Posted on May 08, 2012 by Michelle Capezza

Epstein Becker Green Recognized as a HITRUST CSF Assessor to Provide Clients with Security and Privacy Risk Assessment for Protected Health Care Information

Epstein Becker Green has been designated by the Health Information Trust Alliance (HITRUST) as a Common Security Framework (CSF) Assessor. This will allow the firm to provide health care organizations with privacy and security risk assessments to protect the entities from breaches of protected health information (PHI). The health care industry has accepted the HITRUST CSF as the most widely adopted security framework. Epstein Becker Green is the first law firm to become a CSF Assessor and the designation exemplifies the firm's distinct capability to identify and address risk for health care industry clients.

HITRUST provides resources, tools, education, and training to develop and maintain effective security programs for health care and life sciences companies that comply with security laws, regulations, and standards including HITECH, HIPAA, PCI, JCAHO, CMS, ISO, NIST, and various other federal, state, and business requirements.

 

Read the Full Announcement from Epstein Becker Green

 



Posted on May 01, 2012 by Michelle Capezza

Source Code Escrow When Entering into a Software License Agreement--Is it Necessary?

Our colleague, Hylan Fenster, shares his thoughts on source code escrow agreements:

Despite the burst of the dot.com bubble, many companies, notably small and mid-sized businesses, continue to rely on licensed software to perform their critical business operations. Source code escrow can provide the business with some protection if the software provider faces bankruptcy or stops maintenance or support for the licensed software.

Software License and Escrow Agreements

Licensees should ensure that their contracts with software providers contain provisions protecting source code rights. Source code is programming language written by a programmer that can be translated to machine language, which a computer would understand.  Unless a licensee has access to the source code, they cannot read or modify the program being licensed.  Licensees typically request source code escrow, which is the deposit of the source code of the software with a third party escrow agent.  Source code escrow is generally negotiated as a part of the initial software license agreement.  This request is made to ensure that the licensee will have continuing access to the software even if the licensor becomes defunct.   Pursuant to the specific terms of the contract, the escrow agent is authorized to release the source code to the licensee upon the occurrence of certain triggering events.

The licensor and licensee must agree not only whether to enter into a source code escrow agreement but also who should bear the expense.  Typically, a source code escrow agreement is entered into among the licensor, the business licensee and an unrelated third party escrow agent.

In addition, bankruptcy laws should be reviewed when drafting a source code escrow agreement as such laws may disallow the release of the source code escrow to the licensee, and the licensor’s creditors may be entitled to seize the licensor’s assets, which may include the escrowed source code.

Source code escrow agreements should provide for the following:

(i)               subject of the escrow,

(ii)              release events,

(iii)             duty of licensor to provide updates to the source code to the escrow agent,

(iv)             fees associated with the escrow agent’s services,

(v)              licensee’s rights upon release of the source code, and

(vi)             ongoing obligations of the escrow agent, if any.

The licensor will often resist entering into a source code escrow agreement due to the proprietary nature of the source code.  However, the licensee should be afforded some protection in the event the licensor is no longer complying with its obligations under the software license agreement.   A source code escrow provision in the license agreement protects the licensee and his business from potential events that may render the licensor unable to provide service or support.

Posted on April 27, 2012 by Michelle Capezza

Labor and Employment Views You Can Use: Take 5

The April issue of “Take 5: Views You Can Use,” written by David W. Garland, a Member of the Firm in Epstein Becker Green’s New York and Newark offices, covers these topics:

  1. Employers' Request for Facebook Access Comes Under Attack
  2. EEOC Releases Publications on the Rights of Disabled Veterans Returning to the Civilian Workforce
  3. EEOC Publishes Rule Amending ADEA Regulations
  4. Employers' Use of Unpaid Interns Comes Under Attack
  5. Title VII's Protections Extend to Provision of Severance Benefits to Former Employees

Click here to read the April issue of “Take 5.”

