CLOSE X
RSS Feed LinkedIn Twitter Facebook
Search:
FMG Law Blog Line

Archive for August, 2016

Beware of the Fees!!! Businesses and Universities Face New Risks in Offering Employees Retirement Plans

Posted on: August 31st, 2016

Cambridge, MA, USA - November 2, 2013: Radcliffe Quad undergrad housing at Harvard University in Fall in Cambridge, MA, USA on November 2, 2013.

By: John Goselin and Ze’eva Kushner Banks

Plaintiffs’ attorneys have a new target – educational institutions offering 403(b) plans and the fiduciaries who are responsible for monitoring the plans. No less than eleven lawsuits, all but one of which have been brought by the same plaintiffs’ firm, have been filed in the last four weeks against universities all over the country, from Emory University in Atlanta to New York University to the University of Southern California. These newly-minted lawsuits claim that the educational institutions breached their fiduciary duties under the Employee Retirement Income Security Act of 1974 (“ERISA”) by permitting excessive fees to be charged to plan participants. In short, the complaints allege that the plan participants have been shortchanged on their investments because excessive professional and management fees have been deducted from their retirement money.

The plans offered by the defendant universities are huge. For instance, according to the complaint in the case against Emory, as of the end of 2014, Emory’s retirement plan had $2.6 billion in net assets and 20,261 participants. Similarly, Emory Healthcare’s plan had $1.06 billion in assets and 21,536 participants. In another example, Yale’s retirement plan held $3.6 billion in assets, with 16,487 participants as of June 30, 2014.

The complaints allege that the universities and the plan fiduciaries breached their duties of loyalty and prudence by failing to use their significant negotiating power to obtain lower priced fees for record keeping services and investment options in the respective plans. The common themes in the various complaints include the imprudent use of multiple record keepers for the plans, excessive record keeping fees, too many investment options, and maintaining retail class investment products in the plan rather than lower cost institutional funds.

These cases follow in the wake of a similar wave of litigation directed against corporate 401(k) plan sponsors. Indeed, “403(b) plans” are basically 401(k)-type plans except they are for nonprofit institutions. In 2015, the U.S. Supreme Court in Tibble v. Edison, 135 S.Crt. 1823 (2015) put retirement plans on notice of their continuing duty to monitor plan investments, including the fees charged to the plans. As illustrated by this second wave of excessive fee litigation focusing on large universities offering 403(b) plans, more waves could be on the horizon, as the plaintiffs’ bar finishes with the larger targets and proceeds to mid-size universities, smaller businesses and other nonprofit institutions such as hospitals that offer 401(k) or 403(b) plans. Indeed, the number of plaintiffs’ lawyers prosecuting these types of cases may soon increase with model complaints available for easy and cheap reference for re-casting the same allegations against new targets.

Regardless of size, all businesses and institutions offering 401(k) and 403(b) plans should consider carefully what steps may be necessary to ensure that their fiduciary duties under ERISA are being met. They should review the fees being charged to the plan and seek professional legal and financial advice to ensure that the plan fiduciaries are doing appropriate due diligence regarding their plan’s expenses, including professional fees.

DOJ Nearly Doubles False Claims Act Penalties, Increasing Risk of Litigation and Potential Liability

Posted on: August 30th, 2016

Contract wording on financial paper. Blurred one hundred dollar in the background

By: Michael Wolak III

On June 30, 2016, the Department of Justice (“DOJ”) issued an Interim Final Rule that nearly doubles civil penalties for False Claims Act (“FCA”) violations. The FCA is a federal law that prohibits anyone from submitting false or fraudulent claims to the federal government for payment. See 31 U.S.C. § 3729(a). In addition to penalties for each violation, the FCA imposes treble damages, or three times the amount of damages that the federal government sustains because of the false claim. The DOJ’s new rule – which adjusts the penalties to account for inflation – went into effect on August 1, 2016 and increases the penalty range for FCA violations by 96 percent, from $5,500 – $11,000 per violation to $10,781 – $21,563. The DOJ proposes to apply this rule retroactively to conduct that occurred nine months prior to August 1, 2016.

The increased penalties under the FCA have major implications for health care providers and government contractors who submit a significant number of claims for payment for their services to the federal government on a regular or daily basis each year. Consider, for example, a government contractor that submitted ten false claims per day over a three-year period, or 10,950 false claims. Under the DOJ’s new rule, maximum penalties surge from $120,450,000 to more than $236,000,000, before treble damages are factored in.

