Summer Quarterly E-Newsletter

Summer 2002

LEGALLY SPEAKING
A Quarterly Report of Important Legal Matters

	ARTICLES IN THIS ISSUE:
	*Even Non-Union Employers Must Comply With the NLRA* *Is Your Web Page Opening the Door for Your Company to be Sued in all Fifty States?* *A Realistic Approach to Medical Record Privacy*

EVEN NON-UNION EMPLOYERS MUST COMPLY WITH THE NATIONAL LABOR RELATIONS ACT (NLRA)

BY: Thomas L. McCally, Esq. and Tina M. Maiolo, Esq.

WHEN DRAFTING and implementing company policies and procedures, most nonunion employers do not even consider the National Labor Relations Act. Based upon recent rulings by the National Labor Relations Board, which have been upheld by various courts, however, not only should nonunion employers consider the National Labor Relations Act, they must ensure that they do not violate its provisions.

The NLRA applies to all employers, regardless of size or union presence. The Act was originally passed to address the blatant disparity between the big industrial companies and the newly emerging unions and to protect the rights of the employees involved. While the structure of business has now become more dispersed and entrepeneurial, diminishing the disparity that the NLRA was passed to address, the Act remains in full effect and the NLRB's enforcement of the Act continues as if the disparity were as severe now as it was when the Act was first passed.

Specifically, the NLRB, with the support of various courts, applies the NLRA not only to union involved situations, but also to nonunion situations that the Board believes could potentially "chill" future union organizing activity. These "nonunion situations" have included such things as: employee involvement committees, disciplinary investigations, and pay procedures.

A. Employee Involvement Committees

Recent NLRB decisions, such as EFCO Corp., 327 NLRB No. 71 (1998), cast doubt on the legality of employee participation committees which are a popular means for getting employee input in the workplace. According to the NLRB, such committees may be illegal if they are "labor organizations" either assisted or dominated by the employer and if they discuss terms and conditions of employment. A committee is a "labor organization" if its employee members participate and "deal with" the employer regarding issues such as wages, hours, or other terms and conditions of employment. An employer has assisted with or dominated the committee if management created the committee and determines its structure, function and continued existence. Generally, however, employee committees that have missions limited exclusively to information gathering are allowed. See Stoody Co., 320 NLRB No. 1 (the employer did not violate the Act when it formed an employee handbook committee that was explicitly directly not to discuss terms and condition is of employment.).

B. Disciplinary Investigations

Also of concern to nonunion employers should be disciplinary investigations. In the past, most employers would not consider entertaining an employee's request to have a coworker representative with him/her during an investigatory interview. In Epilepsy Foundation of N.E. Ohio, 268 F.3d 1095 (2001), however, the D.C. Circuit Court of Appeals upheld the NLRB's decision that nonunion employees have the same right as union employees to have a coworker present during an investigatory interview that could lead to discipline.

C. Pay Policies

Pay policies can also violate the NLRA. Rules, whether written or oral, that prohibit wage discussions have been interpreted as unlawfully interfering with the employee's right to engage in organizational and concerted activity - activity that centers on controversial terms or conditions of employment. For instance, in NLRB v. Main Street Terrace Care Center, 218 F.3d 531 (6th Cir. 2000), the Sixth Circuit Court of Appeals upheld the NLRB's decision that the employer violated the NLRA because its managers orally instructed employees not to discuss wages.

D. Adverse Employment Action for Concerted Activity

Employers could also face NRLA claims if they take adverse employment action against employees involved in "concerted activity." Thus, if employees take action to complain about company policies and/or procedures, whether in a group or through one person acting on behalf of others, their actions may be protected. In Arrow Electric Company, Inc. v. NLRB, 155 F.3d 762 (6th. Cir. 1998), the Sixth Circuit Court of Appeals held that the employer violated the NLRA when it terminated four nonunion employees who walked off the job to protest against their supervisor's abusive behavior. The employer was not allowed to enforce its policy against employees improperly leaving the jobsite because the employers were acting as a group to complain against the terms and conditions of their employment. In NLRB v. Main Street Terrace Care Center, 218 F.3d 531 (6th Cir. 2000), the Court affirmed the NLRB's determination that an employee engaged in concerted activity when she talked to management about the wage-related problems of other employees.