Posted on April 16, 2012 by Michelle Capezza

JOBS Act Provides Encouragement for Start-Ups and Emerging Growth Companies

On April 5, 2012, President Obama signed into law the Jumpstart Our Business Startups Act or JOBS Act.  In light of the sharp decline in the number of companies entering the U.S. capital markets through IPOs over the last ten years, Congress recognized a need for this legislation since small companies are critical to economic growth and job creation.  To promote growth and assist small companies in gaining access to capital, the JOBS Act amends the securities laws in several ways, which include the following:

(i)                  Establishes a new category of issuers known as “Emerging Growth Companies” (EGCs) which are issuers that have total annual gross revenues of less than $1 billion (after December 8, 2011).  EGCs  are exempt from certain regulatory requirements until the earliest of the date (a) five years from the date of their IPO, (b) they have $1 billion in annual gross revenue or (c) they become a large accelerated filer (i.e. a company with worldwide public float of $700 million or more);

(ii)                While EGCs must comply with SEC-mandated quarterly and annual disclosures, they would be exempt from Section 404(b) Sarbanes-Oxley requirements regarding auditor attestations of management’s assessment of its internal controls, for a transition period of up to 5 years.  EGC management would still need to establish and maintain internal controls over financial reporting and its CEO and CFO would still need to certify the company financial statements;

(iii)               Allows EGCs to provide audited financial statements for the two years prior to registration rather than three years.  Within a year of an IPO, the EGC would report three years’ worth of financial statements;

(iv)              Provides exceptions to rules on mandatory audit firm rotation;

(v)                Exempts EGCs from certain requirements under Dodd-Frank legislation such as the say on pay requirements and disclosure of median compensation ratios of all employees compared to the CEO.  EGCs would still comply with corporate governance and listing requirements including board member independence rules;

(vi)              Provides for more communications and information flow to investors and special provisions for providing draft registration statements for non-public review.  On April 10, 2012, the SEC Division of Corporate Finance issued FAQs addressing questions relating to the confidential submission of registration statements;

(vii)             Provides special exemptions in connection with solicitation and advertising to accredited investors;

(viii)           Establishes new thresholds for registration; and

(ix)              Sets forth special rules for a “Crowdfunding” exemption-Capital Raising Online While Deterring Fraud and Unethical Non-Disclosure. This allows for aggregate sales to all investors up to $1 million using web-based platforms (up to the greater of $2000 or 5% of the annual income/net worth of such investor (with additional requirements)).

Start-ups and emerging growth companies should take the time to explore the JOBS Act and the related guidance being issued.  The new law may address a particular hurdle previously faced which would allow certain companies to move forward and grow.

 



Posted on April 12, 2012 by Michelle Capezza

EpsteinBeckerGreen CIO Frank Spadafino Interviewed by The American Lawyer

Epstein Becker & Green’s Chief Information Officer, Frank Spadafino, was interviewed by The American Lawyer magazine on March 22, 2012, regarding the firm’s adoption of iOS or iPhone mobile devices.  Spadafino reported that more than half of the law firm’s lawyers are now using iPhones. Lawyers, not unlike the general market, want the increased functionality provided by iOS devices. "The smartphone is not just about e-mail, calendars, and contacts anymore," Spadafino stated, “We want to add functionality to attorneys' devices, like greater accessibility to our document management system. This is much easier to do with iOS than with BlackBerry.” You can read the entire article (subscription is required for access) here.

Posted on April 11, 2012 by Michelle Capezza

Employer Recordkeeping Requirements Extended to GINA

by Amy J. Traub, Anna A. Cohen, and Jennifer A. Goldman

Effective April 3, 2012, the Equal Employment Opportunity Commission ("EEOC") extended its existing recordkeeping requirements under Title VII of the Civil Rights Act of 1964 and the Americans with Disabilities Act to employers covered by Title II of the Genetic Information Nondiscrimination Act of 2008 ("GINA"). The burden on employers to comply with the recordkeeping requirements under GINA will likely be minimal, as employers should already have recordkeeping policies in effect for personnel and other employment records pursuant to these and other employment laws with the same or more stringent requirements. This Act Now Advisory should serve as a reminder of those recordkeeping requirements, which now apply under GINA as well. 

Read the full advisory online

 



Posted on April 02, 2012 by Michelle Capezza

The Supreme Court Mulls Obamacare; The Health Care Industry Mulls The Supreme Court

By Stuart M. Gerson

The three days of arguments about the constitutionality of the Patient Protection and Affordable Care Act are complete. The Justices of the Supreme Court of the United States have conducted their post-argument conference and are now turning their attention to the drafting and the discussions that will lead to a majority opinion and, likely, several dissents and concurrences. The Court's decision should be issued before the end of June. Health care companies and employers, like the rest of the population, await the ultimate decision. However, there are several matters that can be identified in the short run.

A link to this Implementing Health and Insurance Reform publication is attached here: http://www.ebglaw.com/showclientalert.aspx?Show=15893

Posted on March 09, 2012 by Michelle Capezza

NLRB Acting General Counsel Issues Follow-Up Report on Social Media Cases

 

by Steven M. Swirsky and Michael F. McGahan

On January 25, 2012, the National Labor Relations Board's ("NLRB") Acting General Counsel ("AGC") Lafe Solomon issued a second report on unfair labor practice cases involving social media issues. We discussed his earlier report in our Act Now Advisory of October 4, 2011.

