Compliance Corner [June 2025]
Here is what is new in
June 2025
EVerify Mismatch Case Issue
DOL Revamping Rule Determining Contractor/Employee Status
Is OSHA Up for a Vote?
Not All Federal Reporting Requirements Have Ended
What Reports Are Required by States in Which You Do Business?
Legal Outcomes
Data Security Problems
New Privacy Frontiers in State Legislatures
High-Deductible Health Plan Caps Set for 2026
Alert: Employer Action May Be Required – EVerify Mismatch Case Issue
EVerify recently experienced a technical issue with Social Security Administration (SSA) mismatch (tentative nonconfirmation) cases that were referred between April 9 and May 5, 2025. This includes cases involving dual SSA and DHS mismatches if the employee attempted to resolve the case by visiting an SSA office but did not contact DHS.
Due to this system error, some of these cases may have incorrectly received a final nonconfirmation (FNC) even after the employee took steps to resolve the mismatch at an SSA office.
Action Required:
For any cases that received an FNC after an SSA or Dual SSA and DHS mismatch, for cases referred from April 9 to May 5, 2025, please create a new EVerify case.
If you have already created a new case and received an Employment Authorized result for an affected employee, no further action is needed.
You may notice the status message “EVerify Needs More Time” appearing longer than usual for these cases on the Case Status page.
Important
If you receive an FNC for one of these affected cases, do not take any adverse action and do not terminate employment based on that FNC result during this time.
NOTE: E-Verify Customer Support is currently experiencing a high call and email volume. [They] appreciate your patience as [they] work to resolve this issue.
EEO-1 Reporting Open
EEO-1 reporting for 2025 opened on May 20 and will close on June 24. Employers with 100 or more employees and federal contractors with 50 or more employees are required to submit the EEO-1 report by that deadline. Instructions and online assistance are available electronically at https://eeocdata.org/eeo1. The link to the “Online Filing System” (OFS) is also on that page.
DOL Revamping Rule Determining Contractor/Employee Status
The Biden Administration’s 2024 rule using six factors for determining contractor/employee status has been rescinded. Pending further developments, the 2008 Fact Sheet #13 plus Opinion Letter FLSA2019-6 (which was withdrawn under Biden but has been reinstated) will be used for those determinations. Fact Sheet #13 stated that no single rule/test will be used to determine contractor/employee status. Rather, seven factors will be used, with varying weights depending upon circumstances. Those are the following:
the extent to which the services rendered are an integral part of the principal’s business;
the permanency of the relationship;
the amount of the alleged contractor’s investment in facilities and equipment;
the nature and degree of control by the principal;
the alleged contractor’s opportunities for profit and loss;
the amount of initiative, judgment, or foresight in open market competition with others required for the success of the claimed independent contractor; and
the degree of independent business organization and operation.
Further, gig workers are classified as independent contractors per Opinion Letter 2019-6.
Is OSHA Up for a Vote?
Congressman Andy Biggs of Arizona has introduced a bill to do away with the Occupational Health and Safety Administration (OSHA). This may have a much larger impact in that it potentially challenges the legitimacy of delegating rulemaking authority to agencies rather than having that authority held in Congress. This would not mean the end of safety standards, but it would require that Congress itself set those standards to be enforced by the agency. Similar situations are found in telecommunications and other consumer-oriented industries.
Reminder: Not All Federal Reporting Requirements Have Ended
Although EO11246 has been revoked, compliance with both VEVRAA and the Rehabilitation Act is still required. VETS-4212 is due by September 30. Because of that, the following actions are required or recommended for federal contractors:
Annual notifications of federal contractor status to vendors, subcontractors, recruitment sources, unions, and the state employment service.
Collection of disability, protected veteran, race and gender data (for EEO-1, but after offers).
Outreach to protected veterans and people with disabilities.
Remove all references to Executive Order 11246 from internal documentation.
Going forward, not required but advisable:
Continue applicant tracking to have data to support any future challenges.
Examine communication and training programs to ensure they are free of bias and references to DEI.
