Checking Facts Building Trust


About Us...

Memberships and Registrations

Data sources

Who we are

Quality Policy

Link to us


International Newsletters

Follow us on Twitter

Find us on LinkedIn

Investors In People

ISO Accrediation

Verifile International Newsletter Issue #25

12 Oct 2017

Welcome to our October edition of the International Newsletter 2017 which we hope you find helpful in keeping up to date.



The new General Data Protection Regulation (GDPR) legislation applies in the UK from 25 May 2018. There are potentially wide ranging implications for all businesses. At Verifile we have a project team that is reviewing the new legislation, completing a gap analysis and then building a plan to implement the required changes. Our initial work indicates that although some small changes will be required, there will not be a noticeable change to service for any of our clients, or any significant change to the way in which we work with your candidates.

There has been some debate as to what GDPR article 10 means for criminal record checks. Please be assured that all levels of UK criminal checks will continue to be available for the purposes of employment screening post GDPR. Verifile has partnerships with all three official authorities (Disclosure and Barring Service, Disclosure Scotland and AccessNI), and we will continue to provide a service that meets your legal obligations beyond May 2018.

In the lead up to May 2018, we will keep you updated on changes that we are making where these may have an impact on you or your candidates.



There are some key procedural changes taking place this autumn that must be carried out from the 1st January 2018. In order to implement these changes, Verifile will be introducing a basic level UK criminal check via the Disclosure and Barring Service over the next couple of months. Verifile will help you in this transition.


There are three government agencies serving the UK that access police records to provide criminal certificates:

- The Disclosure & Barring Service (DBS) serves England and Wales

- Disclosure Scotland serves Scotland

- AccessNI serves Northern Ireland

 There are also three main levels of criminal check:

- Basic

- Standard

- Enhanced 

To date, the DBS has only provided the standard and enhanced levels of check, however from this autumn, they are launching their own basic level check.


From 1st January 2018, all individuals living or working in England and Wales must have their basic level check undertaken via the DBS. Individuals who do not have a current address in the UK (England, Wales, Scotland and Northern Ireland) may continue to order the basic level check via Disclosure Scotland.  Orders must be placed correctly because legislation has changed between the countries.  

What it Means for You

There are some key differences between the basic level check via Disclosure Scotland and the new check via DBS, these are:

  • A face to face identity check must be undertaken by employers instead of the candidate providing their own proof of identity and address documents.
  • Verifile will receive an indication of the results, but not necessarily a copy of the actual certificate.
  • The candidate can consent to Verifile and/or their employer receiving a certificate electronically, however this cannot be made a mandatory process.
  • As their employer you must register with the DBS in order to access electronic certificates, although we will provide assistance on registering in due course. 
  • It’s also worth highlighting the candidate can request a posted certificate to their current address.
  • If convictions are found, then any consent to access an electronic certificate will be revoked, needing the candidate to confirm again they still wish to give consent.

Verifile advice and guidance

Our new process has already passed full testing with the DBS. We will shortly be contacting all clients that have basic level criminal checks in their screening packages, and will provide further assistance to help all of our clients start ordering these checks in time for January 2018. 



Please find below an update for the International checks that have had a change of  process, requirements or forms. If you would like us to send you the current documentation for any of the listed checks please contact us by emailing


A new instruction is now in place along with a new requirement for employers to validate applicant’s identity and to complete a section on the application form.


German credit checks are now charged per name, due to process changes from a local register.


A new instruction is now in place to reflect the simplified requirements to run the checks. It will also now take less time to obtain the results: 7-10 working days instead of previous 8-10 weeks.


A new instruction is now in place.


A new instruction is now in place.


A new instruction is now in place to reflect the simplified requirements to run the checks. Fingerprint cards are no longer required.


