New Data and Other Policies Impacting Employers Coming

February 28, 2020
Author: ThinkWhy Analyst

New local and state laws will go into effect in March. These laws will impact how businesses notify residents of data breaches, employee benefits and inquiries about an employee’s prior salary.

New policies affecting employers take place in March 2020.

Here are the states that will be impacted:

New Jersey
New York

New Jersey

Mandates Transit Benefits

Gov. Phil Murphy recently signed S.1567 into law, making New Jersey the first state to mandate a commuter benefit, though New York City and San Francisco have similar laws.

In short, New Jersey's law requires employers in the state to offer pre-tax commuter benefits to employees. While the law is currently in effect, it is not operative until the earlier of: 365 days following the date of enactment (March 1, 2019) or the effective date of rules and regulations that the law directs the Commission of Labor and Workforce Development to adopt.

The state's new commuter benefits law requires employers that employ at least 20 workers to offer a pre-tax transportation fringe benefit to all employees who are not subject to a collective bargaining agreement.

For purposes of this law, an "employee" means anyone hired or employed by the employer and who reports to the employer's work location (this follows the definition under the state's unemployment compensation law).

A pre-tax transportation fringe benefit is a benefit that allows an employee to set aside wages on a pre-tax basis, which is then only made available to the employee for the purchase of certain eligible transportation services, including transit passes and commuter highway vehicle travel.

Effective date: 3/1/19 but inoperative (i.e., won't be enforced) until the earlier of March 1, 2020 or the effective date of implementing rules and regulations by the New Jersey Commissioner of Labor and Workplace Development

New York

SHIELD Act Data Security Requirements

The New York Stop Hacks and Improve Electronic Data Security Act (the "SHIELD Act") goes into effect on March 21, 2020. The SHIELD Act, which amends the state's current data breach notification law, imposes more expansive data security and data breach notification requirements on companies, in the hope of ensuring better protection for New York residents from data breaches of their private information. In anticipation of the SHIELD Act's effective date, over the next several months we will highlight various aspects of the new law, and how to prepare. Under the Act, individuals and businesses who collect computerized data including private information about New York residents must implement and maintain reasonable administrative, physical and technical safeguards. The Act provides several safeguards which may be implemented to ensure compliance.


Cincinnati Restricts Pay-History Inquiries

Cincinnati City Council has passed Ordinance No. 0083-2019 barring employers from asking applicants for their salary history. Cincinnati's ordinance, titled "Prohibited Salary History Inquiry and Use," (the Ordinance) prohibits employers from asking about or relying on the prior salary history of prospective employees in setting starting pay.


Pittsburgh Paid Sick Leave

Under the Pittsburgh Paid Sick Days Act (PSDA), employers with 15+ employees must provide paid sick leave, up to 40 hours per year, accrued at a rate of 1 hour of leave for every 35 hours worked. Employers with less than 15 employees must also provide paid sick leave at the same accrual rate, up to 24 hours per year.

The City of Pittsburgh has announced that the PSDA will take effect on March 15, 2020.


Amends Data Breach Notification Law

Washington Governor Jay Inslee signed legislation that updates and expands the breach notification obligations of businesses that maintain the personal information of Washington citizens. The new provisions had been requested by Washington Attorney General Ferguson and unanimously passed both chambers of the Washington legislature. The new provisions will take effect on March 1, 2020.

The new law covers two main topics: (a) the scope of "personal information" that, if subject to unauthorized disclosure, triggers notice obligations; and (b) the timing and content of the required notices.

Related: New 2020 Policies Impacting Employers