Benefits Bryan Cave

Main Content

Employer CCPA FAQs #9: May an employer become subject to the CCPA because of a corporate transaction?

As our series of FAQs regarding the California Consumer Privacy Act (“CCPA”) continues we are examining the scope of the law’s jurisdiction.    These FAQs should help employers determine if they are required to comply with the CCPA and if so, what steps their HR professionals and IT departments should take to be in compliance.

As a reminder, the CCPA is a new privacy law that applies to data collected about California-based employees.   The CCPA will go into effect in early 2020, and employers who must comply should be addressing compliance obligations now.

For US employers who have not had to comply with the GDPR, the requirements of the CCPA will likely require a new analysis of the treatment of employee-data and implementation of updated or new data policies.  For employers with European operations, one key area of interest is the degree to which the CCPA aligns with the European General Data Protection Regulation (“GDPR”).   Employers in compliance with the GDPR will likely already be familiar with many of the requirements of the CCPA – and with some assistance, should be able to bring their operations and policies into compliance with respect to California-based employees.

BCLP offers a complete compliance program to employers that includes a formal gap assessment as well as policies, procedures, and protocols to close identified gaps.  If you or your organization would like information on this compliance program or any other issue, please contact us or one of your other trusted BCLP attorneys.

Question #9: May

Employer CCPA FAQs #8: Does the CCPA apply to non-profit employers?

As our series of FAQs regarding the California Consumer Privacy Act (“CCPA”) continues we are examining the scope of the law’s jurisdiction.    These FAQs should help employers determine if they are required to comply with the CCPA and if so, what steps their HR professionals and IT departments should take to be in compliance.

As a reminder, the CCPA is a new privacy law that applies to data collected about California-based employees.   The CCPA will go into effect in early 2020, and employers who must comply should be addressing compliance obligations now.

For US employers who have not had to comply with the GDPR, the requirements of the CCPA will likely require a new analysis of the treatment of employee-data and implementation of updated or new data policies.  For employers with European operations, one key area of interest is the degree to which the CCPA aligns with the European General Data Protection Regulation (“GDPR”).   Employers in compliance with the GDPR will likely already be familiar with many of the requirements of the CCPA – and with some assistance, should be able to bring their operations and policies into compliance with respect to California-based employees.

BCLP offers a complete compliance program to employers that includes a formal gap assessment as well as policies, procedures, and protocols to close identified gaps.  If you or your organization would like information on this compliance program or any other issue, please contact us or one of your other trusted BCLP attorneys.

Question #8: Does

Deep Dive: DOL Appeals Federal Court’s Association Health Plan Ruling and Issues Interim Guidance

As we predicted in our last Deep Dive, the Department of Labor (DOL) has appealed the District Court for the District of Columbia’s ruling in State of New York, et al. v. United States Department of Labor, et al. which vacated key portions of the DOL’s association health plan regulation (AHP Rule). The DOL filed its Notice of Appeal with the federal district court (D.D.C.) on April 26.

In response to the Court’s ruling (and before filing its appeal) the DOL had published a Q&A-style discussion of the ruling’s impact. After filing its appeal, the DOL published an official statement (DOL Statement) outlining interim guidance for previously-formed AHPs and employers who began participating in an AHP in reliance on the AHP Rule. The DOL Statement clarifies that these employers and AHPs may continue their coverage for the time being, yet leaves key questions unanswered.   In welcome news for AHPs that sought to form under the AHP Rule, the DOL confirms its commitment to “taking all appropriate action within its legal authority to minimize undue consequences on employees and their families.”  As support, the DOL Statement reassures that:

  • Employers participating in insured AHPs formed under the AHP Rule may continue their coverage through the later of the end of the current plan year or contract term and that the Department of Health and Human Services (HHS) confirmed employers have an independent right to continue coverage through

IRS Expands Determination Letter Program for Mergers of Qualified Plans Following Corporate Transactions

The IRS recently reversed course on the availability of the determination letter program for merged qualified retirement plans – thereby providing new alternatives for integrating qualified retirement plan benefits in the context of corporate transactions.

Merged Plan Relief:  Rev. Proc. 2019-20, released on May 1, 2019, expands the IRS’ determination letter program for individually designed qualified retirement plans (e.g., defined benefit plans or defined contribution plans) that result from a merger of two or more qualified retirement plans following a corporate merger, acquisition or other similar business transaction (a “Merged Plan”).  The newly expanded program will be available beginning September 1, 2019 and continuing on an ongoing basis.