In this issue of the International Newsletter:




 - Africa Under the Spotlight




- Getting Tough on Drugs and Alcohol at Work


- ‘Right to Privacy’ Opens Door for Data Protection Law 


- Slow but Steady: The Development of Personal Data Protection


- The Current State of Data Protection and Cyber Security Law in Thailand


- HR Urged to Prepare for New Data Protection Law in Europe


- Turkish Data Protection Authority Announce Draft Regulation on Deleting, Destroying or Anonymizing Personal Data

- GDPR Matchup: Turkey’s Data Protection Law


- FCA Register Proposals Provoke Concerns For Firms And Consumers

- FCA To Extend Regulatory Regime To 47,000 Firms 

- UK Government Expected To Present Data Protection Bill In September 2017

- Be Prepared: Update On EU Employment Data Privacy Laws

- Some Free Tech Support for GDPR Article 30 and Beyond

- Web Law Offers Right to be Forgotten Online

- Strong Quarter Hiring Demand Remains Strong whilst Unemployment is at a Record Low

- UK Data Protection Laws to be Overhauled 


- Supreme Court of Canada Upholds Dismissal of Cocaine Addicted Worker

- What will European General Data Protection Regulation mean for Canadian Employers?


- The Data Protection Landscape in Mexico


- How will GDPR affect Multinational Businesses in Russia and Russian Businesses Abroad?

- The Double Burden Russia and the GDPR


 - Ibero-American Data Protection Standards Aim to Build Trust in the Region


- Big Changes may be coming to Argentina's Data Protection Laws


- Colombian Draft Regulation Introduces Accountability Principle to Data Transfers


- Uruguay, First Country in the World to Legally Regulate Marijuana, Begins Retail Sales Next Week


- Another San Francisco Treat:  Mayor Lee Signs Slaary History Ban

- A New Study Shows Ban the Box Policies are Working

- Barclays Accused of Illegal Screening of Job Applicants

- Ninth Circuit Holds that Plaintiff Adequately Alleged Article III Standing

- Postmates Courier Background Check Class Action Settlement

- Texas Supreme Court Rejects Compelled Self-Publication Theory in Defamation Case

- Walmart Class Action Says Background Checks Violate Federal Law

- Ohio House Proposes Hurdles to Hiring Process

- Connecticut Medical Marijuana Law Protects Employees and is Not Preempted by Federal Drug Laws

- First Arkansas Town Approves Medical Marijuana Regulations

- Washington Public Employer Hit with $1.8 Million Judgment for Failing to Accommodate Prescription Drug User

- Zero Tolerance Drug Testing Policies in the Age of Medical Marijuana



World wide news


Africa Middle East


Africa:  Under the Spotlight

João Luís Traça, Partner at Miranda Law Firm, discusses data protection trends and the impact of the General Data Protection Regulation. What are the latest data protection trends and developments in Africa? Specifically, Traca notes that Afica is made up of more than 50 countries, and therefore one faces a challenge in tracking developments. In addition, Traça notes that Africa is made up of several languages and cultural backgrounds, which, in turn, has had an impact on the development of legislation in each jurisdiction. Traça notes that African countries may not follow the GDPR, or may pause on any existing work that they are undertaking, and decide to wait until its entry into effect to see how the landscape has progressed. 

Read more


Asia Pacific


Getting Tough on Drugs and Alcohol at Work

Under Australia’s Work Health and Safety Act 2011 (NSW), every employer has a duty to

eliminate risks to the health and safety of its employees. However, there are still disputes and unfair dismissal claims where employees and unions are challenging employer actions in tackling the work-related risks of drugs and alcohol, including the Endeavour Energy v Communications, Electric, Electronic, Energy, Information, Postal, Plumbing and Allied Services Union of Australia case, where the employer proposed the uniform imposition of a blood alcohol concentration level of 0.02 for all staff. James Mattson of Bartier Perry Lawers advises that preserving workplace safety should be a main priority and should guide any future policies 

Read more


'Right to Privacy' Opens Door for Data Protection Law

One of the highlights in the Supreme Court’s ruling on “Right to Privacy” includes informational privacy in the digital age. The judgement urged the government to bring in data protection law in an effort to ensure the privacy of citizens. It has been recommended that the government seek guidance from the European Union Regulation of 2016 of the European Parliament and the Council of 27 April 2016. The nine-judge bench of apex court gave historic verdict on issues, including Aadhar, civil liberties and gay rights. 

Read more


Slow But Steady:  The Development of Personal Data Protection

Indonesia’s Ministry of Communication and Informatics has issued regulation on the protection of personal data. MOCI Regulation No. 20 of 2016 Regarding the Protection of Personal Data in Electronic Systems regulates the protection of personal data by electronic system providers in Indonesia. Attorneys Fahrul S. Yusuf and Winnie Y. Rolindrawan, Partner and Senior Associate at SSEK Legal Consultants discuss how slowly, but surely, Indonesia is paving the way to ensure its citizens are granted sufficient protection of their personal data. 

