On March 15, 2022, President Biden signed into law the 2022 Consolidated Appropriations Act containing the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (the “Cyber Incident Reporting Act”). While President Biden’s remarks highlighted the $13.6 billion in funding “to address Russia’s invasion of Ukraine and the impact on surrounding countries,” the 2022 Consolidated Appropriations Act contained numerous other laws, including the Cyber Incident Reporting Act, which should not be overlooked. The Cyber Incident Reporting Act puts in motion important new cybersecurity reporting requirements that will likely apply to businesses in almost every major sector of the economy, including health care, financial services, energy, transportation and commercial facilities. Critical infrastructure entities should monitor the upcoming rule-making by the Cybersecurity and Infrastructure Security Agency (“CISA”), as the final regulations will clarify the scope and application of the new law.

Continue Reading President Biden Signs into Law the Cyber Incident and Reporting Act, Mandating Reporting of Cyber Incidents and Ransomware Payments

Next month, New Jersey private employers will need to start informing drivers before using GPS tracking devices in the vehicles they operate. A new state law that becomes effective April 18, 2022, requires employers to provide written notice to employees before using “electronic or mechanical devices” that are “designed or intended to be used for the sole purpose of tracking the movement of a vehicle, person, or device.” The notification requirement applies to both employer-owned or -leased and personal vehicles.

Continue Reading Considering Tracking Employees in Vehicles? New Jersey Now Requires Employers to Provide Notice

The U.S. Cybersecurity and Infrastructure Agency (CISA) has urged a “Shields Up” defense in depth approach, as Russian use of wiper malware in the Ukrainian war escalates. The Russian malware “HermeticWiper” and “Whispergate” are destructive attacks that corrupt the infected computers’ master boot record rendering the device inoperable. The wipers effectuate a denial of service attack designed to render the device’s data permanently unavailable or destroyed. Although the malware to date appears to be manually targeted at selected Ukrainian systems, the risks now escalate of a spillover effect to Europe and the United States particularly as to: (i) targeted cyber attacks including on critical infrastructure and financial organizations; and (ii) use of a rapidly spreading indiscriminate wiper like the devastating “NotPetya” that quickly moves across trusted networks. Indeed, Talos researchers have found functional similarities between the current malware and “NotPetya” which was attributed to the Russian military to target Ukranian organizations in 2017, but then quickly spread around the world reportedly resulting in over $10 billion dollars in damage.[1] The researchers added that the current wiper has included even further components designed to inflict damage.

Continue Reading CISA Encourages “Shields Up” to Protect Operations and Workers as Cyber War Ramps Up

As we have previously explained, pursuant to Section 1 of the NY HERO Act, employers were required to prepare an airborne infectious disease exposure plan, and implement such plans when the New York State Commissioner of Health has made a designation that a highly contagious communicable disease presents a serious risk of harm to public health. Currently, such a designation is in effect until February 15, 2022. The New York State Department of Labor (“NYSDOL”) prepared model plans based on their published Airborne Infectious Disease Exposure Prevention Standard (“Standard”). On August 25, 2021, the NYSDOL published a set of emergency regulations, identical to the Standard, in the New York State Register. Although they had not been formally adopted, most businesses have been following the Standard.

Continue Reading New York HERO Act “Standard” Formally Adopted as Emergency Rule

In connection with the new Emergency Temporary Standards (ETS) that went into effect on January 14, 2022, the California Division of Occupational Health and Safety (Cal/OSHA) has released the following COVID-19-related resources for employers:

Continue Reading Cal/OSHA Releases Updated COVID-19 Resources for Employers

The  New York State Acting Commissioner of Health has extended the designation of COVID-19 as a highly contagious communicable disease that presents a serious risk of harm to public health under the NY HERO Act until February 15, 2022. Accordingly, the airborne infectious disease exposure prevention plans required under Section 1 of the Act must be kept in place through that date, at which point the Commissioner will review whether the designation should be continued.

Continue Reading Keep Your Safety Plans in Place: New York HERO Act COVID-19 Designation Extended Until February 15, 2022

NYC employers will soon be required to include a minimum and maximum salary on all job postings for positions performed within the City. As we previously reported, the City Council passed Int. 1208-B (Law) on December 15, 2021, and due to new NYC mayor Eric Adam’s inaction within the 30-day veto period, it became a law as of January 15, 2022. Beginning May 15, 2022, the Law requires employers with four or more employees to include a “good faith” minimum and maximum salary range on for all advertised NYC job, promotion and transfer opportunities. Additionally, the Law makes the failure to include salary range an unlawful discriminatory practice under the City’s Human Rights Law.

Continue Reading NYC Job Postings Must Include Salary Ranges Effective May 15, 2022

New York recently updated two significant aspects of its Paid Family Leave program: (1) expanding the definition of “family member” to include siblings and (2) increasing the cap on weekly benefits available.

Since its inception in 2018, Paid Family Leave has offered eligible employees the ability to take  job protected, partially-paid time off to bond with a new child, care for a family member with a serious illness, or provide assistance when a family member is deployed abroad on active military duty. In 2020, after years of gradual increases in the maximum amount of leave and benefits, eligible employees may use up to 12 weeks of Paid Family Leave per rolling 52-week period.

Continue Reading New York’s Paid Family Leave Is Expanding in Two Ways

As we previously reported, in December New York Governor Kathy Hochul issued a mandate requiring that masks be worn in all indoor public places, unless the business or venue requires proof of vaccination for entry.  As part of the state’s “Winter Surge Plan 2.0”, the mandate, which was initially set to expire on January 15, has now been extended for an additional two weeks, through February 1, 2022.

Continue Reading Keep on Masking: NY Governor Extends Mask Mandate Through February 1, 2022

On December 22, 2021, the New York State Department of Labor (NY DOL) issued the long-awaited proposed rule (Proposed Rule) regarding the workplace safety committees that are required by the New York HERO Act (HERO Act). While there is no current effective date for the Proposed Rule (which is first subject to a public comment period and a February 9, 2022 hearing), employers should become familiar with, and consider taking actions to timely comply with the Proposed Rule should it be adopted as currently drafted.

The HERO Act

In May of 2021, New York responded to workplace safety and health issues presented by the COVID-19 pandemic by enacting the HERO Act.  Since that time, the State has amended the HERO Act to allow the NY DOL additional time to create model safety standards for infectious disease exposure plans (“safety plans”) mandated by the HERO Act and to allow employers additional time for compliance.

Continue Reading DOL Issues New York HERO Act Workplace Safety Proposed Rule, Including Workplace Safety Committee Requirements