer-issued pager was reasonable and officer's 4th Amdt rights not violated. Even through private employers not subject to prohibition on warrantless searches like govt employers, all employers should ensure electronic communications policies meet current norms in specific workplaces and should educate employees about policies. 3. Best Practice - Employer Monitoring Policy: Employers seeking to intercept, record or monitor employee phone calls should establish and disseminate to employees clearly written company policies: · phone calls may be subject to monitoring and surveillance without further warning · expressly state that no obligation to monitor employee communications - to avoid claims of failure to protect from or investigate misconduct or other harm · require employees to sign written acknowledgment that received, read and understood policies, and agree to abide by them as a condition of employment · policies should be reaffirmed by employees periodically in ordinary course of business iii. Unionized worker issues concerning monitoring in the U.S. workplace: NLRB held that surveillance of any portion of workplace is condition of employment that must be the subject of collective bargaining and agreed to by union prior to implementation.

Workplace Privacy Concepts:

a. There is no overarching or organized law for employment privacy in the US. Federal laws apply in specific areas, such as to prohibit discrimination and regulate certain workplace practices, including employment screening and the use of polygraphs and credit reports. State contract and tort law in some instances provides protections for employees, but usually the employee must show fairly egregious practices to succeed. The regulation of employment privacy in the US stands in contrast with that in nations with comprehensive data protection laws, such as those in the EU. i. Constitutional Law: workplace privacy provisions apply only to federal and state government employees 1. 4th Amdt: prohibits unreasonable searches and seizures by state actors. Interpreted to place limits on ability of govt employers to search employees' private spaces, such as lockers and desks. 2. State Constitutions: some states, including CA, have extended right to privacy to private sector employees. Generally, though, if there's no state action, no con law governs employment privacy. ii. State Contract, Tort, and Statutory Law: Employer-employee relationship in the US is fundamentally a contract law issue - employment at will. Employer discretion to fire an employee understood to imply broad latitude in defining the employment relationship, including knowledge about the employee. Employees generally have narrow protections contract, tort and statutory law. 1. Contract: can alter the rules between employer and employee - most important of which are collective bargaining agreements that are protective of employee rights. 2. Tort: potential claims by employees include intrusion upon seclusion, publicity given to private life, and defamation, all of which provide possible privacy protections of very narrow scope. 3. State Laws: vary enormously by state, leading to a patchwork of complexity and large gaps iii. Human Resources Management: Organizations have to consider which jurisdiction's rules apply to PI about particular employees. Companies with employees in the US and other countries must be aware that different workplace rules apply to employment privacy. For example, the EU includes employee privacy within its general rules applying to the protection of individuals and employees have broad workplace privacy expectations and rights. For multinational corporations, this can present challenges, such as when HR data systems in one country contain PI about employees residing in other countries, or when employees share PI across borders, such as through email or other channels. Equally true for employees that reside in different states in the US.

Termination of the employment relationship

a. terminating access to company's physical and informational assets, and proper HR practices post-employment i. Transition management: clear procedures for terminating access to facilities and information. IT systems designed to minimize disruption when person no longer has authorized access. Basic steps include: 1. Secure the return of badges, keys, smartcards and other methods of physical access 2. Disable access for computer accounts 3. Ensure the return of laptops, smartphones, storage drives and other devices that may store company information 4. Seek, where possible, to have the employee return or delete any company data that is held by the employee outside of the company's systems 5. Remind employees of their obligations not to use company data for other purposes 6. Clearly marked personal mail, if any, should be forwarded to the former employee, but work-related mail should be reviewed to ensure that proprietary company information is not leaked 7. Remind employees during their exit interview of their ongoing confidentiality obligations under their NDA ii. Records retention: appropriate practices for maintaining HR records of former employees - to provide references, respond to inquiries about benefits and pensions, address health and safety issues that arise, respond to legal proceedings, and meet legal or regulatory retention requirements for particular types of records balanced against privacy and security of sensitive employment records iii. References: common law imposes no duty on former employer to supply reference for former employee. Some state statutes require references for specific occupations (pilot, public school teacher). Benefit of goodwill with former employees needs to be balanced against risk of suit for defamation. b. Working with third parties:

Department of Labor (DoL):

i. Administers and enforces FLSA (wages and overtime pay), OSHA, ERISA (administration of retirement plans), the Employee Polygraph Protection Act (EPPA) (regulating use of lie detectors) and FMLA. Each state has an agency, often called the Department of Labor, that oversees state labor laws. 1. Occupational Safety and Health (OSH) Act: administered by Occupational Safety and Health Administration (OSHA). Safety and health conditions in most private industries are regulated by OSHA or OSHA-approved state programs, which also cover public sector employers. Employers covered by the OSH Act must comply with the regulations and the safety and health standards promulgated by OSHA. Employers also have a general duty under the OSH Act to provide their employees with work and a workplace free from recognized, serious hazards. OSHA enforces the Act through workplace inspections and investigations. - workplace safety 2. OSHA enforces whistleblower protections in most laws: Most labor safety laws and many environmental laws mandate whistleblower protections for employees who complain about violations of the law by their employers. Remedies can include job reinstatement and payment of back wages. 3. Employee Polygraph Protection Act of 1988 (EPPA) - see below

National Labor Relations Board (NLRB):

i. administers the National Labor Relations Act (NLRA) and investigates and remedies unfair labor practices by employers and unions. The NLRA protects the rights of employees to act together to address conditions at work, with or without a union. Generally, concerted activity with other employees is protected. This protection extends to certain work-related social media communications (e.g., conversations conducted on social media platforms), but not if the social media communication does not involve fellow employees. 1. 2010: NLRB started receiving complaints related to employer social media policies and discipline for FB postings. Some policies violated federal labor law and NLRB GC issued complaints against employers alleging unlawful conduct. In other cases, investigations found that communications were not protected, so disciplinary actions taken by employers did not violate NLRA. 2. NLRB Jan 2012 Report: two main points about NLRB and social media · Employer policies should not be so sweeping that they prohibit the kinds of activity protected by federal labor law, such as the discussion of wages or working conditions among employees · Employee's comments on social media are generally not protected if they are mere gripes not made in relation to group activity among employees

Securities and Exchange Commission (SEC):

i. requires reporting of human resources information (e.g., payment/salary and other information about senior executives) by publicly traded companies to the govt and to the public.

Equal Employment Opportunity Commission (EEOC):