Read more  


The Current State of Data Protection and Cybersecurity law in Thailand

Thailand has been in the spotlight regarding data protection and cybersecurity, with many noting that the country does not adequately protect its citizens. Since social media and e-commerce is developing fast in Thailand, the lack of any legal platform covering this area is a rising concern. Rajen Ramiah, IP & Business Development Consultant at Chavalit & Associates Limited, provides an overview of the key laws and regulations that govern data protection in Thailand. Overall, Ramiahsayd, “From Thailand’s perspective, are we fully prepared? Do we have adequate protections in place to safeguard data placed in various organizations? Preparing properly is the key to not falling victim to cyberattacks. The Government is taking all the necessary precautions to put in place adequate laws and directions but ensuring that we are always one step ahead of the attackers is an ongoing process and one can never be too prepared.” 

Read more



HR Urged to Prepare for New Data Protection Law in Europe

The best way for organizations to prepare for the GDPR, according to Thymometrics, an employee engagement software firm based in Cambridge in the United Kingdom, is to ensure that HR is involved in the process. For example, Jerry Pett, CEO and co-founder of Thymometrics, suggested in a blog post that HR can prepare for compliance by learning where : critical employee data systems are held, determining who owns the data based on contractual information, establishing a system where employees give explicit permission to the employer to gather, store and share their data, finding out what your cloud-based software vendors are doing with personal information and if they are taking steps to become compliant, and more.    

Read more


Turkish Data Protection Authority Announce Draft Regulation on Deleting, Destroying or Anonymizing Personal Data

Turkey’s Data Protection Authority recently published the long-awaited draft of the Regulation on Deletion, Destruction and Anonymization of Personal Data. The Draft Regulation outlines proposed details of requirements for data controllers, as well as definitions and exceptions.  Notably, it proposes that if deleting personal data will lead to an inability to access and use other data in the system, the personal data will be deemed to have be deleted, provided other conditions are met. The Draft Regulation also addresses internal procedures for data controllers to delete, destroy, or anonymize personal data. It proposes that data controllers that are subject to registry obligations be required to prepare a Personal Data Retention and Erasure Policy. Failure to delete or anonymize personal data could result in imprisonment for between one to two years.

Read more

GDPR Matchup:  Turkey's Data Protection Law

In 2016, Turkey passed into law a framework law on the protection of personal data that originates from the European Union Directive 95/46/EC, with a number of its original add-ons and revisions. The national supervisory authority in Turkey, has published the draft versions of the secondary legislation, as well as some booklets providing guidance on the implementation of the DPL, for an understanding on how the new data protection legislation will work. Overall, says Yusuf Mansur Öze, in the Privacy Tracker series, in today’s globalized world where data flows are superfluous, the aim should be to achieve a versatile compliance model that would satisfy the expectations of numerous supervisory authorities in diversified jurisdictions.  

Read more 

United Kingdom 2

FCA Register Proposals Provoke 

The UK’s proposed reduction of the Financial Conduct Authority’s (FCA) register could lessen protections for small advice firms and consumers. Among plans published to extend the senior managers regime to all regulated financial services firms were proposals that certified people within a firm would not need to be approved directly by the FCA. Former FCA technical specialist Rory Percival said the proposals would mean consumers had “One less step to protect themselves, and “This may widen the scope for unauthorized advisers and scammers.” Threesixty managing director Phil Young agreed that the absence of a public register could pose a risk for consumers seeking advice. “At the moment, having the FCA approving advisors acts as a bit of a firewall for those firms that do not do all the proper vetting,” he said. 

Read more

FCA to Extend Regulatory Regime to 47,000 Firms 

A regulatory regime intended to crack down on the behavior of bank bosses is to be extended to 47,000 firms in the UK, including dentists, gyms and tool hire companies that offer credit to customers. The Financial Conduct Authority estimated that the new regime would cost firms £550m, with up to £190m of ongoing costs for the firms involved. The regime originally was intended to hold bank executives accountable when their firms collapsed. It requires certification each year, including five “conduct” rules: act with integrity; act with due care, skill and diligence; be open and cooperative with regulators; pay due regard to customer interests and treat them fairly; and observe proper standards of market conduct. 