The new report covers an additional 14 cases, all of which fall into the same two categories as the cases discussed in the earlier report, namely: (1) termination of employees resulting from statements made in social media forums about their working conditions or their employers; and/or (2) claims that an employer's social media policy violates the National Labor Relations Act (the "Act") because its prohibitions may "chill" employees in the exercise of their rights under the Act to engage in concerted activity for their mutual aid and protection. Again, the report emphasizes that the Act's provisions apply to workplaces where the employees are not represented by a union and where there is no union activity, as well as to unionized employees.  Read the full advisory online: http://www.ebglaw.com/showclientadvisory.aspx?Show=15805

Posted on February 16, 2012 by Michelle Capezza

Final Extensions Provided for Retirement Plan Fee Disclosures and PPACA Summary of Benefits Coverage

On February 2, 2012, the U.S. Department of Labor (“DOL”) issued final regulations under Section 408(b)(2) of ERISA.  As a result, there is a new due date of July 1, 2012 by which certain service providers must make compensation disclosures to responsible plan fiduciaries of defined benefit and defined contribution plans (such as pension and 401(k) plans).  This provides an extension of the April 1, 2012 due date issued under prior guidance.  The regulations set forth the types of information that must be disclosed so that the plan fiduciaries can assess the reasonableness of the compensation paid for necessary services and identify potential conflicts of interest in order to avoid a prohibited transaction with respect to the arrangement (and penalties which would result).   Plan fiduciaries should be in contact with their service providers to obtain these disclosures as soon as possible.  Time will be needed to analyze the information received, and to ensure that existing contracts/arrangements are reasonable. Disclosures are also required reasonably in advance of the dates contracts/arrangements are entered into, renewed or extended.  This extension also further extends the due date for the participant-level disclosures that plan fiduciaries of participant-directed individual account plans such as the 401(k) plan are required to make to participants under Section 404(a) of ERISA so that the participants have the information they need to sufficiently manage their individual accounts.  The new due date for these disclosures is no later than August 30, 2012 (which was May 31, 2012 under prior guidance) and the issuance of the first quarterly participant statements to include required information is now November 14, 2012.

On February 9, 2012, the DOL, and the U.S. Departments of Treasury and Health and Human Services issued the final regulations regarding the Summary of Benefits Coverage and the uniform glossary for group health plans under the Patient Protection and Affordable Care Act. The requirements to provide a Summary of Benefits Coverage, notice of modification, and uniform glossary apply for disclosures to participants and beneficiaries who enroll or re-enroll in group health coverage through an open enrollment period (including re-enrollees and late enrollees) beginning on the first day of the first open enrollment period that begins on or after September 23, 2012.  For disclosures to participants and beneficiaries who enroll in group health plan coverage other than through an open enrollment period (including individuals who are newly eligible for coverage and special enrollees), the requirements apply beginning on the first day of the first plan year that begins on or after September 23, 2012.   The requirements under these rules are also applicable to health insurance issuers beginning on September 23, 2012. These regulations set forth numerous guidelines concerning the contents, format, language, and other parameters of the Summary of Benefits Coverage, the uniform glossary, and notices of modifications.  Failure to comply with these rules can include penalties and excise taxes under ERISA and the Code.

Plan sponsors and fiduciaries should ensure that they have a process in place to review and prepare for the respective disclosures and related tasks.

 

 

Posted on February 16, 2012 by Michelle Capezza

FTC Warns That Background Searches via Mobile App May Violate the Fair Credit Reporting Act

by Jeffrey M. Landes, Susan Gross Sholinsky, Steven M. Swirsky, and Jennifer A. Goldman

On January 25, 2012, the Federal Trade Commission ("FTC") sent warning letters to three companies that market, in total, six mobile phone applications ("Apps") that provide users with background check reports. In the warning letters, the FTC states that the Apps may violate the Fair Credit Reporting Act ("FCRA"). According to a press release issued by the FTC on February 7, 2012, the FTC cautioned the Apps' marketers that, if they have reason to believe that the background reports provided will be used for employment screening, housing, credit, or other similar purposes, both the users of the Apps and the marketers of the Apps must comply with the FCRA.

Read the full advisory online at http://www.ebglaw.com/showclientadvisory.aspx?Show=15744