Posts

Showing posts with the label JacksonLewis

New Jersey Cannabis Law: How the Sanders Decision Affects Employers

Takeaways The New Jersey Appellate Division in Sanders held that the state’s cannabis statute allows an aggrieved individual to bring a private lawsuit in a court of law. Employers should ensure their current practices and policies are compliant with the law’s anti-discrimination provisions, which prohibit taking an adverse employment action against an employee or refusing to hire an individual because of their use or non-use of cannabis. Until the New Jersey Appellate Division’s decision in Sanders v. The Levari Group, d/b/a First Choice Freezer [MS1] , No.  A-2715-23 (May 26, 2026), it was unclear whether an individual could bring a private lawsuit alleging discrimination in violation of the state’s cannabis law, the Cannabis Regulatory, Enforcement Assistance, and Market Modernization Act (CREAMMA). The Appellate Division recently held that individuals who allege to have suffered adverse employment actions because of their use of cannabis could bring a claim of violation of C...

DOJ Opinion Finds EEOC Title VII Disparate Impact Guidelines Unconstitutional

Takeaways The DOJ analysis bolsters EEOC’s shift away from disparate impact liability theories of employment discrimination.  The DOJ memo proposes stricter limits on disparate impact claims. Related links DOJ Office of Legal Counsel Memo   EEOC Releases New National Enforcement Plan   Does Employer Disparate Impact Liability Still Exist? The Latest EO Pushes to Eliminate It EEOC to Halt Investigations into Disparate Impact Claims Article On June 9, 2026, the Department of Justice’s (DOJ) Office of Legal Counsel released a memorandum opinion finding the Equal Employment Opportunity Commission’s (EEOC) existing guidelines on Title VII of the Civil Rights Act’s disparate impact provisions to be unconstitutional. EEOC Chair Andrea Lucas had requested that the DOJ review the EEOC’s interpretative rules and guidance documents to advise whether the Title VII disparate impact provisions were constitutional as currently interpreted and applied. The memo’s conclusions align with ...

Updates to Chicago’s Fair Workweek Ordinance Expand Employer Obligations

Takeaways Chicago’s updated Fair Workweek Ordinance rules (effective 06.01.26) expand and clarify employer obligations across scheduling, predictability pay, recordkeeping and more. The rules add detailed compliance requirements, including for good faith estimates and work schedules. They also increase administrative and compliance burdens. Employers should consider reviewing their policies and procedures to ensure compliance. Related links Chicago Fair Workweek Rules (effective 06.01.26)   Fair Workweek Rules – Summary of Changes Article Effective June 1, 2026, updated the Chicago Fair Workweek Ordinance (FWO) rules require substantive changes to covered employers’ scheduling, predictability pay, access to hours, right-to-rest practices and recordkeeping obligations. The FWO requires large employers in the building services, healthcare, hotel, manufacturing, restaurant, retail, and warehouse services industries to provide workers with at least two weeks’ advance notice of their wo...

Is a CCPA Risk Assessment Required When Using Productivity Management and Monitoring Platforms?

Key Takeaways Outlines key considerations for businesses using productivity management and monitoring platforms – such as, Teramind, ActivTrak, and Insightful – and whether their use may require a CCPA risk assessment. Identifies the specific CCPA risk assessment triggers most relevant to such productivity technologies. Productivity management and monitoring platforms have become a fixture of the modern workplace—particularly for remote and hybrid workforces. These tools can track application usage, keystrokes, website visits, active and idle time, and even capture periodic screenshots of employee screens. Some platforms go further, using artificial intelligence to generate productivity scores, assess engagement levels, and flag behavioral anomalies. Businesses subject to the California Consumer Privacy Act (CCPA) and deploying this type of technology, should carefully consider whether a risk assessment is required before or during that use. The first question is always whether the CC...

Recent Insights on Website Tracking Litigation

If 2025 was the year website-tracking claims became impossible to ignore, 2026 is the year those cases began to mature. Courts are looking beyond whether a pixel, cookie, chat tool, or session-replay script was present on a site. Instead, they are focusing more closely on what data was collected, when it was collected, what disclosures users saw, whether consent was meaningful, and whether individualized browsing activity can support class treatment. At the same time, appellate activity in video privacy cases is keeping pressure on publishers and other businesses that embed video content alongside common tracking tools. One insight this year comes from a publisher case in the New York federal court, where the court allowed tracking claims to proceed past the pleading stage. The allegations were familiar ones: a website allegedly shared visitor information with outside advertising or analytics partners through embedded code, without meaningful consent. What made the ruling notable was...

OCR Announces HIPAA Enforcement Action Against Self-Funded Group Health Plan

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently  announced  a HIPAA enforcement action against an employer-sponsored group health plan. The action resulted in a payment to HHS of $245,000 and a two-year corrective action plan. While HIPAA enforcement is common in the healthcare sector, actions directly against employer-sponsored group health plans are not as common. This case,  coupled with DOL guidance for ERISA fiduciaries concerning cybersecurity , underscores a growing regulatory focus not only on traditional healthcare entities, but also on the plans and ecosystems maintained by employers under ERISA. The Incident: Ransomware, Unauthorized Access, and Plan Data According to the breach notification sent to affected individuals, the plan sponsor experienced a security incident back in 2021 involving encryption of systems and unauthorized access to sensitive data . The data included names and Social Security numbers, along ...

Moving Beyond Checkbox Diligence with SOC Reports

Escalating vendor cyber risk, tighter regulatory expectations and fast-moving AI-driven threats increasingly make checkbox diligence insufficient. In this episode, 360 Advanced’s Director of Compliance Strategy, Eric Ratcliffe, joins co-hosts Damon Silver and Joe Lazzarotti  to discuss system and organizational control framework reports and how businesses can use them to address critical gaps and make vendor assessments.  Tube Spotify Apple Transcript Damon Silver Principal, New York City Welcome to the We Get Privacy podcast. I'm Damon Silver, and I'm joined by my co-host, Joe Lazzarotti. Joe and I co-lead the Privacy, AI, and Cybersecurity group at Jackson Lewis. In that role, we receive a variety of questions every day from our clients, all of which boil down to one core question: how we handle our data safely. In other words, how do we leverage all the great things data can do for our organizations without running headfirst into a wall of legal risk, and how can we manage ...