TIPS FOR COMPLIANCE:

Recognizing the heavy-handedness with which the NLRB enforces the provisions of the NLRA against employers, there are several steps that an employer can take to minimize the risk of NLRA claims:

1. Review all corporate policies and procedures to ensure compliance with the NLRA paying particular attention.

2. Monitor NLRB decisions.

3. Ensure that employee participation committees do not negotiate with or make recommendations to management. Instead, limit these committees to information gathering only.

4. Do not prohibit wage discussions. Instead, encourage employees to direct questions or concerns about wages to the human resources department or their supervisor.

5. Remove any policies that prohibit or hinder the right for employees to request coworker representation during investigatory interviews that could lead to discipline.

While the foregoing tips will assist an employer in avoiding claims for violation of the NLRA, the best action an employer can take is to regard the NLRA as it does other legislation in drafting and implementing its policies and procedures. Every employer should take the same steps to ensure compliance with the NLRA that it does to ensure compliance with all other federal, state and local laws.

IS YOUR WEB PAGE OPENING THE DOOR FOR YOUR COMPANY TO BE SUED IN ALL FIFTY STATES?

BY: Kevin M. Murphy, Esq. and William E. Buchanan, Esq.

THE UNITED STATES Court of Appeals for the Fourth Circuit recently affirmed a decision by the United States District Court for the District of Maryland that concluded it had neither specific nor general jurisdiction over a Georgia based Internet Service Provider (ISP) whose only contact with the State of Maryland was via the Internet. ALS Scan, Inc. v. Digital Service Consultants, Inc. 2002 U.S.App. LEXIS 11745. Since the Georgia based ISP did not direct its electronic activity specifically at any target in Maryland and since it did not manifest an intent to engage in business or some other interaction in Maryland, a Maryland court could not exercise judicial power over the out-of-state ISP. However, the United States Court of Appeals for the Fourth Circuit did specifically identify when a State could obtain personal jurisdiction over an out-of-state company whose only contact with the State is via the Internet.

Prior to the 1945 Supreme Court decision Int'l Shoe Company v. Washington, 326 U.S. 310 (1945), a person's presence within the territorial jurisdiction of a court was a prerequisite to its rendition of a judgment personally binding him. International Shoe, recognizing the great changes in communications, travel and other technologies, relaxed this standard. "Long arm" statutes allowed States to exercise jurisdiction over out of state defendants who had certain minimum contacts with the State. However, no matter how expansive a "long arm" statute may be, and no matter how great the technological advances, there exist certain constitutional limits on a State's power to exercise personal jurisdiction. Hanson v. Denckla, 357 U.S. 235 (1958).

The questions that should concern companies is, does their web page, which is accessible to the entire wired world, satisfy the minimums contacts of International Shoe and its progeny and therefore make available the corporation to the jurisdiction of all fifty states? The answer depends on the webpage.

In Zippo Manufacturing Co. v. Zippo Dot Com, Inc., 952 F. Supp. 1119 (W.D. Pa. 1997), the court identified a spectrum of web pages. On one end of the spectrum is the passive web page. A passive web page, while being accessible to users in foreign jurisdiction, is simply posted to provide information. This web page clearly does not create grounds for the exercise of personal jurisdiction. At the other end of the spectrum is the web site created to conduct business over the internet and does involve knowing and repeated transmission of computer files with residents of foreign jurisdictions. Here personal jurisdiction is proper. Many web pages fall between the extremes. These are identified in Zippo as interactive web pages. Interactive web pages allow the user to exchange information with the host computer. In these cases, the exercise of jurisdiction is determined by examining the level of interactivity and commercial nature of the exchange of information that occurs on the web site.

The United States Court of Appeals for the Fourth Circuit adopted the Zippo standard in determining when a State may obtain personal jurisdiction over a company whose only presence in the State is via the Internet. According to the Zippo standard as adopted and adapted by the Fourth Circuit, a State may exercise judicial power over a person outside of the state when they (1) direct electronic activity into the State (2) with the manifest intent of engaging in business or other interactions within the State, and (3) that activity creates, in a person within the State, a potential cause of action cognizable in the State's Court.

