Workplace Investigation

Seyfarth Synopsis: Within the last few years, the California Legislature has amended laws related to an employee’s right to inspect personnel records, intending to ensure employees have access to those records. Since then, employers have seen more such requests, claims made before the Labor Commissioner, and even lawsuits over production of personnel files. We offer here some tips on how to comply.

What Is This Letter and What Do I Do About It?

Your company receives a letter from a former employee (or a lawyer) asking to inspect the personnel file or “employment records.” What (if anything) should you do in response?

How and when a California employer responds to these requests can have legal consequences. That’s right—employers can be sued (or even face criminal liability) over how they did, or did not, respond to personnel file requests.

The proper response depends, first, on what the employee is asking to inspect. In California, three principal statutes govern employee requests to inspect personnel records—Labor Code §§ 1198.5, 226, and 432. See below for details.

Labor Code § 1198.5

Section 1198.5 says that employees (and former employees) have the right to inspect personnel records maintained by the employer “related to the employee’s performance or to any grievance concerning the employee.” Employers must allow inspection or copying within thirty (30) days of the request, which can be made by the employee or their representative (often an attorney). That time period can be extended by five (5) days by mutual agreement.

Covered documents: Under the terms of the statute, it appears that documents such as performance reviews, commendation letters, disciplinary notices (“write-ups”), corrective action plans, and complaints about the employee would likely be covered.

The language in Section in 1198.5 is broad; it uses the terms “related to” and “concerning.” As a result, determining exactly what other documents might be covered can be a challenge. But the Labor Commissioner has issued some guidance on its website on what might be included in a “personnel file,” including, in addition to the above, things like an employment application, notices of leaves of absence or vacation, education and training notices, and attendance records. Unfortunately, there is no appellate case interpreting the scope of the current statutory language. So the overall scope of the statute still remains an open-ended question.

Nevertheless, the statute excludes certain files. For most employers, those files are (1) records about a criminal offense, (2) letters of reference, and (3) ratings, reports or records obtained before the employee’s employment, prepared by identifiable examination committee members, or obtained in connection with a promotional examination. In addition, employers can redact the names of any non-supervisory employee mentioned in the requesting employee’s file.

There are also situations when the statute does not apply. For example, if an employee (or former employee) files a lawsuit that “relates to a personnel matter” against the employer, then the right to inspect or copy the records ceases during the pendency of the lawsuit. The inclusion of this provision strongly suggests that Section 1198.5 is not a replacement for broad civil discovery.

What happens if I forget to produce records in time? If the employer does not permit the inspection or copying of these records in time, the employee may bring an action to obtain a court order (injunction) for the employer to comply with the statute. Employees are also entitled to a statutory penalty of $750 AND an award of attorneys’ fees and costs for bringing the action. And failure to comply is a criminal infraction. Ouch!

Labor Code § 226

Section 226 requires California employers to furnish employees with itemized wage statements that show nine (9) specific categories of information, such as all hourly rates, hours worked, gross wages earned, etc. The employer must provide these wage statements at the time employees are paid or semi-monthly. The specific information required and the entire text of the statute can be found here.

Covered documents: The scope of this one is easier than Section 1198.5. In addition to requiring itemized wage statements, this section also requires the employer to produce those wage statements to employees on request or a computer-generated report that shows all nine (9) categories of information required. Employers must make the records available to the employee within twenty-one (21) days.

What happens if I forget to produce records in time? Section 226 has remedies similar to those available under Section 1198.5. Section 226 also authorizes the employee to sue for a court order requiring the employer to produce the information and also a penalty of $750, and employees can also recover attorneys’ fees for bringing the lawsuit. Violation of the statute is also a criminal infraction. But unlike Section 1198.5, there is no exception for pending litigation. Yikes!

Labor Code § 432

Section 432 applies to any document that an employee (or job applicant) “signs” that is related to obtaining or holding employment. Upon request, the employer must provide those documents. Fortunately, this statute is simpler than the others. There is no timeline for production and there is no private right of action to enforce compliance.

But that does not mean that employers should ignore requests under this statute. As a practical matter, documents covered by this section can also be covered by Section 1198.5 (i.e., signed performance reviews or signed disciplinary write-ups). More importantly, failure to comply with such a request is a misdemeanor. And there is also no exception for pending litigation. Wow!

Covered documents: As mentioned, Section 432 covers any document the employee signed related to “obtaining” or “holding” employment. Examples include job applications, handbook acknowledgments, arbitration agreements, job descriptions, and any signed policy acknowledgments (anti-harassment, retaliation, discrimination, at-will employment, meal/rest break polices, etc.).