Read more

UK Government Expected to Present Data Protection Bill in September 2017

The Department for Culture, Media & Sport confirmed its plans to present its Data Protection Bill to Parliament to Parliament in early September. The Bill’s primary aim is to ensure that the UK retains the same data protection laws as the rest of the EU once it leaves the EU, scheduled to be in March 2019. The Bill would follow Germany’s lead, after the German Federal Parliament in April of this year passed a new German Data Protection Act that adapted current data protection laws to cover derogations from the GDPR’s provisions. 

Read more

Be Prepared:  Update on EU Employment Data Privacy Laws

Global companies face stricter rules on employee data privacy, in particular when using social media and internal monitoring tools. It also now becomes clearer that many EU Member States will use the opening clause of the GDPR to re-implement their “old” data privacy laws. An update to the GDPR includes information on use of social media and employee analysis tools, recruiting profiles, inspecting current employees, checking on post-contractual duties, restrictions on monitoring tools, and more. In sum, said the update, it appears that EU employee data privacy law will be more fractioned which makes it indispensable for global companies to always also check for local compliance.

Read more

Some Free Tech Support for GDPR Article 30 and Beyond

If you’re collecting personal information from European citizens, the upcoming GDPR imposes very specific documentation requirements. The Kantara Initiative’s Consent and Information Sharing Work Group has been working on “ consent receipt”  specification so that it’s clear to both parties — data controller and data subject — what consent has been granted for which data and how that data is going to be used, stored, and destroyed. Kantara released its consent receipt API documentation to the public.  Kantara also certifies that organizations are implementing the Identity Assurance program effectively, and it is actively working towards assessment and approval of the proper use of the consent receipt specification, and consent management systems in general, for release later next year.   

Read more 

Web Law Offers Right to be Forgotten Online 

Social media firms will have to erase personal information on individuals when asked under laws allowing people the "right to be forgotten" online. The Data Protection Bill will make it simpler for people to control how companies use their personal details, including requesting that posts or pictures be deleted. Maximum fines for those who don’t comply could be 4% of a firm's global turnover. And the fines for the largest companies – such as Google and Facebook – who use individuals' data to sell adverts, could stretch to billions. The bill will also require people to give explicit consent for their personal information to be collected online. 

Read more

Strong Quarter Hiring Demand Remains Strong Whilst Unemployment is at a Record Low

The Adecco Group Labour Market Outlook suggests that UK employment will again grow strongly in the third quarter of 2017, but wage growth is likely to remain weak. The quarterly survey of more than 1,000 employers identifies that near-term employment expectations have risen compared with the previous spring report. However, while the UK labor market remains buoyant, basic pay award expectations for the next 12 months remain at just 1%, due to an increase in labor supply over the past year. Research also indicates that employee pay expectations are weaker this year compared with last year, which may suggest that employers are not under additional pressure to raise pay, despite the low unemployment rate. Overall, the labor market picture looks promising, especially considering the unknown future impact of Brexit on the flow of talent in and out of the UK.

Read more

UK Data Protection Laws to be Overhauled

Data protection proposals in the UK are part of an overhaul of UK data protection laws drafted under Digital Minister, Matt Hancock. The bill will transfer the European Union's GDPR into UK law. “The new Data Protection Bill will give us one of the most robust, yet dynamic, set of data laws in the world, Hancock said. “It will give people more control over their data, require more consent for its use, and prepare Britain for Brexit.” Proposals included in the bill will make it simpler for people to withdraw consent for their personal data to be used,  let people ask for data to be deleted; require firms to obtain "explicit" consent when they process sensitive personal data; expand personal data to include IP addresses, DNA and small text files known as cookies; and make re-identifying people from anonymized or pseudonymized data a criminal offence, among other benefits.  

Read more

North America

Canada 2

Supreme Court of Canada Upholds Dismissal of Cocaine Addicted Worker

The Supreme Court of Canada has dismissed an appeal regarding a case where an employee was terminated for using cocaine on his days off, was involved in an accident in the workplace, and tested positive for cocaine. The employer said the employee was terminated not because of his addiction, but rather his breach of the company’s drug abuse policy (failure to disclose an addiction). While the employee was able to establish that he had a disability that was protected, he failed to establish that the disability was a factor in his termination. The Court said that where there is the opportunity to voluntarily disclose an addiction and receive treatment, employees who hide an addiction will be held accountable for putting themselves and their co-workers at risk. 