i. responsible for enforcing US Anti-Discrimination Laws that make it illegal to discriminate against a job applicant or an employee because of the person's race, color, religion, sex (including pregnancy, transgender status, and sexual orientation), national origin, age (40 or older), disability or genetic information, all of which protect employees from retaliation if they complain about discrimination or participate in an EEOC proceeding (for example, a discrimination investigation or lawsuit). These anti-discrimination laws have sometimes been used to limit background checks and primarily prohibit discrimination in hiring and other employment decisions, but there's often a collateral effect on how interviews and other background screening activities are conducted. Most employees with at least 15 employees are covered by EEOC laws (20 employees in case of age discrimination). Most labor unions and employment agencies are also covered. The laws apply to all work situations, including hiring, firing, promotions, harassment, training, wages and benefits. 1. Title VII of the Civil Rights Act of 1964: makes it illegal to discriminate against a person on the basis of race, color, religion, sex (including pregnancy, transgender status, and sexual orientation), or national origin. 2. Titles I and V of the Americans with Disabilities Act of 1990 (ADA): makes it illegal to discriminate against a qualified person with a disability in private companies and state and local governments. Has a broad definition of disability, covering not only individuals with actual disabilities but also those who have record of disability and those who are "regarded as" disabled by the employer. Predisposition to developing illness or disease is not a physical impairment (EEOC guidance) and therefore not covered by ADA. However, emerging trend is whether ADA protects potential future disabilities. · Qualified Individual: an individual who, with or without reasonable accommodation, can perform the essential functions of the employment position that such individual holds or desires · Essential Function: those core duties that are the reason the job position exists - not marginal or incidental job functions · Reasonable Accommodation must be provided by employer to accommodate known disability of qualified applicant or employee unless can demonstrate undue hardship on operation of the business o Reasonable Accommodation: any modification or adjustment to a job, the job application process, or the work environment that will enable a qualified applicant or employee with a disability to participate in the application process, perform the essential functions of the job, or enjoy the benefits and privileges of employment. § Employee's 1st choice of accommodation not required § Effective accommodation is required § Employee need not disclose particular illness, but employer can require medical documentation of disability and limitations, so disclosure of illness or condition may be necessary during interactive accommodation process. If medical information disclosed, ADA requires confidentiality and info must be kept apart from general personnel files in a separate, confidential medical file available only under limited conditions. o Undue Hardship: action that requires significant difficulty or expense in relation to size of employer, resources available and nature of the operation. Customer or co-worker attitudes are not relevant factors in determining undue hardship - potential loss of customers or co-workers doesn't constitute undue hardship o Examples of Reasonable Accommodation: § making existing facilities readily accessible to and usable by employees with disabilities § restructuring a job § modifying work schedules § acquiring or modifying equipment § reassigning a current employee to a vacant position for which the individual is qualified · Present Not Future Ability to Do Job: Employers cannot fire or not hire qualified person because of fear person will become too ill to work in the future. Hiring decision must be based on how individual can perform at present time. · Higher Costs: Higher medical insurance costs, workers' comp costs or potential absenteeism are not permissible reasons not to hire qualified person with disability · Health & Safety: ADA permits qualification standards that exclude individuals who pose a direct threat—i.e., a significant risk of substantial harm — established through objective, medically-supportable methods (not simply assumed to exist) to the health or safety of the individual him/herself or to the safety of others, if that risk cannot be eliminated or reduced below the level of a "direct threat" by reasonable accommodation · ADA Amendments Act of 2008 (ADAAA): significantly expanded scope of ADA protections by broadly defining disabilities to include conditions that are mitigated, in remission, or episodic if they would substantially limit a major life activity of an employee when active or absent mitigation. Obesity is not a disability unless the weight gain is caused by an underlying physical condition but severe or morbid obesity (100% more than normal body weight) is a disability (i.e., if it substantially limits the person's ability to walk, stand, kneel, stoop and breathe). Pursuant to ADAAA, EEOC released regulations addressing scope of ADA in 2011. o legislatively overturned two SCOTUS cases which limited scope of ADA - Sutton v UAL (held that pilots with severe but correctable myopia did not have a disability under the ADA because a "'disability' exists only where an impairment 'substantially limits' a major life activity, not where it 'might,' 'could,' or 'would' be substantially limiting if mitigating measures were not taken) and Toyota v Williams (held "an individual must have an impairment that prevents or severely restricts the individual from doing activities that are of central importance to most people's daily lives. The impairment's impact must also be permanent or long-term.") · BEFORE EMPLOYMENT OFFER o ADA restricts medical screening of candidates before offer of employment - specifically covers "medical examinations and inquiries" as grounds for discrimination unless "job related and consistent with business necessity." § Job Related and Consistent with Business Necessity means employer must have reasonable belief based on objective evidence that: • employee will be unable to perform essential job functions because of medical condition OR • employee will pose direct threat because of medical condition o During hiring process and before conditional offer, employer may not ask applicant whether needs reasonable accommodation for the job, except when employer knows applicant has disability, but can ask applicant during interview about ability to perform job functions. · AFTER (CONDITIONAL) EMPLOYMENT OFFER o Medical exam may be required after offer of employment, and may condition offer on the results, only if: § all entering employees subject to exam regardless of disability § confidentiality rules followed for results of exam, and § results used only according to laws against discrimination on basis of disability (i.e., job-related and consistent with business necessity) o After conditional offer, employer may inquire whether applicant needs reasonable accommodation if all entering employees in same job category asked this question. o After person starts work, med exam or inquiry must be job-related and consistent with business necessity (e.g., where there's evidence of job performance or safety problem, exam required by other Federal laws or when exam necessary to determine current fitness to perform particular job) · Prohibited Pre-Hiring Practices: o No questions about prior injuries and illnesses, including prior worker comp claims o Psychological tests (e.g., to predict conditions such as depression or paranoia) might qualify as medical exams o No questions about recovery from drug addiction or alcoholism even though ADA does not cover use of alcohol or drugs o Employers should stay away from pre-hire inquiries about likelihood that candidate has covered disability or whether will seek reasonable accommodation 3. Title II of the Genetic Information Nondiscrimination Act (GINA): makes it illegal to discriminate against employees or applicants because of genetic information. Genetic information includes information about an individual's genetic tests and the genetic tests of an individual's family members, as well as information about any disease, disorder or condition of an individual's family members (i.e., an individual's family medical history).