Workplace Solutions

Employers often wonder if they have to produce “every” record about an employee in response to these requests. As the statutes indicate, the answer is “no”— only documents that fall within the categories requested need to be produced. Employers must also remember to protect other important rights. Indeed, personnel issues often implicate attorney-client privilege, attorney work-product, proprietary information, and privacy issues. As a result, responding to personnel file requests often requires a case-by-case approach.

If you would like assistance in ensuring your company’s compliance with a personnel file request, or if you have any questions raised in this post, then please do not hesitate to contact the author or any other member of Seyfarth’s Labor and Employment Group.

Edited by Coby M. Turner.

Seyfarth Synopsis: When employee theft occurs, employers must be cautious in investigating, avoiding self-help, and in deciding if and how to terminate the offending employee.

Companies work hard to hire trustworthy employees, but employee theft can occur in any business. Employee theft takes different shapes—you may discover an employee is stealing products, supplies, confidential information or money from the company; an employee may steal more surreptitiously by padding time on a time sheet; or an employee may intentionally fail to enter vacation time taken in order to get paid for that time when they quit. Whether subtle, or as brazen as a famous thief (see https://en.wikipedia.org/wiki/Catch_Me_If_You_Can), any form of employee theft hurts your business and can present you with a difficult management situation.That’s why we’re here to help with the following tips.

  1. “An Honest Man Has Nothing to Fear”—Background Checks:

Inquiring into an applicant’s history can be a useful tool to identify people with a propensity toward dishonesty, but if you use background checks, make sure you follow the rules about collection and use of information.

a) California law prohibits use of consumer credit reports for employment purposes except when hiring for certain specified positions, such as managers, peace officers, positions that involve regular access to personal and banking information of individuals, access to $10,000 or more of cash, or access to confidential or proprietary information of the employer. (Labor Code § 1024.5.)

b) State and local agencies (as well as employers in San Francisco and Richmond) cannot use information about criminal history unless and until a decision about the candidate’s minimum qualifications has already occurred. (See. e.g., Labor Code 432.9 and San Francisco Fair Chance Ordinance.)

c) In addition, under federal law, criminal history may not present an automatic barrier to employment; there must be a relationship between the criminal activity and the important elements of the job, and employers should consider the number of convictions, their nature and seriousness, how recent they are, and evidence of rehabilitation.

For the kinds of background inquiries that are permitted, make sure that you provide the appropriate disclosures, get permission from the prospective employee, and provide a copy of the background check report if requested. See our prior posts on California background check requirements here.

A thorough pre-employment background check should include:

  • criminal history (if permitted) for crimes involving violence, theft, and fraud (in California you can only check back 7 years; you cannot ask about marijuana-related convictions that are more than 2 years old, or arrests that did not result in conviction)
  • civil history for lawsuits involving collections, restraining orders, and fraud
  • driver’s license check for numerous or serious violations
  • education verification for degrees from accredited institutions
  • employment verification of positions, length of employment, and reasons for leaving.
  1. “People Only Know What You Tell Them”—Verify Past Employment:

Even though most employers will verify only position and dates of employment, a prospective employer may be able to tell by the tone of voice whether the former employer had issues with the employee. A prospective employer should consistently ask previous employers whether the applicant is eligible for rehire.

  1. “Don’t Break the Rules”—Provide Clear Written Policies Prohibiting Theft:

Develop a written policy regarding timekeeping, with specific instructions on the duty of honesty and prohibition against timekeeping fraud. You should also have an employee handbook that covers the policy and the penalties for theft. In addition, it is a good idea to have clear written policies posted in the workplace regarding stealing, what types of acts constitute stealing and the consequences that will be enforced if an employee is caught stealing. Translate your policies into the languages spoken by your workforce. Have your employees acknowledge in writing that they have read and know the policies.

What to Do (and Not Do) If You Think an Employee Is Stealing

  1. Investigate … With Care and Document Results. 

An allegation of theft is serious and an employer should be very careful in planning, carrying out and documenting the investigation. There should always be at least two individuals involved in the investigation and, ideally, at least one of the investigators should not know the accused. If the company has a protocol for an investigation, follow it closely. Let the accused employee tell his or her story and include it as part of the record of investigation.

  1. Do Not Withhold Missing Amounts of Money From the Employee’s Paycheck.

An employer can lawfully withhold amounts from an employee’s wages only under very limited circumstances, and employee theft or suspected theft is not one of them.  (Labor Code Sections 221 and 224.) In fact, court decisions and the IWC Wage Orders specifically regulate an employer’s ability to deduct amounts from an employee’s wages due to cash shortages, breakage or loss of equipment. So, if you lose some equipment or merchandise, or find that cash is missing, resist the urge to take an offset against the suspected offending employee’s wages, and instead find out how to respond correctly.

