The two best defenses employers have against the spread of COVID-19 in the workplace are knowledge and vigilance.
The first part is simple enough. By now, most people have some knowledge about the coronavirus, how it’s transmitted, and its symptoms and possible health complications, as well as who’s most likely to experience severe cases. We also know what to do to minimize the spread—why measures such as face masks, handwashing, and social distancing are so important.
It’s the second part—vigilance—that presents perhaps the greater challenge.
Months into the pandemic, it’s all too easy to become impatient or complacent. If you’re like most people, you’re exhausted right now—tired of hearing about COVID-19, tired of the many precautions we need to take, tired of the doom and gloom in the news cycle, just plain tired. We all want life to return to normal, or to find a sustainable “new normal,” as quickly as possible.
But we can’t let these feelings get to us. You might be exasperated and profoundly bored by the COVID-19 pandemic, but you can’t become negligent. You can’t afford to let your organization slip into indifference or bad habits. Otherwise, you could jeopardize countless people’s health and safety (your employees’, your customers’, your own) as well as the future of your organization. You might even wind up facing litigation.
4 COVID-19 Risk Areas for Employers
Indeed, for employers, COVID-19 is more than a health and safety risk. It can also pose painful legal, financial, and operational consequences in terms of the following:
- Regulatory enforcement by the Occupational Health and Safety Administration, the Federal Trade Commission, and various other federal, state, and local agencies
- Litigation from employees and customers
- Reputational damage
- Intangible risks such as loss of workplace morale, diminished productivity, and reduced trust among employees
As with dealing with the virus itself, controlling these risks requires knowledge and vigilance. The health and safety experts here at KPA are here to help. In this article and several more to follow, we’ll be sharing information about avoiding COVID-19-related enforcement, litigation, reputational damage, and other risks.
Let’s start with risk areas 1 and 2.
Please note that this article is intended for general informational purposes only and may not reflect the current law in your jurisdiction. Nothing in this article should be construed as legal advice or guidance.
COVID-19 Regulatory Risks
From OSHA and the FTC to state and local mandates, there are numerous COVID-19-related rules and regulations employers need to be aware of. At all levels of government, more and more agencies are stepping in to take businesses to task for not adequately protecting workers during the pandemic.
First, there’s OSHA, the Department of Labor arm that ensures employers provide employees with safe, hazard-free working environments. In the early days of the COVID-19 outbreak in the United States, OSHA was conspicuously quiet, as the Administration had taken a step back in order to protect its officers in the field, as well as to learn more about the situation and the pandemic’s impact on the workplace.
That changed on May 19th, when, in a national news release, OSHA signaled the return of enforcement with two new policies:
- First, OSHA announced it would be “increasing in-person inspections at all types of workplaces,” with agents prioritizing COVID-19 inspections and using all available enforcement tools.
- Second, OSHA notified employers of a new policy for recording coronavirus cases. OSHA now considers COVID-19 is “a recordable illness,” which means employers are responsible for recording every new confirmed, work-related case. In other words, any instance of COVID-19 infection in the workplace must be documented on OSHA Form 300.
Compliance with the new policies can be challenging, particularly in regard to the question of work-relatedness. Note that OSHA expects employers to “make reasonable efforts, based on the evidence available to the employer, to ascertain whether a particular case of coronavirus is work-related.”
OSHA regards COVID-19 as a “recognized hazard,” meaning that employers have a fundamental responsibility to protect their employees from it under the general duty clause.
Additionally, however, there are several specific OSHA standards that also apply to the pandemic. Examples include 29 CFR 1904 (Recording and Reporting Occupational Injuries and Illness), 29 CFR 1910 Subpart Z (Toxic and Hazardous Substances), and the personal protective equipment standards in 29 CFR 1910 Subpart I. These standards indicate the Administration’s enforcement priorities—they’re the kinds of risks an inspector would be looking for first during a site visit.
For a detailed list of the OSHA standards that apply to COVID-19, click here.
