The Value of Attorney-Client Privileged Workplace Audits.

Lisa Sherman
California Labor & Employment Attorney

Many California employers fail to realize just how much is at stake when they do not regularly audit their employment policies, procedures, practices, and processes for legal compliance in the workplace and all of their technology systems implementing reasonable measures that protect all of their non-public Company information. Even if we successfully persuade California employers to update their employee handbooks to comply with the latest changes in California law, as soon as, we recommend a technology/ESI audit, lock down Company information and customize policies addressing these issues, employers' are not interested at all, implementing nothing more than generic policies. 

Attorney-Client Privileged Legal Compliance Audit of Employment Policies, Procedures and Practices is Invaluable.

Attorney-client privileged legal compliance audits have never been more important for California employers as employment-related litigation continues to soar; electronic data is not disappearing anytime soon; and California's legislature is expected to increase regulation on California-based employers even further to counteract President Trump's anticipated pro-employer federal legislation.  While our audits are tailored to the type of industry, national/international/local, federal and state law coverage, number/type of workers, etc., they generally include a top to bottom review of the corporate structure, all persons who perform work for the organization, and an evaluation of workplace policies, practices and processes, whether written, oral or based on past practices.  A sampling of the areas that we review include:

  • Corporate Organization & Liability Assessment. Review corporate structure, compliance requirements, potential individual corporate executive liability/alter-ego claims, and joint employer issues.
  • Administration of Human Resources and Employment Matters. Review set-up, including, staff qualifications, training, processes, practices, recordkeeping, reporting, confidentiality, and extent of involvement in employment-related decisions, including, but not limited to, recruiting, hiring, orientation, recordkeeping, training, payroll, safety, benefits, leaves of absences, complaints, investigations, disciplinary actions, and adverse employment actions, including, terminations.  
  • Employer Coverage, Posting Compliance & Prior Employment Issues including, Legal Actions, of any Kind. Review coverage and posting obligations under federal/state laws, regulations, agencies, and local ordinances and any prior employment issues.
  • Organizational Chart Analysis. Company-wide analysis from top to bottom of functional areas/departments, identification of officers, directors, executives, management, rank and file employees; dates of hire, protected classes, full or part-time, compensation, exempt/not-exempt classification, promotions, reporting, overlapping authority; review job descriptions for each category and analyze if actual duties/salary basis comply with exempt classification requirements under state and federal laws, as well as, analyze compliance with California's recently amended Equal Pay Act.
  • Personnel & Confidential Files, Non-Public Information, and Governing Practices, Policies and Processes. Review all files, paper and digital data, policies and processes in place. 
  • Written Employee Handbooks, Manuals, Policies, Procedures, Agreements, Certifications, & Waivers (including, Collective Bargaining Agreements for Union Employees).  Review all writings, including, handbooks, manuals, policies, procedures, and agreements relating to workplace rules, the organization, employment, positions, and benefits for legal compliance, any deviations in Company practices from the writings, and refuting potential claims.
  • Practices, Policies, Forms and Processes from Hiring to Separation of Employment. Review practices, policies, forms and materials from hiring to separation from employment 
  • Employee Complaint Practices, Policies, Documentation Process & Investigation Protocols.  Review policies, practices, investigation protocols and documentation regarding the same from start to finish;  
  • Fair Employment Practices Analysis. Review policies, practices and statistics re: members of protected classifications re: fair employment practices, including, hours of work, compensation, leaves, benefits, to refute disparate treatment and disparate impact claims.
  • Leaves of Absence Employer Coverage, Policies, Practices, Processes and Forms.  Review employer coverage by federal and state laws governing leaves of absences of any kind, and compliance by the Company; review policies, procedures, practices, forms, administration, reporting, recordkeeping, past issues and practices, in connection with legally complying with the requirements for leaves of absences. 
  • Wage and Hour Practices, Policies, Agreements, Forms, Certifications, Waivers, Reporting, and Recordkeeping. Perform top-to-bottom wage and hour analysis on all workers, including, but not limited to, entity issuing payments for services performed for more than one entity; evaluate classification of contractors and employees, as well as, exempt and non-exempt employees, rates of pay, records evidencing all hours actually worked by all workers, Company's current recordkeeping practices, payroll processes, and calculations for regular rate, overtime, vacation, sick time, etc.; policies, job descriptions or other documents in place supporting classifications, certifying actual hours worked and breaks made available to non-exempt employees, reporting, and payment of premium pay; processes governing unauthorized or unknown overtime by non-exempt employees re: remote or after-hours work, Company travel or functions; wage statement and payroll compliance, reimbursement for business expenses, including, business use of personally-owned devices, cars, etc. and final compensation procedures and practices. 
  • Policies, Practices, and Processes to Protect Personal, Personnel, Health, Financial, Non-Public Corporate and Proprietary Information. Review all policies, practices, and processes in place to protect the types of personal and corporate confidential information the Company creates, receives, stores or transmits, unauthorized access and use, workplace tracking, monitoring and other policies, practices involving personal, private applicant or employee information obtained from internet, Company devices, social media postings, etc. 
  • Documentation of Employment-Related Matters and/or Actions. Review policies, processes, practices, management training materials, procedures, forms and sample writings used to document any and all employment-related matters and/or actions, with special emphasis on counseling, all persons involved in decision making re: complaints, investigations, and the process by which all adverse employment actions are implemented, and all writings/documentation evidencing the same.
  • Record-Keeping and Retention Practices & Policies. Identification of all paper and electronic records and current practices and policies regarding retention of records, and compliance with record-keeping, preservation and legal hold obligations for all Company information.
  • Safety & Health Compliance, including, Workplace Violence, Crisis Management, and Emergency Preparedness. Review programs, practices, postings, policies, training, and recordkeeping in place regarding safety, security and health for legal compliance. 