Read more

What will European General Data Protection Regulation Mean for Canadian Employers? 

Beginning in the spring of 2018, organizations with employees in Europe will need to be compliant with the General Data Protection Regulation (GDPR), which replaces the European Union’s Data Protection Directive. With more stringent data protection requirements, it remains to be seen whether the European Community will continue to view Canada’s Personal Information Protection and Electronic Document Act (PIPPEDA) as adequate. Canadian businesses should be ready because the enforcement provisions in the GDPF are tough and could levy heavy financial sanctions of up to 4% of the annual worldwide turnover of the organization. It also contains some specific requirements that are not currently reflected in PIPPEDA. 

Read more


The Data Protection Landscape in Mexico

Mexico’s Federal Law on the Protection of Personal Data in Possession of Private Parties entered into force in 2010. Since then, the National Institute for Access to Information and Data Protection has been tasked with enforcing the Law. Nuhad Ponce Kuri, Partner at Ponce Kuri, discusses the data protection framework in Mexico and efforts to raise awareness among citizens of their rights and how the private sector should adequately comply with the Law’s provisions. Overall, Kuri notes that more education and training is needed, but the key is to gain awareness that the protection of personal data is regulated in Mexico, that one must be aware of the information that is uploaded to social networks, and that steps must be taken in order to prevent crimes that can be committed with personal information.  

Read more

Russia and Eastern Bloc


How will GDPR affect Multinational Businesses in Russia and Russian Businesses Abroad?

Anastasia Petrova, Associate at Alrud discusses how the jurisdictional scope and legal requirements under both the GDPR and Russian data protection legislation could produce duplicitous obligations for international companies. Petrovia said, “The world will never be the same and multinational companies will have to adapt their activities to its realities. For Russian lawyers, such a challenge undoubtedly exists, and there is no other option than to accept it.” 

Read more

The Double Burden Russia and the GDPR

Many Russian subsidiaries of EU companies may face a double burden in terms of bringing their processes into compliance with both Russian data protection regulations and the GDPR. Russian companies that have EU partners, suppliers and clients will be in the same situation, as EU contractors will need to ensure contractually that their Russian partners comply with the GDPR’s provisions. The GDPR imposes certain obligations on data controllers aimed at ensuring that the necessary contractual arrangements are in place when companies appoint data processors or share the data with other data controllers. Thus, the GDPR requires a review of all existing agreements with the data processors of EU companies and other data controllers processing the data received from EU companies. Therefore, European and Russian lawyers will need to find a balance. 

Read more

South America

Ibero-American Data Protection Standards Aim to Build Trust in the Region

The Argentinian Data Protection Authority has approved Data Protection Standards for Ibero-American States.  The  Standards  seek  to  address  the  lack  of harmonization  in  Ibero-American  states  regarding  data  protection  by  issuing  a  series  of  principles  and common rights to serve as a framework for the adoption and development of legislation in the region. The  Standards  provide  definitions  of   anonymization,  consent,  personal  data, sensitive  personal  data,  data  controller,  data  processor, and  data  processing.  They  also  call  for mandatory  data  breach  notification  requirements,  subject  to  certain  exemptions,  and  set  out  the conditions  for  such  notification.  In  addition,  the  Standards  set  out  criteria  for  obtaining  consent, require  controllers  to  implement  adequate  security  measures,  recognize  data  subjects’   right  to  data portability,  and  establish  general  rules  for  international  data  transfers.   

Read more


Big Changes may be Coming to Argentina's Data Protection Laws

Even though Argentina has some of the strictest data protection laws in Latin America, it is currently seeking to further overhaul those laws in two significant ways. First, it would align its laws to align with the GDPR requirements. Second, new legislation (the Localization Bill) would require certain data be stored exclusively in Argentina.  The Localization Bill is yet another potential law that seeks greater government control over personal data storage, creating new challenges for entities that may provide services or products for the Argentina government or provide services or products for service providers that store or access data. These challenges may include responding to international subpoenas, creating a process to segregate data records, having appropriate access controls, and either establishing or contracting with reputable and secure data centers located within the country.  

