View as Web Page

Compliance News Flash – June 15, 2018

Arnall Golden Gregory LLP is pleased to provide you with the Compliance News Flash. This weekly update is your source for timely background screening and immigration-related news that is important to your organization.

  1. If you have background screening operations in Canada and/or are collecting personal information on Canadian nationals, then read on regarding guidelines released by the Office of the Privacy Commissioner related to obtaining meaningful consent. The guidelines will apply January 1, 2019. The guidance includes a helpful checklist with “must do” and “should do” practices related to consent. Click here and here.

  2. House Bill 18-1128 was recently signed by Colorado’s governor and it addresses consumer personal information and breach notification and data security requirements. The law takes effect September 1, 2018. It amends current breach notification requirements under state law and, in addition, requires implementation of information security and disposal policies. For instance, the law requires written policies and procedures related to disposal of personal information (Sec. 1). Click here and here. For those falling under the orbit of the Fair Credit Reporting Act (FCRA) (i.e., background screeners, employers) remember that the FCRA also requires proper disposal of reports containing consumer personal information. See Section 628 of the FCRA and Title 16 part 682 

  3. The Department of Homeland Security, specifically Immigration and Customs Enforcement (ICE) continues to ramp up workplace investigations into employers’ workforce and whether they are maintaining proper documents (the Form I-9) and whether their workforce is authorized to work in the United States. In Ohio ICE targeted a gardening and landscaping company and arrested 114 workers. In Tennessee ICE agents targeted a meatpacking plant and arrested 97 individuals. Employers should consider an internal audit into their Form I-9 practices, including whether you are properly completing the Form I-9 for all new hires.

  4. Now that the European Union’s (EU) General Data Protection Regulation (GDPR) is in effect we are all waiting to see what happens with enforcement operations by EU Data Protection Authorities (DPA). The Swedish DPA is dipping its toes in the waters, performing compliance checks to see whether companies required to have a Data Protection Officer (DPO) actually have one. Fines for not meeting the DPO requirement under the GDPR can be assessed up to 10 million Euros or 2% of worldwide annual revenue. Under the GDPR, designation of a DPO is required in some instances, including if the “core activities of the controller or the processor consist of processing on a large scale of special categories of data pursuant to Article 9 and personal data relating to criminal convictions and offences referred to in Article 10.” See Article 37 of the GDPR.

  5. Continuing its string of terminations, the Department of Homeland Security announced that it is terminating Temporary Protected Status (TPS) for Honduras effective January 2020. Employers, this means that any employees working with a work permit, those work permits may be automatically extended through January 1, 2019. Click here. Other countries whose TPS designation has been terminated, meaning nationals of those countries will not be eligible for work permits after a certain date, include El Salvador, Haiti, Nepal, and Liberia.

If you have any questions or need assistance on any point raised in this Compliance News Flash please contact:

Montserrat Miller  

Montserrat C. Miller
Partner, DC Office



The information presented provides a general summary and/or recent legal and regulatory developments. It is not intended to be, and should not be relied upon as legal advice.
 ©2018. Arnall Golden Gregory LLP. All Rights Reserved. Atlanta | Washington DC

Manage your Subscription  | Forward to a Friend  | ##UNSUBSCRIBE_TEXT##