In addition to the increased potential liability imposed by the new rule, FCA claims will likely rise as the increased penalties give whistleblowers more incentive to allege fraud on behalf of the government. The qui tam provisions of the FCA allow a private individual with knowledge of FCA violations (called a “relator”) to bring a civil action on behalf of the federal government and receive a percentage of the monetary recovery, typically between 15 and 30 percent. With penalties nearly doubled, whistleblowers will be more incentivized to bring a qui tam action. We may also see defendants increasingly arguing that the penalties are disproportionate to any actual damages sustained by the government, constituting an excessive fine in violation of constitutional rights.

In fiscal-year 2015 alone, the DOJ recovered more than $3.5 billion in FCA settlements and judgments. Indeed, state and federal governments have already amassed more than $1.86 billion in FCA recoveries as of August 2016. Accordingly, health care providers and all those who do business with the federal government should take steps to minimize FCA exposure and liability, including carefully vetting and selecting contractors that perform billing functions; implementing appropriate policies and procedures and effective internal oversight to ensure compliance with applicable government regulations; and maintaining an awareness and understanding of legislative and regulatory developments that may affect the company’s liability under the FCA.

To learn more about the FCA’s constantly evolving framework and operation along with practical guidance to help your organization avoid or limit FCA liability, please contact Michael Wolak III (770-303-8638), John H. Goselin (770-818-1423) or Michael P. Bruyere (770-818-1435).

OCR Casts a Wider Net on HIPAA Breaches

Posted on: August 29th, 2016

HIPAA health care document in duo tone blue

By: Agne Krutules

Under the Health Insurance Portability and Accountability Act (HIPAA), covered entities and their business associates have duties under the Privacy Rule and the Security Rule to protect patient health information. The U.S. Department of Health and Human Services, Office for Civil Rights (OCR) regional offices are required to investigate all reported breaches involving the protected health information (PHI) of 500 or more individuals. With regard to smaller breaches, however, OCR has discretion whether to conduct an investigation.

From 2003 through May 31, 2016, OCR received more than 134,246 HIPAA-related complaints and investigated and resolved more than 24,241 cases. The vast majority of these investigations involved larger breaches of unsecured PHI affecting 500 or more individuals. That is typically what most people have grown to expect—more attention to large-scale breaches, with smaller breaches under 500 individuals typically not receiving as much scrutiny. However, these traditional expectations are about to change due to a recent announcement from OCR about its plans to increase efforts to investigate smaller breaches more frequently.

Through an August 18, 2016 email, OCR announced that it is launching an initiative “to more widely investigate the root causes” of HIPAA breaches affecting fewer than 500 individuals. According to the announcement, OCR’s regional offices have ramped up their efforts to identify and obtain corrective action to address “entity and systemic noncompliance” related to these smaller scale breaches. While not every HIPAA breach will be the subject of investigation due to limitations on resources, OCR says that the following factors will be considered in determining whether to pursue such investigations:

  1. The size of the breach;
  2. Theft of or improper disposal of unencrypted PHI;
  3. Breaches that involve unwanted intrusions to IT systems (for example, by hacking);
  4. The amount, nature, and sensitivity of the PHI involved; and
  5. Instances where numerous breach reports from a particular covered entity or business associate raise similar issues.

OCR’s announcement also states that “Regions may also consider the lack of breach reports affecting fewer than 500 individuals when comparing a specific covered entity or business associate to like-situated covered entities and business associates.” This is the first time OCR has ever specifically announced that it would consider the factor of underreporting when determining whether to investigate a data breach. Thus, covered entities and business associates should use this message to focus on their breach investigation techniques and breach reporting processes.

Although the investigations of the smaller scale breaches will remain discretionary, more investigations affecting less than 500 individuals are certain. Accordingly, covered entities and business associates should not become complacent when dealing with smaller or “routine” incidents, and they should take proactive steps to review their HIPAA compliance obligations and update safeguards to protect against breaches. Becoming an object of an OCR investigation can be time-consuming and expensive, even without considering the potential costs of civil monetary penalties if HIPAA non-compliance is uncovered.

Amendment to Labor Code Section 226 Itemized Wage Statement Requirements Provides Welcome Relief – and some hope – to California’s High Tech Industry

Posted on: August 22nd, 2016

Low angle view of male hand signing contract or subscription form with a pen on a rustic wooden desk.

By: Dennis Strazulo

On July 22, 2016, Governor Brown approved Assembly Bill 2535 (AB 2535) to amend California Labor Code section 226. The amendment provides much-needed narrowing of the statute’s current requirement that an employer include hours worked on itemized wage statements for all employees except those whose compensation is solely based on salary and who are exempt from payment of overtime.