Continue to assemble internal analytical data regarding race and gender to ensure that ongoing practices are not producing results that could be considered to be discriminatory.
What Reports Are Required by States in Which You Do Business?
Even though some federal reports are no longer required, a number of states have their own reporting requirements with which employers must comply. Some examples are the following:
Wisconsin – Requires companies contracting with the state to submit a full “AAP” – includes a written affirmative action program and workforce analytics.
California – Companies with employees in CA must submit an annual pay report, and companies that have state contracts or grants must have a non-discrimination program.
Illinois – Employers with 100 or more employees in the state of IL must apply to obtain an Equal Pay Registration Certificate, obtained by providing pay and demographic data.
Massachusetts – Employers with 100 or more employees in the state of MA must submit a copy of their EEO-1 report.
Minnesota – Requires contractors with the state of MN to apply for a Workforce Certificate, a process which includes submitting an AAP that includes analytics, goals & monitoring.
Employers should double-check the state – and even local – requirements of their business locations.
Legal Outcomes
Google Goof: A class action award of $50 million in New York was awarded to a class of African American employees headed by a woman who had been hired to perform outreach to historically black colleges and universities. Despite the mission, Google was accused of discriminating and retaliating against her and other “similarly situated” employees and requiring higher qualifications for African American applicants. Google consented to implement other related remedies as well.
A female Chief People Officer (CPO) at a Tennessee law firm was awarded almost $3.3 million after being demoted and then terminated for pointing out discriminatory practices on the part of the firm’s founder.
Data Security Problems
Guam Memorial Hospital has been fined $25,000 by the HHS Office for Civil Rights (OCR) for HIPAA security rule violations after they were hit by two ransomware attacks. OCR has conducted 11 ransomware enforcement actions – a rather disconcerting development.
The Office of the Inspector General of the Department of Veterans Affairs has found that VA has had sensitive personal and medical information about veterans that was not sufficiently protected. Corrective actions are in progress.
The streaming service ROKU has been charged by the Attorney General of Michigan with collecting, processing and disclosing sensitive information on children and has allowed third parties to do the same. ROKU has thus been in violation of the Children’s Online Privacy Protection Act (COPPA). Damages and penalties are sought in the lawsuit.
New Privacy Frontiers in State Legislatures
Several states have passed or have pending bills to protect “neural (mental) privacy.” California, Colorado and Montana have laws in place; another 15 are in process around the country. According to Cooley Law, mental privacy is defined as “the protection of data generated by or inferred from a person’s brain activity. This includes not only neurological data, but also inferences about emotions, attention, preferences and decision-making.” Companies that may well be affected are those “developing or deploying neurotechnologies, especially those involving wearables, wellness applications, biometric devices or employee productivity tools, should prepare now for a shifting compliance landscape. Legal obligations will likely vary significantly by state, sector and use case.”
This is a newly developing field with the potential to be quite intrusive, so employers should be alert for further developments, paying close attention to privacy statements and notices and to developments in their respective states. There are currently 15 bills pending in 9 different states, the most being in California.
High-Deductible Health Plan Caps Set for 2026
The IRS has announced new limits for HDHPs as follows:
Individual Coverage
Health Savings Account Maximums - $4,400
Health Savings Account Deductibles - $1,700
Family Coverage
Health Savings Account Maximums - $8,750
Health Savings Account Deductibles - $3,400
States with Pay Transparency Laws
You will know if you have to comply, fourteen states plus DC currently have pay transparency laws on the books, and ten more have bills in process. Those with such laws are CA, CO, CN, HA, Il, Md. MA, MN, NV, NJ, NY, RI VT and WA. Bills are in progress in AK, KY, ME, MI, MO, MT, OR, SD, VA and WV.
Court Dismissed Gender Identity from EEOC Guidance on Sexual Harassment
A Texas judge specifically vacated the gender identity portions of 2024 EEOC guidance on sexual harassment on the basis that EEOC exceeded its authority in by requiring compliance with gender identity concepts, which are not included in the text of Title VII and related Supreme Court decisions, all of which have “binary” references to gender.