Read more


Colombian Draft Regulation Introduces Accountability Principle to Data Transfers

Under Colombia’s data protection framework, any country outside of Colombia is classified as a “third country,” and therefore, personal data can only be transferred to another country when an adequate level of protection is guaranteed. There are several options that can show adequate data protection, including the Colombian Superintendencia of Industry and Commerce to give consent, if an exception is made, a statement is issued regarding the intent to transfer data, and last, to create and use binding corporate rules. Last, it’s important to note that Colombian draft regulation will only apply to the transfer of personal data between a controller and another controller. The draft regulation is expected to be approved in September.

Read more


Uruguay, First Country in the World to Legally Regulate Marijuana, begins Retail Sales Next Week

Uruguay will begin sales of legal marijuana for adult residents. Uruguay’s parliament gave final approval to the measure in December 2013, making it the first country in the world to legally regulate the production, distribution and sale of marijuana for adults. The Uruguayan model allows four forms of access to marijuana: medical marijuana through the Ministry of Public Health; domestic cultivation of up to six plants per household; membership clubs where up to 45 members can collectively produce up to 99 plants; and licensed sale in pharmacies to adult residents. Regulation will be overseen by the government’s Institute for the Regulation and Control of Cannabis (IRCCA). Sales to minors, driving under the influence of marijuana, and all forms of advertising, are prohibited. 

Read more

United States


Another San Francisco Treat:  Mayor Lee Signs Salary History Ban

San Francisco Mayor Ed Lee recently signed an ordinance that will make it illegal for employers to inquire about a job applicant’s salary history. This ordinance amends the San Francisco Police and Administrative Codes and covers all individuals, corporations, groups or other organizations, except for independent contractors and current employees applying for positions within their same employer. Salary history includes an applicant’s current and past compensation, including wages, commissions, and any other monetary gain. If an employee, however, voluntarily discloses information regarding his or her salary history, the prospective employer may consider it. Ordinance No. 170350 may not take effect for another year, but employers should consider retraining personnel and revising job applications. 

Read more 

A New Study Shows Ban the Box Policies Are Working

The National Employment Law Project (NELP) notes that more than 150 cities in 28 states have adopted some version of Ban the Box laws, with similar laws expecting to be passed in additional cities and states. The goal of the law is to prevent employers from automatically disqualifying candidates with minor or irrelevant convictions without first conducting interviews. Although there is criticism against Ban the Box, a recent study that used data from the National Longitudinal Survey of Youth has revealed that the laws have helped individuals who have minor criminal convictions and proclaims that there has been a 40% increase in the probability that individuals with criminal records will find employment. 

Read more 

Barclays Accused of Illegal Screening of Job Applicants 

According to a federal-court class action lawsuit filed by Outten & Golden LLP and Youth Represent, unlawful screening of job applicants at the Barclays Center, Brooklyn, violates federal and state law. Barclays Events Center does business as Barclays Center, Levy Restaurants, Inc., and Professional Sports Catering LLC. The lawsuit alleges that Barclays used “flawed and discriminatory criminal history screening policies and practices.” This is the first of its kind class action suit to challenge an employer’s violation of New York City’s Fair Chance Act. Plaintiff Felipe Kelly alleges that Barclays refused to hire him after subjecting him to a criminal background check. He was never provided with the “Fair Chance Notice,” a requirement of the New York City law. 

Read more 

Ninth Circuit Holds that Plaintiff Adequately Alleged Article III Standing 

The Ninth Circuit recently issued its decision on remand in Spokeo, reversing and remanding the case to the District Court. The Ninth Circuit issued its decision regarding whether the plaintiff had sufficiently pled a concrete injury required to establish Article III standing. He was found to have standing to pursue his claim of harm, holding “that Congress established the Fair Credit Reporting Act (FCRA) provisions at issue to protect consumers’ concrete interests.” The Court also found that because the plaintiff alleged Spokeo prepared an inaccurate report and published that report on the Internet, his claim implicates his “concrete interests in truthful credit reporting.” The decision is one in a wave of cases discussing the requirement of “concrete harm” in FCRA matters. 

Read more 

Postmates Courier Background Check Class Action Settlement 

When Postmates failed to hire potential candidates based on background checks, the applicants argued the business was in violation of the federal Fair Credit Reporting Act. The plaintiffs claim the company did not provide a copy of background check results or the legally required stand-alone disclosure before requesting the background checks. Under the settlement terms of a class action lawsuit filed by three denied applicants, Postmates must create a $2.5 million settlement fund to be distributed to Class Members. 