An Attorney-Client Privileged Audit that Takes Control of ALL Company Data Is .... Essential.

Unless employees only use Company-issued devices to conduct all business at all times and such data is not saved or stored anywhere, other than Company's servers, which is rarely the case, these Companies have likely violated legally-required recordkeeping obligations; risk individual and/or class action liability for unknown overtime or missed meal breaks by non-exempt employees; and have no idea where, let alone, who is in possession of their non-public confidential information. Significantly, these Companies will lose the protection of their claimed trade secrets and confidential information under federal and state laws if nothing more than generic policies are relied upon.  As a result, civil claims and/or criminal prosecution for unauthorized access and/or use, as well as, resulting damages may not be recoverable.  Moreover, the public release of any of the Companies' non-public information, whether or not, it goes viral on social media or lands in the hands of just one competitor, will not only tarnish their reputation but threaten their future viability. 

Inventory All Technology, Devices and Systems to Find Out Where All Company Information Currently Lies and Assess Options.

The only way a Company can protect all of its property and information (from handwritten notes, forms, paper copies/printouts to data transmitted between employees on personally-owned cellphones), is to find out where all of it currently lies.  At counsel's direction, a highly-experienced technology consultant will fully inventory all of the Company's current technology, systems, processes, and all devices used by all employees in any manner (including remotely after hours and on weekends) to conduct business, as well as, the programs, databases and types of ESI created, transmitted and stored. This first essential step in taking control of Company data will allow the consultant to provide an assessment of the current structure, processes, and processes and provide cost-effective recommendations to the Company.  

Customize Policies, Procedures and Adapt New Tools to Take Control of Company Property and All of Its Information.

Counsel and the consultant will then customize policies and agreements, institute processes, procedures and most importantly, adapt new tools, programs and implement reasonable measures to govern the creation, transmission, access, use, storage, and return of all of the Company's information, with extra precautions in place to protect non-public confidential information, including, but not limited to, personal, personnel, financial, medical and private health information, as well as, the Company's proprietary, trade secrets.  

For more information on auditing your Company's practices, we invite you to give us a call today at (213) 341-4417.  Our initial consultation is at no cost to you.