In the age of online consumerism, many companies utilize automatic renewal programs to deliver their products and services to customers on a recurring basis for a monthly or annual charge. Recently, autorenewal programs have seen an increase in consumer protection through legislation at both the state and federal level along with enforcement actions brought by private plaintiffs, state attorney generals, and the Federal Trade Commission (“FTC”). Organizations that utilize automatic renewal should be aware of the uptick in autorenewal program enforcement and look to strengthen and update their policies where appropriate.
The Employee Retirement Income Security Act (“ERISA”) regulates the administration of employee benefit plans. ERISA aims to protect the interest of employee-beneficiaries by setting minimum standards for employee benefit plans and voluntarily established pensions. The Act’s preemption clause works to prevent states from regulating these same plans. Initially, a state statute was considered to violate the preemption clause when it possessed, “a connection with, or reference to, covered employee benefit plans.” A few years later the standard was modified, states were considered to have violated ERISA preemption if the state, “mandates employee benefit structures or their administration.”
The Department of Health and Human Services (“HHS”) finalized revised regulations that implemented Section 1557 of the Affordable Care Act (“ACA”) in June of 2020. This section prohibits discrimination within health programs and activities receiving federal financial assistance based on race, color, sex, age, disability, and national origin. In comparison to the Obama-era regulations issued in 2016, the new final rule does away with gender identity and sexual orientation nondiscrimination protections not only under Section 1557, but under ten other federal regulations as well. This also includes a roll back of certain health insurance coverage protections for transgender individuals.
On November 3, 2020 new rules from the Health and Human Services Department concerning information blocking in healthcare will come into effect. The rules are an implementation of the 21st Century Cures Act (“Act”) which is the latest in the government’s effort to lower costs and allow for greater patient access to electronic health information (“EHI”). The Act aims to prevent covered healthcare providers from restricting the flow of EHI in inappropriate ways. Violations of the new Act may result in considerable civil fines.
The U.S. Department of Labor’s Wage and Hour Division (“WHD”) recently announced alterations to its previous regulations which expanded family and medical leave provisions and paid sick leave of April’s Families First Coronavirus Response Act (“FFCRA”). These revisions serve to clarify the responsibilities of employers and the rights of workers as they relate to the paid leave of FFCRA. These revisions come after a decision from the U.S. District Court for the Southern District of New York which invalidated portions of the initial regulations. The WHD’s revisions are an example of the lack of clarity and adequate response from regulations designed to protect workers during the current pandemic.
Within the last decade, data has surpassed oil as the world’s most valuable commodity. Earlier this year the Securities and Exchange Commission (SEC) released its observations made during audits that detailed the methods used by corporations to secure their data. This included the kinds of cybersecurity practices employed by companies as well as advice on how to better deal with sensitive data and protect against potential cyberattacks. The SEC’s observations coincide with a recent announcement from the National Security Agency (NSA) that showcases an increased concern surrounding cybersecurity in the corporate world.