A strict reading of LC section 226, as currently written, requires all exempt California employees earning a commission or a bonus to keep track of their time. Unfortunately – nothing new in the clash between employers and the many overbroad employment laws they endure in California – this requirement does not track with the common and fair practices of most California employers. The long-standing practice of California employers has been to track hours of only non-exempt, hourly employees – not exempt employees paid by salary. However, prior to AB2535, the wording of Labor Code section 226 left employers exposed to liability for penalties if a salaried-exempt employee received so much as a holiday bonus and the employee’s itemized wage statement did not reflect hours worked.

Under the amendment, only nonexempt employees and others who are paid according to hours worked are required to have their hours logged on their wage statements. AB 2535 amends Labor Code section 226 by adding section (j) which reads, in part:

“(j) An itemized wage statement furnished by an employer pursuant to subdivision (a) shall not be required to show total hours worked by the employee if any of the following apply:
(1) The employee’s compensation is solely based on salary and the employee is exempt from payment of overtime under subdivision (a) of Section 515 or any applicable order of the Industrial Welfare Commission.
(2) The employee is exempt from the payment of minimum wage and overtime under any of the following:
(A) The exemption for persons employed in an executive, administrative, or professional capacity provided in any applicable order of the Industrial Welfare Commission.
(B) The exemption for outside salespersons provided in any applicable order of the Industrial Welfare Commission.
(C) The overtime exemption for computer software professionals paid on a salaried basis provided in Section 515.5…”

AB 2535 casts a wide net to adequately protect the already equitable practices of most business in California by confirming exempt employees do not have to track their time. Despite this amendment, however, thousands of high tech employees in California remain technically misclassified as exempt from overtime under state and federal law, notwithstanding their six-figure salaries. These individuals are required to clock in and out, and take timely meal and rest breaks, pursuant to antiquated laws. Silicon Valley employers, in particular, can be hopeful Assembly Bill 2525 is a step in the right direction toward modifying wage and hour exemption laws to bring them in line with current business models. At the very least, however, this amendment to Labor Code section 226 should prevent bogging down the already impacted California labor board by aligning the law with otherwise just business practices of California employers.

Is Florida’s Notice and Repair Process a Suit? Eleventh Circuit Asks Florida Supreme Court to Weigh In

Posted on: August 22nd, 2016

Concept of construction and design. 3d render of blueprints and designer tools on the panorama of construction site.

By: Bart Gary and Tim Holdsworth

Earlier this month, in Altman Contractors, Inc. v. Crum & Forster Specialty Insurance Co., the Eleventh Circuit certified to the Florida Supreme Court the question of whether Florida’s statutory notice and repair process constitutes a suit under a commercial general liability (“CGL”) policy, triggering the insurer’s duty to defend. In this case, Altman Contractors, Inc. (“ACI”) served as the general contractor for the construction of a condominium. In 2012, the condominium served ACI with a notice of claim under Florida’s notice and repair statute, which establishes a process to resolve construction disputes between property owners and contractors, subcontractors, suppliers, or design professionals.

ACI then sent a demand letter to Crum & Forster Specialty Insurance Co. (“C&F”) notifying it of the notice of claim and demanding that C&F defend and indemnify ACI. C&F denied that it had a duty to defend ACI because the matter was “not in suit” as that term was defined in the insurance policies. The CGL policy defined “suit” as:

“Suit” means a civil proceeding in which damages because of “bodily injury”, “property damage” or “personal and advertising injury” to which this insurance applies are alleged. “Suit” includes:

a. An arbitration proceeding in which such damages are claimed and to which the insured must submit or does submit with our consent; or

b. Any other alternative dispute resolution proceeding in which such damages are claimed and to which the insured submits with our consent.

The policy did not define “civil proceeding.” ACI then filed a lawsuit against C&F seeking a declaration that C&F owed it a duty to indemnify and defend. The district court found that the policy language was unambiguous and the notice and repair process was not a “suit” because it did not meet Black’s Law Dictionary’s definition of “civil proceeding” (“[a] judicial hearing, session, or lawsuit in which the purpose is to decide or delineate private rights and remedies, as in a dispute between litigants in a matter relating to torts, contracts, property, or family law”).

The Eleventh Circuit found that the outcome of the case may have significant practical and policy implications for Florida. For example, C&F argued that imposing a duty to defend on insurers during the notice and repair process would fuel an insurance crisis in the state by increasing the cost of insurance and limiting its availability. Because of these possible implications and the lack of guidance from Florida courts on the issue, the Eleventh Circuit found it appropriate to certify the question to the Florida Supreme Court.

We will keep you updated on this matter once the Florida Supreme Court issues a decision. In the meantime, feel free to contact counsel at Freeman Mathis & Gary if you have any questions or would like guidance on these issues.