Every business, who is concerned about being sued in a foreign jurisdiction, should evaluate their own web page in light of the generally recognized Zippo standard and determine if they are availing themselves of the laws of foreign jurisdictions and weigh the costs and benefits of such a risk.

A REALISTIC APPROACH TO MEDICAL RECORD PRIVACY

BY: Edward J. Krill, Esq.

ON MARCH 21, 2002, the Bush Administration proposed changes in the much discussed HIPAA Regulations regarding the privacy of medical record information. A comprehensive set of amendments, in the form of Proposed Regulations, was published on March 27, 2002 at 67 F.R.14776-815. This proposal would substantially change the "final" Regulations published in March of last year. These Regulations and related information can be accessed on the HHS website for this issue: http:www.hhs.gov/ocr/hipaa/

There has been an enormous outpouring of critical comment regarding the complexity of these Regulations and the high cost of implementation since HHS began to propose Regulations to implement this law in 1998. Although the Bush proposal would eliminate the requirement of advance written patient consent for all disclosures of medical record information, that view may not survive further Congressional action to override the Bush changes.

Without providing a detailed review of the HIPPA Regulations at each stage of their evolution, and absent a clear picture as to what will finally emerge from the newly energized debate on this subject between the Administration and the Congress, there remains a body of state law that requires compliance. Maryland, Virginia and the District of Columbia all protect the privacy of medical records, with variation only in the specificity of the statute. Compliance with existing state law is the best strategy now, until the matter is further resolved.

HIPPA preempts only those state laws that are contrary to its requirements and permits the continued enforcement of state laws that are more specific or more stringent. 45 C.F.R. § 160.201-03. Since the laws of Maryland, Virginia and the District of Columbia do not generally conflict with HIPAA, and are in many ways more detailed in regard to the release of medical records, in this new federal law will probably not create significant changes in the obligations of physicians to protect the privacy of patient medical records or to obtain consent to their release that currently exist under the laws of these three jurisdictions.

Therefore, although the final outcome of the debate over the exact requirements of HIPAA is some time off, I recommend that physicians in this region do the following:

a) For e-mails to patients, utilize a secure computerized patient information system and a password or encrypted e-mail messaging that protect patients against unauthorized access by hacking or fellow user review, such as in most company e-mail arrangements.

b) Obtain advance written consent to the release of medical records in your standard Patient Registration Form, using a form such as one that combines the AMA recommended HIPAA Form A and HIPPA Consent Form for the consent to treatment. This one form should be signed by every adult patient and minor or incompetent patient representative to authorize the transmission of information necessary to obtain reimbursement, perform testing and obtain consultations, except in an emergency.

c) Add a blank line to your Patient Registration form that permits the patient to give specific instructions or to request non-disclosure to specific persons or purposes, i.e. "Do not send my records to my employer." "Do not release my records to my husband." "Do not bill my insurance plan."

d) Have patients sign an Authorization for the Release of Information if the physician's office needs records from previous providers, using, for example, the AMA HIPAA Form B.

e) Provide a Notice of Privacy Practices in the waiting room of your office, using the 5 page AMA model form, or an edited version, adapted as needed to specific state law requirements. A sign should be placed in the patient waiting area that notifies patients that they may have a copy of the Notice. Print sufficient copies to permit continuous ready access and review by patients.

f) Abide by state laws that grant minors the right to give valid consent without parental notice for mental health, reproductive and substance abuse care and those requiring reports of abuse.

g) Ask for written assurances from your billing, accounting, practice management, electronic medical records and medical records storage vendors that they are HIPAA compliant, using the HHS form, which they will have; and,

h) Exercise thoughtful professional discretion in discussing any patient's health status with anyone. In the event of any non-routine request to release medical records, train your office staff to ensure that there is patient consent for the release.

i) Adhere to the special state and federal rules regarding release of mental health records, charts that refer to treatment for alcohol or drug abuse and HIV status.

Copyrights by Carr Maloney P.C. All rights reserved. This paper addresses legal issues important to business; however, this publication should not be used as a substitute for legal advice.

If you have received this publication in error or if you wish to be removed from this distribution list, please contact the editor at editor@carrmaloney.com.