Read more 

Texas Supreme Court Rejects Compelled Self-Publication Theory in Defamation Case 

The Texas Supreme Court recently rejected the theory holding that an employee’s self-publication of defamatory statements cannot satisfy the publication element of a defamation claim. It further confirmed that there is no independent cause of action for compelled self-publication defamation under Texas law. In Exxon Mobil Corp., et al. v. Rincones, Rinecones contended that he did not use drugs and that there must have been some negligence in the way a failed drug test was handled that led to his termination. Moving forward, plaintiffs claiming defamation will be required to show that a defendant actually published a defamatory statement to a third party to maintain a cause of action. 

Read more 

Walmart Class Action Says Background Checks Violate Federal Law

Walmart is facing a class action lawsuit alleging that the company violates the Fair Credit Reporting Act by using unauthorized background checks. The lead plaintiff in the case argues that the business failed to provide adequate notice of the consumer report and did not secure the legal authorization to obtain it. The lawsuit also claims Walmart violated various state California laws when it obtained background checks on the plaintiff and others. Additionally, the plaintiff has argued that the required stand-alone disclosure documents were “embedded with extraneous information.” The plaintiff is seeking monetary relief for himself and the Class, along with statutory damages and an injunction on Walmart’s policies. 

Read more 

Ohio House Proposes Hurdles to Hiring Process 

Although the Ohio House has proposed a bill that is intended to protect the privacy of employment applicants, the bill could make the hiring process more cumbersome for employers. House Bill 187 provides that no employer may request an applicant’s Social Security number, date of birth or driver’s license number before making an offer of employment. These are important factors for employers who wish to conduct complete background screenings, including credit checks, driving history and previous employment. The bill also requires employers to destroy all information collected, regardless of employment status.  

Read more 

Connecticut Medical Marijuana Law Protects Employees and Is Not Preempted by Federal Drug Laws 

A recent federal district court case has determined that Connecticut employees who have been certified by the Department of Consumer Protection to use medical marijuana outside of work hours and are not impaired while at work are protected by state law. The state’s statute makes it unlawful to refuse to hire or to discharge an employee because of the individual’s status as a qualifying patient or for testing positive in a drug screening. It does not, however, protect such individuals if they are found to be under the influence during working hours.  

Read more 

First Arkansas Town Approves Medical Marijuana Regulations 

Texarkana’s board of directors recently approved business license fees for dispensaries and medical cannabis growers in the state of Arkansas. Dispensaries, which will need to pay an initial $7,500 and then $11,000 for yearly license renewals, could be operational within city limits before the end of the year. The city of Texarkana has a population of 30,000, but another 37,000 people reside just over the state line in Texas, where marijuana remains illegal.

Read more 

Washington Public Employer Hit with $1.8 Million Judgment for Failing to Accommodate Prescription Drug User 

A customer service representative employed for 20 years in Washington was awarded more than $1.8 million in damages for the employer’s failure to accommodate her use of opioids that were prescribed to treat her migraines. A Washington federal district court confirmed that 1. The employee had a protected disability, 2. She was qualified to perform the essential functions of her position and 3. The employer had notice of her disability and its functions. It also concluded that the employer failed to reasonably accommodate the plaintiff, noting that the employer “chose to address the plaintiff’s medication symptoms through a disciplinary process than an interactive one.”

Read more 

Zero Tolerance Drug Testing Policies in the Age of Medical Marijuana 

With more states passing laws allowing for marijuana use for medical and recreational reasons, the law regarding an employer’s responsibilities continue to evolve. In Pennsylvania, for instance, the statute lists specific areas in which employers may prohibit employees from working while under the influence of marijuana, such as while operating or controlling government-controlled chemicals or high-voltage electricity. In Massachusetts, the Supreme Judicial Court recently ruled that employers may be held liable for disability discrimination under state law if they fire an individual for using medical marijuana. Many states could follow suite regarding the list of accommodations that are considered to be reasonable. 

Read more

Share on Facebook
Share on LinkedIn

Previous Page

Follow us on Twitter
Follow us on Twitter
Find us on LinkedIn