OSHA has always relied on whistleblowers to draw attention to unsafe working conditions, and the COVID-19 pandemic is no different in that respect. OSHA’s coronavirus enforcement is driven by employee complaints. In the past few months, the Administration has received thousands of complaints from workers across the US. Complaints allege violations and hazards such as the following:
- failure to perform a detailed risk assessment and implement a site-specific protection program
- failure to implement or enforce a social distancing policy
- failure to maintain an injury and illness prevention program
- insufficient workplace cleaning and sanitization
- failure to provide employees with Safety Data Sheets for new sanitizing chemicals introduced to the workplace
- inadequate training for employees on COVID-19 prevention and the use of PPE
On top of their OSHA requirements, employers in various states are subject to even more stringent COVID-19 prevention rules and regulations.
Businesses in California, for instance, are subject to dozens of new Cal/OSHA and CDPH requirements.
In Virginia, meanwhile, employers must comply with statewide COVID-19 workplace safety standards, including…
- the implementation of social distancing, face covering, and handwashing policies
- the completion of hazard assessments by job category
- notification to all employees within 24 hours if an employee tests positive for COVID-19
- mandatory “infectious disease preparedness and response plans, record keeping, training, and hazard communications”
For more details, click here.
More states will likely adopt similar statutes soon. For information on workplace COVID-19 prevention rules and regulations in your state, please contact us.
New Processes = New Compliance Risks
Wherever they do business, employers need to be careful that any new COVID-19 policies and processes don’t create additional compliance risks.
Certain illness prevention measures may interfere with an organization’s ability to meet other regulatory requirements. For example, a face covering can make it difficult to verify a customer’s identity, while doing business remotely can cause problems with paperwork and data information security.
There’s never been a more important time to automate your EHS and workforce compliance program. KPA’s all-in-one cloud-based platform, Vera Suite, makes it easy.
COVID-19 Legal Risks
As if the regulatory risks weren’t enough, there are countless coronavirus-related legal risks employers need to be careful to avoid.
In 2020, employers have faced hundreds of lawsuits (both from individual plaintiffs and class action suits) that have resulted directly from the COVID-19 pandemic. While their circumstances are new, the cases have largely resembled typical employee-versus-employer disputes. You can find an interactive map of these lawsuits at Fisher Phillips’ COVID-19 Employment Litigation Tracker page.
Employee Privacy Concerns
When an employee tests positive for COVID-19 and informs their employer, the employer has a legal obligation under the Health Insurance Portability and Accountability Act to keep the individual’s protected health information private.
In some circumstances, however, the employer may disclose the information to “law enforcement, paramedics, other first responders, and public health authorities without the individual’s HIPAA authorization,” according to the Department of Health and Human Services. These circumstances include…
- when the disclosure is needed to provide treatment
- when such notification is required by law
- to notify a public health authority in order to prevent or control spread of disease
- when first responders may be at risk of infection
- when the disclosure of PHI to first responders is necessary to prevent or lessen a serious and imminent threat to the health and safety of a person or the public
For more information, click here (PDF).
The Challenges of Constantly-Changing Information
Medical professionals are still learning about COVID-19 contagion and policies are changing rapidly. At the same time, new regulations are being developed at the federal, state, and local levels, and new lawsuits and legal concerns are emerging daily. Businesses must stay on top of all of these shifting guidelines.
Fortunately, there’s help. Talk to an attorney like the ones at Fisher Phillips about your risks, and stay up to date on the latest COVID-19 workplace safety and regulatory developments at KPA’s Coronavirus Resource Center.
We’ll continue exploring the various COVID-19-related risks facing employers, as well as how to overcome these risks, in upcoming articles here on the KPA blog. Make sure to subscribe so you don’t miss a thing.
Until then, if you have any questions about COVID-19 or any workforce risk, you can count on the experts at KPA to keep your people safe and healthy—and your organization running smoothly. Talk to us.