Eligibility:  To be eligible for the determination letter program:

  • The Merged Plan must be a combination of two or more qualified retirement plans maintained by previously unrelated entities (i.e., entities that are not members of the same controlled group under Section 414 of the Internal Revenue Code);
  • The plan merger must occur no later than the last day of the first plan year that begins after the effective date of the corporate merger, acquisition or other similar business transaction (the “Corporate Transaction”); and
  • A determination letter application for the Merged Plan must be submitted by the last day of the first plan year that begins after the effective date of the plan merger.

Pre-approved or prototype qualified retirement plans are not explicitly covered by the procedure  — additional IRS guidance will be needed to determine the applicability

Employer CCPA FAQs #7: If an employer is based in California, will the CCPA requirements apply to all employee data held by the employer?

As our series of FAQs regarding the California Consumer Privacy Act (“CCPA”) continues we are examining the scope of the law’s jurisdiction.    These FAQs should help employers determine if they are required to comply with the CCPA and if so, what steps their HR professionals and IT departments should take to be in compliance.

As a reminder, the CCPA is a new privacy law that applies to data collected about California-based employees.   The CCPA will go into effect in early 2020, and employers who must comply should be addressing compliance obligations now.

For US employers who have not had to comply with the GDPR, the requirements of the CCPA will likely require a new analysis of the treatment of employee-data and implementation of updated or new data policies.  For employers with European operations, one key area of interest is the degree to which the CCPA aligns with the European General Data Protection Regulation (“GDPR”).   Employers in compliance with the GDPR will likely already be familiar with many of the requirements of the CCPA – and with some assistance, should be able to bring their operations and policies into compliance with respect to California-based employees.

BCLP offers a complete compliance program to employers that includes a formal gap assessment as well as policies, procedures, and protocols to close identified gaps.  If you or your organization would like information on this compliance program or any other issue, please contact us or one of your other trusted BCLP attorneys.

Question #7:  If an

Employer CCPA FAQs #6: Does an employer need to generate revenue in California in order for CCPA to apply?

As our series of FAQs regarding the California Consumer Privacy Act (“CCPA”) continues we are examining the scope of the law’s jurisdiction.    These FAQs should help employers determine if they are required to comply with the CCPA and if so, what steps their HR professionals and IT departments should take to be in compliance.

As a reminder, the CCPA is a new privacy law that applies to data collected about California-based employees.   The CCPA will go into effect in early 2020, and employers who must comply should be addressing compliance obligations now.

For US employers who have not had to comply with the GDPR, the requirements of the CCPA will likely require a new analysis of the treatment of employee-data and implementation of updated or new data policies.  For employers with European operations, one key area of interest is the degree to which the CCPA aligns with the European General Data Protection Regulation (“GDPR”).   Employers in compliance with the GDPR will likely already be familiar with many of the requirements of the CCPA – and with some assistance, should be able to bring their operations and policies into compliance with respect to California-based employees.

BCLP offers a complete compliance program to employers that includes a formal gap assessment as well as policies, procedures, and protocols to close identified gaps.  If you or your organization would like information on this compliance program or any other issue, please contact us or one of your other trusted BCLP attorneys.

Question #6: Does an employer need

Employer CCPA FAQs #5: Does an employer have to be “established” in the United States for U.S. data privacy and security laws, and particularly the CCPA, to apply?

As our series of FAQs regarding the California Consumer Privacy Act (“CCPA”) continues we are examining the scope of the law’s jurisdiction.    These FAQs should help employers determine if they are required to comply with the CCPA and if so, what steps their HR professionals and IT departments should take to be in compliance.

As a reminder, the CCPA is a new privacy law that applies to data collected about California-based employees.   The CCPA will go into effect in early 2020, and employers who must comply should be addressing compliance obligations now.

For US employers who have not had to comply with the GDPR, the requirements of the CCPA will likely require a new analysis of the treatment of employee-data and implementation of updated or new data policies.  For employers with European operations, one key area of interest is the degree to which the CCPA aligns with the European General Data Protection Regulation (“GDPR”).   Employers in compliance with the GDPR will likely already be familiar with many of the requirements of the CCPA – and with some assistance, should be able to bring their operations and policies into compliance with respect to California-based employees.

BCLP offers a complete compliance program to employers that includes a formal gap assessment as well as policies, procedures, and protocols to close identified gaps.  If you or your organization would like information on this compliance program or any other issue, please contact us or one of your other trusted BCLP attorneys.