  1. To Terminate or Not To Terminate?

This determination depends heavily on how strong the evidence is against the employee. If the evidence is not conclusive, you may want to be careful about telling an employee that he or she is being fired for theft, dishonesty, or suspicion of theft. Accusing an employee of a crime may be considered defamatory and should not be done unless the employer is 100% certain. Instead, the cautious employer will cite to lack of trust, or loss of confidence as the reason for termination. Or, even better, connect the termination to a violation of policy or procedure. Even this less dangerous road can contains land mines, as inconsistent enforcement of a work rule could potentially lead to claims of discrimination.

Workplace Solutions: “Don’t Be a Stranger” when it comes to consulting your counsel regarding the appropriate response to employee theft, including whether to terminate an employee for stealing. In the event you find yourself depending against any resulting claims, you will want to make sure your actions were well thought out and well documented.

Edited by Coby M. Turner.

Seyfarth Synopsis:  Protecting trade secrets from employee theft requires more than using an NDA when onboarding employees. If businesses want to protect confidential information, they need a cradle-to-grave approach, reiterating employee obligations regularly, including during exit interviews. (Yes, you need to do exit interviews!)

Headline stories in intellectual property theft tend to involve foreign hackers engaged in high-tech attacks to pilfer vast troves of data stored by big businesses or government entities, such as those involving Russian government hackers or the Chinese military. The losses are staggering. In 2009, McAfee estimated that cybercrime cost worldwide economies $1 Trillion. That number was cited by (a then-youthful) President Obama in his first speech on cybersecurity. Since that time, attacks by professionals and nation states have remained at the forefront of both news reports and the public perception. Since then, hack attacks have remained at the forefront of both news reports and the public perception.

But despite the disproportionate attention given to high value, high-tech attacks by outsiders, many U.S. businesses recognize that threats from the inside are just as costly as revealed by a 2014 PricewaterhouseCoopers survey. Nevertheless, “only 49%” of organizations surveyed had “a plan for responding to insider threats.”

Trade secrets are particularly susceptible to theft because they, by definition, consist of secret information with economic value. Company insiders often find that information too tempting to be leave behind when changing employers, or when seeking new employment. Therein lies the problem.

Trade secret theft by employees may not grab as many headlines as neo-Cold War espionage, but the data suggest that employees, not outsiders, pose the greatest threat of loss from trade secret theft. The good news is that a little proactivity by employers will go a long way toward keeping them out of the 49% who lack a plan to prevent leaks.

Of course, in California, obtaining protection is not all that simple. Non-compete agreements are, with very limited exceptions, a non-starter under Business and Professions Code § 16600, so you need special steps to keep your trade secret house in order. And because a California trade secret plaintiff (e.g., a former employer suing its former employee) likely must identify its trade secrets with reasonable particularity before commencing discovery, it pays to invest time on the front end to identify and inventory your trade secret information before litigation arises.

So, what can employers do?

Update Non-Disclosure Agreements to Comply With the DTSA, and See That Employees Know Why NDAs Are Important

Almost all employers (we hope) have confidential/non-disclosure and trade secret protection provisions in their employment agreements. But have these agreements been updated to comply with the recently enacted Defend Trade Secrets Act (“DTSA”) and its important employee/whistleblower notification provisions? And what are employers doing to help ensure compliance with their agreements? Rolling out new agreements is relatively easy. Making sure they are effective takes some doing.

Remember, your organization will not even have trade secrets to protect unless it has made  “efforts reasonable under the circumstances” (under the California Uniform Trade Secrets Act) or has taken “reasonable measures” (under the DTSA) to maintain the secrecy of the information it claims to be a trade secret. Cal. Civ. Code § 3426.1(d); 18 U.S.C. § 1839(3)(A).

Implement Computer Use and Social Media Agreements and Policies

Most trade secret theft occurs via electronic device. Make sure your company has computer use and access policies and agreements that:

  • Set forth that company computers, network, related devices, and information stored therein belong to the company;
  • Indicate that access to company computers and networks are password-protected, with access authorized only for work-related purposes;
  • Make use of data storage/access hierarchies, with the most valuable information being accessible on only a need-to-know basis, with security access redundancies (housed in a highly secure database that requires unique user credentials distinct from the log-in credentials the employee uses to access a computer workstation);
  • Identify which devices are allowed in the workplace—BYOD practices have become popular, but also present challenges in regulating information flow and return. If employees use their own devices to perform work for the company, make clear that the company data on those devices belong to the company;
  • Notify employees that the company reserves the right to inspect devices used for work to ensure that no company data exist on the devices upon termination of employment;
  • Define whether cloud storage may be used by employees, under what terms, and what happens when employment ends;
  • Define whether external storage devices (e.g., thumb drives) are allowed and under what terms; and
  • Identify whether and how employees may use social media associated with their work—trade secrets must never be publicly disclosed, but beware of any overreach that would suppress employee communications protected by the National Labor Relations Act.

