View as Web Page

Compliance News Flash - August 4, 2017

Arnall Golden Gregory LLP is pleased to provide you with the Compliance News Flash, brought to you each Friday. This weekly update is your source for timely background screening and immigration-related news that is important to your organization.

  1. Recently a federal court in Florida issued a couple of opinions related to allegations of non-compliance with the stand-alone disclosure requirement of the Fair Credit Reporting Act (FCRA) and a related claim of obtaining a consumer report without proper authorization, against a healthcare organization. The case involves the FCRA required disclosure and authorization, the issue of standing and the Spokeo decision. The Court certified the class and dismissed Defendant’s motion for summary judgment and recently stayed any further deadlines to allow the parties to enter into settlement discussions. Plaintiff alleged the following deficiencies with the FCRA-required disclosure and authorization, which amounted to extraneous language: (i) inclusion of the business logo of the consumer reporting agency; (ii) blank lines for “Organization Name” and “Account”; (iii) the name and address and phone number of the consumer reporting agency; (iv) a false statement that a copy of “A Summary of Your Rights Under the FCRA” was attached; (v) various disclosures relating to state law; and (vi) a broad authorization requiring Plaintiff and the putative class members to forego their legal rights. On this latter point it is unclear what is meant here as there is no release of liability in the disclosure and authorization. It could be that Plaintiff is referring to agency record release language. The Court stated, “Plaintiff has statutorily-created rights under the FCRA to receive a clear and conspicuous stand-alone disclosure.” It is important to note that the Court has not determined specifically what, if any, of this language is extraneous. On the issue of whether the violations rise to the level of a willful violation of the FCRA the Court said that is a question for the jury and not to be decided at this stage of the proceedings. The Court also pointed out that the Defendant “simply used” a form provided by a third-party background check vendor. The case is Graham v. Pyramid Healthcare Solutions, Inc., Case 8:16-cv-01324 and the Court’s decision was issued June 28, 2017.

  2. Nevada has passed a law requiring website operators to post a privacy policy on commercial websites that collect personal information. The law goes into effect October 1, 2017. If you operate a commercial website viewed by Nevada residents this is for you. As a general rule, all companies that operate a commercial website should have a privacy policy explaining their treatment (e.g., collection, use, disclosure) of consumer or customer personal information. California and Delaware have similar laws.

  3. The New York City Commission on Human Rights (rather quietly) amended its rules to establish definitions and procedures related to the Fair Chance Act. The Fair Chance Act protects against unlawful discrimination on the basis of criminal history against job applicants and employees. The rules amend title 47 of the Rules of the City of New York by amending section 2-01 and adding section 2-04. This is a must read for employers based in New York City with respect to your policies and procedures regarding the use of criminal history information for employment screening purposes. These additions to Chapter 2: Unlawful Discriminatory Practices are effective August 5, 2017.

  4. EU-U.S. Privacy Shield – the never ending roller coaster ride called Privacy Shield for all those that engage in cross border transfers of personal data between the European Union (EU) and the United States is in the news again. In September EU data protection authorities will meet with their counterparts in the United States for the first annual review of Privacy Shield. European Data Protection Supervisor Giovanni Buttarelli believes Privacy Shield is a short term onward transfer mechanism and something more robust needs to be put in place for onward transfers of personal data from the EU to the United States. One concern that Buttarelli has includes vacancies within the Trump administration in key positions overseeing Privacy Shield.

  5. Some E-Verify news from U.S. Citizenship and Immigration Services. Quick note – E-Verify is the electronic employment eligibility verification program that compliments the Form I-9 and provides employers with information about an individual’s employment authorization. Back to the news – Arizona, Maryland and Wyoming joined the RIDE Program, which matches state driver’s licenses and ID cards presented by individuals during the E-Verify process with state DMV information. Employers – if you want to see the redesigned Green Cards and Employment Authorization Document (i.e., work permit) check out the latest edition of E-Verify Connection.

If you have any questions or need assistance on any point raised in this Compliance News Flash please contact:

 Montserrat Miller  

Montserrat C. Miller
Partner, DC Office



The information presented provides a general summary and/or recent legal and regulatory developments. It is not intended to be, and should not be relied upon as legal advice.
 ©2017. Arnall Golden Gregory LLP. All Rights Reserved. Atlanta | Washington DC

Manage your Subscription  | Forward to a Friend  | Unsubscribe