Question #5: Does an employer

Deep Dive: Association Health Plan Considerations following the Court Order Vacating the DOL’s Final Rule

On March 28, 2019, the Federal District Court for the District of Columbia issued an opinion and order vacating key portions of the Department of Labor’s regulation, published in June 2018, which had expanded the definition of “employer” under Section 3(5) of ERISA (the “AHP Rule”), thereby broadening the scope of association health plans (“AHPs”).  According to the Court, it is unreasonable to interpret “employer” as including working owners and groups that do not have “a true commonality of interest” and doing so leads to “absurd results” and is an “end run” around the Affordable Care Act.  The Court’s opinion was issued with immediate effect and has cast doubt on the future use of AHPs, especially self-insured AHPs.

As background, the AHP rule was promulgated in response to President Trump’s October 12, 2017, Executive Order, which directed the DOL to expand access to and allow more employers to form AHPs.  Before the Executive Order, the DOL had been characterizing AHPs maintained by a “bona fide” group or association of employers as being sponsored by a single employer (with the AHP retaining its status as a MEWA under ERISA). The AHP Rule significantly expanded such application by permitting groups or associations, including groups consisting entirely of “working owners” (self-employed individuals without common law employees), to form a single employer AHP that could qualify as a “large group” plan that would be exempt from certain Affordable Care Act reforms, such as offering the full suite of

Employer CCPA FAQs #4: What information is not “Personal Information” under the CCPA?

This post is part of our series of FAQs examining the California Consumer Privacy Act (“CCPA”)  that should help employers with operations in California to determine if they are required to comply with the CCPA and if so, what steps their HR professionals and IT departments should take to be in compliance.

By way of background, the CCPA is a new privacy law that will go into effect in early 2020. Because the CCPA refers to “consumers” many HR professionals do not realize that the CCPA, as currently enacted, also applies to data collected about California-based employees. Please see our recent blog post for a summary of which employers will be subject to the CCPA and the key requirements of the law.

Although the law will not be in effect until next year, employers who must comply should be addressing compliance obligations now.  For U.S. employers who have not had to comply with the European Union’s General Data Protection Regulation (“GDPR”), the requirements of the CCPA will likely require a new analysis of the treatment of employee-data and updated or new data policies. Employers who are required to comply with the GDPR will likely already be familiar with many of the requirements of the CCPA, and a key area of interest is the degree to which the CCPA aligns with GDPR for purposes of implementing CCPA compliant practices for their California-based employees.

BCLP offers a complete compliance program for employers that includes a formal gap assessment and tailored policies, procedures, and protocols

Employer CCPA FAQs #3: As used in the CCPA, do the terms “personal data,” and “personal information” mean the same thing? 

In the coming weeks we will be releasing a series of FAQs examining the California Consumer Privacy Act (“CCPA”)  of particular importance to employers.  These FAQs should help employers determine if they are required to comply with the CCPA and if so, what steps their HR professionals and IT departments should take to be in compliance.

By way of background, employers with operations in California should be aware of the CCPA, a new privacy law that applies to data collected about California-based employees.   Because the CCPA refers to “consumers” many HR professionals don’t realize that the Act, as currently drafted, applies to data collected about California-based employees. Please see our recent blog post summarizing the CCPA for employers.

The CCPA will go into effect in early 2020, and employers who must comply should be addressing compliance obligations now.  For U.S. employers who have not had to comply with the GDPR, the requirements of the CCPA for California-based employees will likely require a new analysis of the treatment of employee-data and updated or new data policies.

For employers with European operations, one key area of interest is the degree to which the CCPA aligns with the European General Data Protection Regulation (“GDPR”).  Employers who are complying with the GDPR will likely already be familiar with many of the requirements of the CCPA – and with some assistance, should be able to bring their operations and policies into compliance with respect to California-based employees.

BCLP also offers a

The attorneys of Bryan Cave Leighton Paisner make this site available to you only for the educational purposes of imparting general information and a general understanding of the law. This site does not offer specific legal advice. Your use of this site does not create an attorney-client relationship between you and Bryan Cave LLP or any of its attorneys. Do not use this site as a substitute for specific legal advice from a licensed attorney. Much of the information on this site is based upon preliminary discussions in the absence of definitive advice or policy statements and therefore may change as soon as more definitive advice is available. Please review our full disclaimer.