Build a Culture of Confidentiality—Make Sure Employees Know What The Company Regards as Confidential and Then Remind Them Routinely

Employees need to understand what information your company considers confidential.  Educating employees on this subject should start at the beginning of employment, continue  throughout employment,  and recur at the end of employment. Tools that can help in this regard include:

  • Onboarding procedures to emphasize the importance of company confidential information;
  • Including in NDAs an express representation that the employee does not possess and will not use while in your employ confidential information belonging to any former employer or other third party;
  • Using yearly (or more frequent) brief interactive e-modules emphasizing the importance of maintaining the confidentiality of company information;
  • Requiring that the employee sit for an exit interview; and
  • Requiring that the employee certify in writing, during exit interviews, that they have returned all company information and property (the employee may provide property on the spot or make statements about what will be returned—you should inventory all such indicated property and information).

Properly Exiting Employees—Particularly for High Risk Employees—Matters!

Not all employees present the same risk of loss. Generally, the loftier an employee is in the corporate hierarchy the greater the threat that that employee will expose company confidential information. The following recommendations are for mid-to-high risk departing employees:

  • The person conducting the exit interview must be prepared—use a checklist;
  • “Preparedness” for higher-risk employees will include (1) identifying, before the exit interview, the trade secret and confidential information the employee routinely accessed and used during employment, (2) reviewing for unusual activity the departing employee’s computer and work activities (including card key facility access data, where available) in the days and weeks leading up to their exit, (3) using an exit certification as noted above, and (4) inquiring where the employee is going and what position the employee will hold;
  • Where initial investigation warrants, discreetly interview company-friendly co-workers of the departing employee to identify potentially suspicious conduct;
  • Immediately shut down the departing employee’s access to company computers, networks, and other data repositories (e.g., cloud or other off-site storage). Cutting off access to company computer and data may be warranted before exiting the employee, depending on the perceived risk of data theft;
  • Send a reminder-of-obligations letter to the now former employee, reciting ongoing obligations to the company and attaching, where useful, a copy of the NDA the employee has signed;
  • Consider notifying the new employer, but tread carefully here to avoid overstepping or providing a basis to be accused of interfering with the employment relationship between your former employee and the new employer; and
  • Depending on the threat level you perceive, consider having a departing employees’ emails preserved and their electronic devices forensically imaged.

With best practices in place, protecting your company’s trade secrets should be more like routine, but vigilant maintenance, than preparing to do cyber battle with foreign states. Organizations understandably focus on creating the next “big thing,” increasing sales, and building investor value, but slowing down enough to be purposeful in protecting intellectual property is a must.

Edited by Michael A. Wahlander.

By Ann Marie Zaletel, Jamie Chanin, and Andrew Crane

It is important that employers across the country conduct proper investigations into workplace complaints.  But these investigations are especially critical in California for a couple of reasons.  First, employees can bring claims in California courts resulting from a botched investigation.  An employee can sue for failure to prevent harassment, discrimination, and/or retaliation if the employee makes a protected complaint, and the employer either fails to conduct a prompt and thorough investigation, or does not take the appropriate remedial actions after the investigation.  Second, many plaintiffs’ attorneys in California retain HR experts to opine on all of the things the employer should have done to investigate, but didn’t, or all of the ways the employer botched the investigation.

These California-specific issues have led to more frequent requests from clients for guidance on how to conduct proper and solid investigations.  Here is a general overview of things to keep in mind when investigating employee complaints. Continue Reading The Not-So-Wild West: Practical Tips for California Investigations

By Jill Porcaro and Andrew Crane

As a well-intentioned employer, you know it is best to promptly investigate employee claims of workplace harassment  and other employee misconduct.  Due to the obvious sensitive nature of these types of investigations, you implement a policy prohibiting your employees from discussing the investigation with anyone other than the investigator.  You believe that your employees will feel more comfortable disclosing truthful information to the investigator knowing their confidences are assured.  Great policy, right?

  • Not exactly.  Now, more than ever, the National Labor Relations Board (the “Board”) is cracking down on blanket confidentiality policies that prohibit employees from discussing investigations of employee misconduct, including the right to discuss discipline or disciplinary investigations involving their fellow employees, on the grounds that these policies “chill” employees’ rights under Section 7 of the National Labor Relations Act (“NLRA”).

In Banner Health System d/b/a Banner Estrella Medical Center, 358 NLRB No. 93 (July 30, 2012), an employer had a policy of prohibiting its employees who made complaints from discussing the matter with their coworkers while the investigation was ongoing.  The Board held that this rule violated the NLRA because an employer must justify a prohibition by showing a “legitimate business justification that outweighs employees’ Section 7 rights.”

Well then, I’ll just nicely suggest to my employees not discuss the details of any investigation.  That ought to solve the problem, right? Continue Reading A Rock and a Hard Place: Keeping a Lid On Internal Workplace Investigations